Vulnerability CVE-2014-0099 - CERT Civis.Net

Vulnerability Name:

CVE-2014-0099 (CCN-93369)

Assigned:

2013-12-03

Published:

2014-05-27

Updated:

2019-04-15

Summary:

Integer overflow in java/org/apache/tomcat/util/buf/Ascii.java in Apache Tomcat before 6.0.40, 7.x before 7.0.53, and 8.x before 8.0.4, when operated behind a reverse proxy, allows remote attackers to conduct HTTP request smuggling attacks via a crafted Content-Length HTTP header.

CVSS v3 Severity:

5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): None Availibility (A): None

CVSS v2 Severity:

4.3 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N)
3.2 Low (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): Partial Availibility (A): None

5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N)
3.7 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): None Availibility (A): None

5.8 Medium (REDHAT CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:N)
4.3 Medium (REDHAT Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:N/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): None

Vulnerability Type:

CWE-189
CWE-190
CWE-444
CWE-444

Vulnerability Consequences:

Obtain Information

References:

Source: CONFIRM
Type: UNKNOWN
http://advisories.mageia.org/MGASA-2014-0268.html

Source: MITRE
Type: CNA
CVE-2014-0099

Source: CONFIRM
Type: UNKNOWN
http://linux.oracle.com/errata/ELSA-2014-0865.html

Source: FEDORA
Type: UNKNOWN
FEDORA-2015-2109

Source: HP
Type: UNKNOWN
HPSBUX03102

Source: HP
Type: UNKNOWN
HPSBUX03150

Source: HP
Type: UNKNOWN
HPSBOV03503

Source: CCN
Type: RHSA-2014-0827
Moderate: tomcat security update

Source: CCN
Type: RHSA-2014-0834
Moderate: Red Hat JBoss Web Server 2.0.1 tomcat6 security and bug fix update

Source: CCN
Type: RHSA-2014-0835
Moderate: Red Hat JBoss Web Server 2.0.1 tomcat7 security update

Source: CCN
Type: RHSA-2014-0843
Moderate: Red Hat JBoss Enterprise Application Platform 6.2.4 security update

Source: CCN
Type: RHSA-2014-0865
Moderate: tomcat6 security and bug fix update

Source: REDHAT
Type: UNKNOWN
RHSA-2015:0675

Source: REDHAT
Type: UNKNOWN
RHSA-2015:0720

Source: REDHAT
Type: UNKNOWN
RHSA-2015:0765

Source: FULLDISC
Type: UNKNOWN
20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities

Source: FULLDISC
Type: UNKNOWN
20140527 [SECURITY] CVE-2014-0097 Apache Tomcat information disclosure

Source: FULLDISC
Type: UNKNOWN
20140527 [SECURITY] Re: [SECURITY] CVE-2014-0099 Apache Tomcat information disclosure

Source: SECUNIA
Type: UNKNOWN
59121

Source: SECUNIA
Type: UNKNOWN
59678

Source: SECUNIA
Type: UNKNOWN
59732

Source: SECUNIA
Type: UNKNOWN
59835

Source: SECUNIA
Type: UNKNOWN
59849

Source: SECUNIA
Type: UNKNOWN
59873

Source: SECUNIA
Type: UNKNOWN
60729

Source: SECUNIA
Type: UNKNOWN
60793

Source: CONFIRM
Type: UNKNOWN
http://svn.apache.org/viewvc?view=revision&revision=1578812

Source: CONFIRM
Type: UNKNOWN
http://svn.apache.org/viewvc?view=revision&revision=1578814

Source: CONFIRM
Type: UNKNOWN
http://svn.apache.org/viewvc?view=revision&revision=1580473

Source: CONFIRM
Type: Vendor Advisory
http://tomcat.apache.org/security-6.html

Source: CONFIRM
Type: Vendor Advisory
http://tomcat.apache.org/security-7.html

Source: CCN
Type: Apache Web Site
Fixed in Apache Tomcat 7.0.54

Source: CONFIRM
Type: Vendor Advisory
http://tomcat.apache.org/security-8.html

Source: CONFIRM
Type: UNKNOWN
http://www-01.ibm.com/support/docview.wss?uid=swg21678231

Source: CONFIRM
Type: UNKNOWN
http://www-01.ibm.com/support/docview.wss?uid=swg21680603

Source: CONFIRM
Type: UNKNOWN
http://www-01.ibm.com/support/docview.wss?uid=swg21681528

Source: CCN
Type: IBM Security Bulletin 1695800
Tivoli Common Reporting iFixes for CVE-2014-3566,CVE-2014-6145,CVE-2014-1568,CVE-2014-4263,CVE-2014-3513,CVE-2014-3567,CVE-2014-3568,CVE-2014-0107,CVE-2014-0075,CVE-2014-0096,CVE-2014-0099,CVE-2014-0119,CVE-2014-0878,CVE-2014-0460

Source: DEBIAN
Type: UNKNOWN
DSA-3447

Source: DEBIAN
Type: UNKNOWN
DSA-3530

Source: CCN
Type: IBM Security Bulletin N1020714
Vulnerabilities in Tomcat affect Power Hardware Management Console (CVE-2013-4444, CVE-2014-0075, CVE-2014-0095, CVE-2014-0096, CVE-2014-0099, CVE-2014-0119, CVE-2014-0227)

Source: CCN
Type: IBM Security Bulletin 1676983
Security vulnerabilities in Apache Tomcat in Rational DOORS Web Access

Source: CCN
Type: IBM Security Bulletin 1677222
Multiple Apache Tomcat vulnerabilities in IBM Algo Audit and Compliance (CVE-2014-0075, CVE-2014-0096, CVE-2014-0099, CVE-2014-0119)

Source: CCN
Type: IBM Security Bulletin 1677448
IBM OpenPages GRC Platform, multiple vulnerabilities in bundled version of Apache Tomcat

Source: CCN
Type: IBM Security Bulletin 1678135
Open Source Tomcat vulnerabilities in May 2014 X-Force Report (CVE-2014-0075, CVE-2014-0099) for RAF

Source: CCN
Type: IBM Security Bulletin 1678231
Rational Lifecycle Adapter for HP ALM Apache Tomcat fix (CVE-2013-4286, CVE-2014-0033, CVE-2013-4322, CVE-2013-4590, CVE-2014-0075, CVE-2014-0095, CVE-2014-0096, CVE-2014-0099, CVE-2014-0119)

Source: CCN
Type: IBM Security Bulletin 1678892
Tivoli Application Dependency Discovery Manager - Open Source Tomcat issues reported between March - May 2014.

Source: CCN
Type: IBM Security Bulletin 1679568
Rational Test Control Panel in Rational Test Workbench and Rational Test Virtualization Server affected by Apache Tomcat vulnerablity (CVE-2014-0075, CVE-2014-0096, CVE-2014-0099, CVE-2014-0119)

Source: CCN
Type: IBM Security Bulletin 1680603
Rational Build Forge Security Advisory (CVE-2014-0075, CVE-2014-0099)

Source: CCN
Type: IBM Security Bulletin 1681528
Apache Tomcat Vulnerabilities in IBM UrbanCode Release (CVE-2014-0075,CVE-2014-0095,CVE-2014-0096,CVE-2014-0099,CVE-2014-0119)

Source: CCN
Type: IBM Security Bulletin 1682371
Rational Reporting for Development Intelligence - Open Source Tomcat reported in May 2014 X-Force Report

Source: CCN
Type: IBM Security Bulletin 1682376
Rational Insight - Open Source Tomcat reported in May 2014 X-Force Report

Source: CCN
Type: IBM Security Bulletin 1682393
Apache Tomcat Vulnerabilities in IBM UrbanCode Deploy (CVE-2014-0075,CVE-2014-0095,CVE-2014-0096,CVE-2014-0099,CVE-2014-0119)

Source: CCN
Type: IBM Security Bulletin 1682740
Cognos BI Server is affected by the following vulnerabilities: CVE-2014-0107, CVE-2014-0075, CVE-2014-0096, CVE-2014-0099, CVE-2014-0119, CVE-2014-0878, CVE-2014-0460

Source: CCN
Type: IBM Security Bulletin 1683334
: IBM InfoSphere Guardium Database Activity Monitor is affected by CVE-2014-0075, CVE-2014-0095, CVE-2014-0096, CVE-2014-0099, CVE-2014-0119

Source: CCN
Type: IBM Security Bulletin 1683430
IBM Cognos Metrics Manager is affected by the following Tomcat vulnerabilities: CVE-2014-0075, CVE-2014-0096, CVE-2014-0099, CVE-2014-0119

Source: CCN
Type: IBM Security Bulletin 1683445
IBM Rational Connector for SAP Solution Manager (CVE-2014-0075, CVE-2014-0095, CVE-2014-0096, CVE-2014-0099, CVE-2014-0119)

Source: CCN
Type: IBM Security Bulletin 1684768
Rational Directory Server and Rational Directory Administrator can be affected by vulnerabilities (CVE-2014-4263, CVE-2014-0075, CVE-2014-0096, CVE-2014-0099 and CVE-2014-0119)

Source: CCN
Type: IBM Security Bulletin 1684910
IBM Cognos Business Viewpoint is affected by the following Apache Tomcat vulnerabilities (CVE-2014-0075, CVE-2014-0095, CVE-2014-0096. CVE-2014-0099, CVE-2014-0119)

Source: CCN
Type: IBM Security Bulletin 1685137
Websphere Message Broker and IBM Integration Bus are affected by Open Source Tomcat

Source: CCN
Type: IBM Security Bulletin 1686477
Multiple Apache Tomcat vulnerabilities in QRadar (CVE-2014-0075, CVE-2014-0095, CVE-2014-0096, CVE-2014-0099, CVE-2014-0119)

Source: CCN
Type: IBM Security Bulletin 1692154
Security vulnerabilities in Apache Tomcat affects multiple IBM Rational products based on IBM's Jazz technology (CVE-2014-0075, CVE-2014-0095, CVE-2014-0096, CVE-2014-0099, CVE-2014-0119,)

Source: CCN
Type: IBM Security Bulletin 1692277
IBM Algo One is affected by multiple Open Source Tomcat security vulnerabilities reported in May 2014 X-Force Report (CVE-2014-0096, CVE-2014-0099, CVE-2014-0119).

Source: CCN
Type: IBM Security Bulletin 1693076
IBM Cognos TM1 is affected by the following Tomcat vulnerabilities: CVE-2014-0075, CVE-2014-0099

Source: CCN
Type: IBM Security Bulletin 1693651
Vulnerabilities in Sametime Unified Telephony (OpenSSL: CVE-2014-3508 to CVE-2014-3512, CVE-2014-5139. Apache Tomcat: CVE-2014-0099, CVE-2014-0119, CVE-2013-4444)

Source: CCN
Type: IBM Security Bulletin 1976103
Multiple Security Vulnerabilities in Apache Tomcat affect IBM RLKS Administration and Reporting Tool

Source: MANDRIVA
Type: UNKNOWN
MDVSA-2015:052

Source: MANDRIVA
Type: UNKNOWN
MDVSA-2015:053

Source: MANDRIVA
Type: UNKNOWN
MDVSA-2015:084

Source: CCN
Type: Oracle CPUOct2016
Oracle Critical Patch Update Advisory - October 2016

Source: CONFIRM
Type: UNKNOWN
http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html

Source: CONFIRM
Type: UNKNOWN
http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html

Source: CCN
Type: OSVDB ID: 107452
Apache Tomcat Content Length Header Parsing Request Smuggling

Source: BUGTRAQ
Type: UNKNOWN
20140527 [SECURITY] CVE-2014-0097 Apache Tomcat information disclosure

Source: BUGTRAQ
Type: UNKNOWN
20140527 Re: [SECURITY] CVE-2014-0099 Apache Tomcat information disclosure

Source: BUGTRAQ
Type: UNKNOWN
20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities

Source: BID
Type: UNKNOWN
67668

Source: CCN
Type: BID-67668
Apache Tomcat CVE-2014-0099 Request Processing Information Disclosure Vulnerability

Source: SECTRACK
Type: UNKNOWN
1030302

Source: CONFIRM
Type: UNKNOWN
http://www.vmware.com/security/advisories/VMSA-2014-0012.html

Source: XF
Type: UNKNOWN
tomcat-cve20140099-info-disc(93369)

Source: CONFIRM
Type: UNKNOWN
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04851013

Source: MLIST
Type: UNKNOWN
[tomcat-dev] 20190413 svn commit: r1857494 [15/20] - in /tomcat/site/trunk: ./ docs/ xdocs/

Source: MLIST
Type: UNKNOWN
[tomcat-dev] 20190325 svn commit: r1856174 [21/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/

Source: MLIST
Type: UNKNOWN
[tomcat-dev] 20190415 svn commit: r1857582 [16/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/

Source: MLIST
Type: UNKNOWN
[tomcat-dev] 20190319 svn commit: r1855831 [23/30] - in /tomcat/site/trunk: ./ docs/ xdocs/

Source: MLIST
Type: UNKNOWN
[tomcat-dev] 20200203 svn commit: r1873527 [23/30] - /tomcat/site/trunk/docs/

Source: MLIST
Type: UNKNOWN
[tomcat-dev] 20200213 svn commit: r1873980 [26/34] - /tomcat/site/trunk/docs/

Source: CCN
Type: IBM Security Bulletin 6496741 (Sterling B2B Integrator)
Apache Log4j Vulnerabilities Affect IBM Sterling B2B Integrator

Source: CCN
Type: IBM Security Bulletin 6595755 (Disconnected Log Collector)
IBM Disconnected Log Collector is vulnerable to using components with known vulnerabilities

Source: CCN
Type: IBM Security Bulletin 6858013 (Tivoli Application Dependency Discovery Manager)
TADDM affected by multiple vulnerabilities due to Apache Tomcat libraries

Source: CCN
Type: WhiteSource Vulnerability Database
CVE-2014-0099

Vulnerable Configuration:

Configuration 1:

cpe:/a:apache:tomcat:6:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.0:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.0:alpha:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.1:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.1:alpha:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.2:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.2:alpha:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.2:beta:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.3:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.4:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.4:alpha:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.5:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.6:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.6:alpha:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.7:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.7:alpha:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.7:beta:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.8:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.8:alpha:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.9:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.9:beta:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.10:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.11:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.12:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.13:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.14:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.15:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.16:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.17:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.18:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.19:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.20:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.24:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.26:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.27:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.28:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.29:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.30:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.31:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.32:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.33:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.35:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.36:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.37:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:*:*:*:*:*:*:*:* (Version <= 6.0.39)

Configuration 2:

cpe:/a:apache:tomcat:8.0.0:rc1:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:8.0.0:rc10:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:8.0.0:rc2:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:8.0.0:rc5:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:8.0.1:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:8.0.3:*:*:*:*:*:*:*

Configuration 3:

cpe:/a:apache:tomcat:7.0.0:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.0:beta:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.1:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.2:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.2:beta:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.3:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.4:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.4:beta:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.5:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.6:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.7:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.8:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.9:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.10:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.11:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.12:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.13:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.14:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.15:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.16:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.17:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.18:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.19:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.20:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.21:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.22:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.23:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.24:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.25:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.26:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.27:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.28:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.29:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.30:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.31:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.32:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.33:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.34:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.35:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.36:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.37:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.38:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.39:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.40:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.41:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.42:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.43:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.44:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.45:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.46:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.47:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.48:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.49:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.50:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.52:*:*:*:*:*:*:*

Configuration RedHat 1:

cpe:/o:redhat:enterprise_linux:7:*:*:*:*:*:*:*

Configuration RedHat 2:

cpe:/o:redhat:enterprise_linux:7::client:*:*:*:*:*

Configuration RedHat 3:

cpe:/o:redhat:enterprise_linux:7::computenode:*:*:*:*:*

Configuration RedHat 4:

cpe:/o:redhat:enterprise_linux:7::server:*:*:*:*:*

Configuration RedHat 5:

cpe:/o:redhat:enterprise_linux:7::workstation:*:*:*:*:*

Configuration RedHat 6:

cpe:/o:redhat:enterprise_linux:6:*:*:*:*:*:*:*

Configuration RedHat 7:

cpe:/o:redhat:enterprise_linux:6::client:*:*:*:*:*

Configuration RedHat 8:

cpe:/o:redhat:enterprise_linux:6::computenode:*:*:*:*:*

Configuration RedHat 9:

cpe:/o:redhat:enterprise_linux:6::server:*:*:*:*:*

Configuration RedHat 10:

cpe:/o:redhat:enterprise_linux:6::workstation:*:*:*:*:*

Configuration CCN 1:

cpe:/a:apache:tomcat:6.0.0:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.0:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:8.0.0:rc1:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.39:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.52:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:8.0.3:*:*:*:*:*:*:*

AND

cpe:/a:ibm:cognos_business_intelligence:8.4.1:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:6::server:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:6::workstation:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux_desktop:6:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux_hpc_node:6:*:*:*:*:*:*:*

OR cpe:/a:ibm:infosphere_guardium:8.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_directory_server:5.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:infosphere_guardium:9.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:cognos_business_intelligence:10.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:cognos_business_intelligence:10.1.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:cognos_business_intelligence:10.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:qradar_security_information_and_event_manager:7.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_directory_server:5.2.0.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_directory_server:5.2.0.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_directory_server:5.2.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_directory_server:5.1.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_directory_server:5.1.1.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_directory_server:5.1.1.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_insight:1.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_insight:1.1.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_insight:1.1.1.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:cognos_tm1:10.1.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_automation_framework:3.0.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_automation_framework:3.0.1.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:cognos_business_intelligence:10.2.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:qradar_security_information_and_event_manager:7.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_reporting:2.0:*:*:*:development_intelligence:*:*:*

OR cpe:/a:ibm:rational_reporting:2.0.1:*:*:*:development_intelligence:*:*:*

OR cpe:/a:ibm:rational_reporting:2.0.3:*:*:*:development_intelligence:*:*:*

OR cpe:/a:ibm:rational_reporting:2.0.4:*:*:*:development_intelligence:*:*:*

OR cpe:/a:ibm:rational_reporting:2.0.5:*:*:*:development_intelligence:*:*:*

OR cpe:/a:ibm:rational_reporting:2.0.6:*:*:*:development_intelligence:*:*:*

OR cpe:/a:ibm:rational_directory_server:6.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_directory_server:6.0.0.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:cognos_tm1:10.2.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:urbancode_deploy:6.1.0.2:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux_hpc_node:7:*:*:*:*:*:*:*

OR cpe:/a:ibm:urbancode:6.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:urbancode:6.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:urbancode:6.0.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:algo_audit_and_compliance:2.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:cognos_business_viewpoint:10.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:cognos_business_viewpoint:10.1.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_message_broker:8:*:*:*:*:*:*:*

OR cpe:/a:ibm:urbancode:6.0.0.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:urbancode:6.0.1.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:urbancode:6.0.1.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:urbancode:6.0.1.3:*:*:*:*:*:*:*

OR cpe:/a:ibm:algo_one:4.9:*:*:*:*:*:*:*

OR cpe:/a:ibm:algo_one:5.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:tivoli_application_dependency_discovery_manager:7.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:tivoli_application_dependency_discovery_manager:7.2.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:tivoli_application_dependency_discovery_manager:7.2.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_collaborative_lifecycle_management:3.0.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_collaborative_lifecycle_management:4.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:infosphere_guardium:9.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_license_key_server:8.1.4:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_license_key_server:8.1.4.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_license_key_server:8.1.4.3:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_collaborative_lifecycle_management:3.0.1.6:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_collaborative_lifecycle_management:4.0.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_collaborative_lifecycle_management:4.0.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_collaborative_lifecycle_management:4.0.3:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_collaborative_lifecycle_management:4.0.4:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_collaborative_lifecycle_management:4.0.5:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_collaborative_lifecycle_management:4.0.6:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_collaborative_lifecycle_management:5.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:tivoli_application_dependency_discovery_manager:7.1.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:algo_one:4.7:*:*:*:*:*:*:*

OR cpe:/a:ibm:algo_one:4.7.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:algo_one:4.8:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_automation_framework:3.0.1.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:urbancode_deploy:6.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:urbancode_deploy:6.0.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:urbancode_deploy:6.0.1.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:urbancode_deploy:6.0.1.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:urbancode_deploy:6.0.1.3:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_connector:4:*:*:*:sap_solution_manager:*:*:*

OR cpe:/a:ibm:rational_build_forge:7.1.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_build_forge:7.1.2.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_build_forge:7.1.2.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_build_forge:7.1.2.3:*:*:*:*:*:*:*

OR cpe:/a:ibm:openpages_grc_platform:6.0.1.5:*:*:*:*:*:*:*

OR cpe:/a:ibm:openpages_grc_platform:6.1.0.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_reporting:5.0:*:*:*:development_intelligence:*:*:*

OR cpe:/a:ibm:rational_insight:1.1.1.4:*:*:*:*:*:*:*

OR cpe:/a:ibm:algo_one:4.9.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_collaborative_lifecycle_management:4.0.7:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_collaborative_lifecycle_management:5.0.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_insight:1.1.1.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_insight:1.1.1.3:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_test_workbench:8.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_test_workbench:8.0.0.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_test_workbench:8.0.0.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_test_workbench:8.0.0.3:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_test_workbench:8.0.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_test_workbench:8.0.1.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_test_workbench:8.0.1.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_test_workbench:8.0.1.3:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_test_workbench:8.0.1.4:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_test_workbench:8.5:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_test_workbench:8.5.0.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_test_workbench:8.5.0.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:urbancode_deploy:6.0.1.4:*:*:*:*:*:*:*

OR cpe:/a:ibm:urbancode_deploy:6.0.1.5:*:*:*:*:*:*:*

OR cpe:/a:ibm:urbancode_deploy:6.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:urbancode_deploy:6.1.0.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:urbancode:6.0.1.4:*:*:*:*:*:*:*

OR cpe:/a:ibm:cognos_tm1:10.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_doors_web_access:1.4.0.4:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_doors_web_access:1.4.0.5:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_doors_web_access:1.5:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_doors_web_access:1.5.0.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_doors_web_access:9.5:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_doors_web_access:9.5.0.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_doors_web_access:9.5.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_doors_web_access:9.5.1.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_doors_web_access:9.5.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_doors_web_access:9.5.2.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_doors_web_access:9.6:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_doors_web_access:9.6.0.1:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux_desktop:7:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux_server:7:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux_workstation:7:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_license_key_server:8.1.4.4:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_license_key_server:8.1.4.5:*:*:*:*:*:*:*

OR cpe:/a:ibm:tivoli_common_reporting:2.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:tivoli_common_reporting:2.1.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:tivoli_common_reporting:3.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:tivoli_common_reporting:3.1.0.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:tivoli_common_reporting:3.1.0.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_license_key_server:8.1.4.6:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_license_key_server:8.1.4.7:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_license_key_server:8.1.4.8:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_license_key_server:8.1.4.9:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_license_key_server:8.1.4.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:sterling_b2b_integrator:6.0.0.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:sterling_b2b_integrator:5.2.0.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:tivoli_application_dependency_discovery_manager:7.3.0.0:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:20140099	V	CVE-2014-0099	2022-05-20
oval:org.opensuse.security:def:34607	P	Security update for the Linux Kernel (Important)	2021-12-02
oval:org.opensuse.security:def:32232	P	Security update for webkit2gtk3 (Important)	2021-12-01
oval:org.opensuse.security:def:34005	P	Security update for xen (Moderate)	2021-12-01
oval:org.opensuse.security:def:30132	P	Security update for libqt5-qtbase (Important)	2021-09-30
oval:org.opensuse.security:def:32999	P	Security update for grilo (Important)	2021-09-09
oval:org.opensuse.security:def:30121	P	Security update for openexr (Important)	2021-09-02
oval:org.opensuse.security:def:30120	P	Security update for bind (Moderate)	2021-08-30
oval:org.opensuse.security:def:34517	P	Security update for openssl-1_1 (Important)	2021-08-24
oval:org.opensuse.security:def:32145	P	Security update for the Linux Kernel (Live Patch 37 for SLE 12 SP3) (Important)	2021-07-21
oval:org.opensuse.security:def:34460	P	Security update for the Linux Kernel (Important)	2021-06-09
oval:org.opensuse.security:def:36312	P	tomcat6-6.0.41-0.43.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:42719	P	tomcat6-6.0.41-0.43.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:30206	P	Security update for MozillaFirefox (Important)	2021-06-08
oval:org.opensuse.security:def:26065	P	Security update for polkit (Important)	2021-06-03
oval:org.opensuse.security:def:32912	P	Security update for python36 (Moderate)	2021-05-04
oval:org.opensuse.security:def:32088	P	Security update for bind (Important)	2021-05-04
oval:org.opensuse.security:def:31609	P	Security update for sudo (Important)	2021-04-20
oval:org.opensuse.security:def:28963	P	Security update for openssl (Moderate)	2021-03-24
oval:org.opensuse.security:def:34044	P	Security update for wavpack (Important)	2021-03-24
oval:org.opensuse.security:def:26203	P	Security update for openldap2 (Important)	2021-03-03
oval:org.opensuse.security:def:26146	P	Security update for python3 (Important)	2021-02-08
oval:org.opensuse.security:def:29956	P	Security update for xen (Important)	2020-12-10
oval:org.opensuse.security:def:35620	P	openssh-5.1p1-41.31.36 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35661	P	OpenEXR-1.6.1-83.17.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:31778	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:29257	P	Security update for tomcat6 (Important)	2020-12-01
oval:org.opensuse.security:def:32761	P	pam on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26540	P	enscript on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31864	P	Security update for curl (Moderate)	2020-12-01
oval:org.opensuse.security:def:34766	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:26637	P	ruby on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28527	P	Security update for wget (Moderate)	2020-12-01
oval:org.opensuse.security:def:34912	P	Security update for e2fsprogs (Moderate)	2020-12-01
oval:org.opensuse.security:def:25861	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:30427	P	Security update for xorg-x11-libs (Moderate)	2020-12-01
oval:org.opensuse.security:def:33261	P	strongswan on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28737	P	Security update for lcms2	2020-12-01
oval:org.opensuse.security:def:32444	P	Security update for xen (Important)	2020-12-01
oval:org.opensuse.security:def:25937	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:30726	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:33367	P	Security update for sblim-sfcb (Moderate)	2020-12-01
oval:org.opensuse.security:def:34131	P	Security update for ntp (Important)	2020-12-01
oval:org.opensuse.security:def:32554	P	libltdl7 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:32536	P	kdelibs3 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:30869	P	Security update for evolution-data-server	2020-12-01
oval:org.opensuse.security:def:34362	P	Security update for tcpdump	2020-12-01
oval:org.opensuse.security:def:29218	P	Security update for php53 (Important)	2020-12-01
oval:org.opensuse.security:def:33275	P	tomcat6 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:32626	P	OpenEXR on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26491	P	Security update for nextcloud (Moderate)	2020-12-01
oval:org.opensuse.security:def:31571	P	Security update for strongswan (Moderate)	2020-12-01
oval:org.opensuse.security:def:31790	P	Security update for MozillaFirefox (Moderate)	2020-12-01
oval:org.opensuse.security:def:29318	P	Security update for compat-openssl097g	2020-12-01
oval:org.opensuse.security:def:26593	P	libnetpbm10 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28526	P	Security update for wget (Moderate)	2020-12-01
oval:org.opensuse.security:def:34873	P	Security update for CUPS	2020-12-01
oval:org.opensuse.security:def:30338	P	Security update for transfig (Low)	2020-12-01
oval:org.opensuse.security:def:33212	P	nagios-plugins on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27310	P	tomcat6 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28606	P	Security update for Xen	2020-12-01
oval:org.opensuse.security:def:32388	P	Security update for tomcat6 (Important)	2020-12-01
oval:org.opensuse.security:def:34982	P	Security update for ghostscript-library (Moderate)	2020-12-01
oval:org.opensuse.security:def:25873	P	Security update for libcares2 (Low)	2020-12-01
oval:org.opensuse.security:def:30571	P	Security update for libxslt	2020-12-01
oval:org.opensuse.security:def:33323	P	Security update for curl (Important)	2020-12-01
oval:org.opensuse.security:def:34130	P	Security update for ntp (Important)	2020-12-01
oval:org.opensuse.security:def:28879	P	security update for xen (Moderate)	2020-12-01
oval:org.opensuse.security:def:32532	P	java-1_4_2-ibm on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:30830	P	Security update for curl (Moderate)	2020-12-01
oval:org.opensuse.security:def:34226	P	Security update for php5 (Moderate)	2020-12-01
oval:org.opensuse.security:def:29169	P	Security update for mailman (Important)	2020-12-01
oval:org.opensuse.security:def:33236	P	ppc64-diag on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:32548	P	libarchive2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26438	P	Security update for ansible (Moderate)	2020-12-01
oval:org.opensuse.security:def:30933	P	Recommended update for ghostscript-library (Important)	2020-12-01
oval:org.opensuse.security:def:31779	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:29274	P	Security update for xen (Important)	2020-12-01
oval:org.opensuse.security:def:32855	P	evince on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26579	P	libMagickCore1-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31996	P	Security update for java-1_7_1-ibm (Moderate)	2020-12-01
oval:org.opensuse.security:def:34824	P	Security update for augeas (Moderate)	2020-12-01
oval:org.opensuse.security:def:29992	P	Security update for tomcat6	2020-12-01
oval:org.opensuse.security:def:33155	P	libicu-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27275	P	pure-ftpd on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28538	P	Security update for coreutils	2020-12-01
oval:org.opensuse.security:def:34938	P	Security update for Mozilla Firefox	2020-12-01
oval:org.opensuse.security:def:25862	P	Recommended update for mariadb (Important)	2020-12-01
oval:org.opensuse.security:def:30484	P	Security update for clamav	2020-12-01
oval:org.opensuse.security:def:33300	P	xorg-x11-libXv-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28822	P	Security update for python-lxml	2020-12-01
oval:org.opensuse.security:def:32493	P	bzip2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:30781	P	Security update for bind	2020-12-01
oval:org.opensuse.security:def:34142	P	Security update for openldap2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:29115	P	Security update for java-1_7_0-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:32598	P	python on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:32537	P	kdelibs4 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26287	P	Security update for zeromq (Moderate)	2020-12-01
oval:org.opensuse.security:def:30889	P	Security update for Mozilla Firefox	2020-12-01
oval:org.cisecurity:def:585	P	DSA-3530-1 -- tomcat6 -- security update	2016-07-01
oval:org.mitre.oval:def:27293	P	ELSA-2014-0865 -- tomcat6 security and bug fix update (moderate)	2014-12-15
oval:org.mitre.oval:def:26971	V	HP-UX Apache Server Suite running Apache Tomcat or PHP, Remote Denial of Service (DoS) and Other Vulnerabilities	2014-12-15
oval:org.mitre.oval:def:27263	P	ELSA-2014-0827 -- tomcat security update (moderate)	2014-12-15
oval:org.mitre.oval:def:26443	P	SUSE-SU-2014:1015-1 -- Security update for tomcat6	2014-10-27
oval:org.mitre.oval:def:26063	P	USN-2302-1 -- tomcat6, tomcat7 vulnerabilities	2014-09-15
oval:org.mitre.oval:def:24427	P	RHSA-2014:0827: tomcat security update (Moderate)	2014-09-08
oval:org.mitre.oval:def:24883	P	RHSA-2014:0865: tomcat6 security and bug fix update (Moderate)	2014-09-01
oval:com.redhat.rhsa:def:20140865	P	RHSA-2014:0865: tomcat6 security and bug fix update (Moderate)	2014-07-09
oval:com.redhat.rhsa:def:20140827	P	RHSA-2014:0827: tomcat security update (Moderate)	2014-07-02
oval:com.ubuntu.precise:def:20140099000	V	CVE-2014-0099 on Ubuntu 12.04 LTS (precise) - medium.	2014-05-31
oval:com.ubuntu.trusty:def:20140099000	V	CVE-2014-0099 on Ubuntu 14.04 LTS (trusty) - medium.	2014-05-31
oval:com.ubuntu.bionic:def:201400990000000	V	CVE-2014-0099 on Ubuntu 18.04 LTS (bionic) - medium.	2014-05-31
oval:com.ubuntu.artful:def:20140099000	V	CVE-2014-0099 on Ubuntu 17.10 (artful) - medium.	2014-05-31
oval:com.ubuntu.xenial:def:20140099000	V	CVE-2014-0099 on Ubuntu 16.04 LTS (xenial) - medium.	2014-05-31
oval:com.ubuntu.xenial:def:201400990000000	V	CVE-2014-0099 on Ubuntu 16.04 LTS (xenial) - medium.	2014-05-31
oval:com.ubuntu.bionic:def:20140099000	V	CVE-2014-0099 on Ubuntu 18.04 LTS (bionic) - medium.	2014-05-31