Vulnerability CVE-2014-0119 - CERT Civis.Net

Vulnerability Name:

CVE-2014-0119 (CCN-93368)

Assigned:

2013-12-03

Published:

2014-05-27

Updated:

2019-04-15

Summary:

Apache Tomcat before 6.0.40, 7.x before 7.0.54, and 8.x before 8.0.6 does not properly constrain the class loader that accesses the XML parser used with an XSLT stylesheet, which allows remote attackers to (1) read arbitrary files via a crafted web application that provides an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue, or (2) read files associated with different web applications on a single Tomcat instance via a crafted web application.

CVSS v3 Severity:

5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): None Availibility (A): None

CVSS v2 Severity:

4.3 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N)
3.2 Low (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): None Availibility (A): None

5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N)
3.7 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): None Availibility (A): None

2.1 Low (REDHAT CVSS v2 Vector: AV:N/AC:H/Au:S/C:P/I:N/A:N)
1.6 Low (REDHAT Temporal CVSS v2 Vector: AV:N/AC:H/Au:S/C:P/I:N/A:N/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): High Authentication (Au): Single_Instance
Impact Metrics:	Confidentiality (C): Partial Integrity (I): None Availibility (A): None

Vulnerability Type:

CWE-264
CWE-470

Vulnerability Consequences:

Obtain Information

References:

Source: CONFIRM
Type: UNKNOWN
http://advisories.mageia.org/MGASA-2014-0268.html

Source: MITRE
Type: CNA
CVE-2014-0119

Source: HP
Type: UNKNOWN
HPSBUX03102

Source: HP
Type: UNKNOWN
HPSBOV03503

Source: CCN
Type: RHSA-2014-0843
Moderate: Red Hat JBoss Enterprise Application Platform 6.2.4 security update

Source: CCN
Type: RHSA-2014-1034
Low: tomcat security update

Source: CCN
Type: RHSA-2014-1038
Low: tomcat6 security update

Source: CCN
Type: RHSA-2014-1087
Important: Red Hat JBoss Web Server 2.1.0 update

Source: CCN
Type: RHSA-2014-1088
Important: Red Hat JBoss Web Server 2.1.0 update

Source: REDHAT
Type: UNKNOWN
RHSA-2015:0675

Source: REDHAT
Type: UNKNOWN
RHSA-2015:0720

Source: REDHAT
Type: UNKNOWN
RHSA-2015:0765

Source: FULLDISC
Type: UNKNOWN
20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities

Source: FULLDISC
Type: UNKNOWN
20140527 [SECURITY] CVE-2014-0119 Apache Tomcat information disclosure

Source: SECUNIA
Type: UNKNOWN
59732

Source: SECUNIA
Type: UNKNOWN
59873

Source: SECUNIA
Type: UNKNOWN
60729

Source: CONFIRM
Type: UNKNOWN
http://svn.apache.org/viewvc?view=revision&revision=1588193

Source: CONFIRM
Type: UNKNOWN
http://svn.apache.org/viewvc?view=revision&revision=1588199

Source: CONFIRM
Type: UNKNOWN
http://svn.apache.org/viewvc?view=revision&revision=1589640

Source: CONFIRM
Type: UNKNOWN
http://svn.apache.org/viewvc?view=revision&revision=1589837

Source: CONFIRM
Type: UNKNOWN
http://svn.apache.org/viewvc?view=revision&revision=1589980

Source: CONFIRM
Type: UNKNOWN
http://svn.apache.org/viewvc?view=revision&revision=1589983

Source: CONFIRM
Type: UNKNOWN
http://svn.apache.org/viewvc?view=revision&revision=1589985

Source: CONFIRM
Type: UNKNOWN
http://svn.apache.org/viewvc?view=revision&revision=1589990

Source: CONFIRM
Type: UNKNOWN
http://svn.apache.org/viewvc?view=revision&revision=1589992

Source: CONFIRM
Type: UNKNOWN
http://svn.apache.org/viewvc?view=revision&revision=1589997

Source: CONFIRM
Type: UNKNOWN
http://svn.apache.org/viewvc?view=revision&revision=1590028

Source: CONFIRM
Type: UNKNOWN
http://svn.apache.org/viewvc?view=revision&revision=1590036

Source: CONFIRM
Type: UNKNOWN
http://svn.apache.org/viewvc?view=revision&revision=1593815

Source: CONFIRM
Type: UNKNOWN
http://svn.apache.org/viewvc?view=revision&revision=1593821

Source: CONFIRM
Type: Vendor Advisory
http://tomcat.apache.org/security-6.html

Source: CCN
Type: Apache Web Site
Fixed in Apache Tomcat 7.0.54

Source: CONFIRM
Type: Vendor Advisory
http://tomcat.apache.org/security-7.html

Source: CONFIRM
Type: Vendor Advisory
http://tomcat.apache.org/security-8.html

Source: CONFIRM
Type: UNKNOWN
http://www-01.ibm.com/support/docview.wss?uid=swg21678231

Source: CONFIRM
Type: UNKNOWN
http://www-01.ibm.com/support/docview.wss?uid=swg21681528

Source: CCN
Type: IBM Security Bulletin 1695800
Tivoli Common Reporting iFixes for CVE-2014-3566,CVE-2014-6145,CVE-2014-1568,CVE-2014-4263,CVE-2014-3513,CVE-2014-3567,CVE-2014-3568,CVE-2014-0107,CVE-2014-0075,CVE-2014-0096,CVE-2014-0099,CVE-2014-0119,CVE-2014-0878,CVE-2014-0460

Source: DEBIAN
Type: UNKNOWN
DSA-3530

Source: DEBIAN
Type: UNKNOWN
DSA-3552

Source: CCN
Type: IBM Security Bulletin N1020714
Vulnerabilities in Tomcat affect Power Hardware Management Console (CVE-2013-4444, CVE-2014-0075, CVE-2014-0095, CVE-2014-0096, CVE-2014-0099, CVE-2014-0119, CVE-2014-0227)

Source: CCN
Type: IBM Security Bulletin 1676983
Security vulnerabilities in Apache Tomcat in Rational DOORS Web Access

Source: CCN
Type: IBM Security Bulletin 1677222
Multiple Apache Tomcat vulnerabilities in IBM Algo Audit and Compliance (CVE-2014-0075, CVE-2014-0096, CVE-2014-0099, CVE-2014-0119)

Source: CCN
Type: IBM Security Bulletin 1677448
IBM OpenPages GRC Platform, multiple vulnerabilities in bundled version of Apache Tomcat

Source: CCN
Type: IBM Security Bulletin 1678231
Rational Lifecycle Adapter for HP ALM Apache Tomcat fix (CVE-2013-4286, CVE-2014-0033, CVE-2013-4322, CVE-2013-4590, CVE-2014-0075, CVE-2014-0095, CVE-2014-0096, CVE-2014-0099, CVE-2014-0119)

Source: CCN
Type: IBM Security Bulletin 1678892
Tivoli Application Dependency Discovery Manager - Open Source Tomcat issues reported between March - May 2014.

Source: CCN
Type: IBM Security Bulletin 1679568
Rational Test Control Panel in Rational Test Workbench and Rational Test Virtualization Server affected by Apache Tomcat vulnerablity (CVE-2014-0075, CVE-2014-0096, CVE-2014-0099, CVE-2014-0119)

Source: CCN
Type: IBM Security Bulletin 1681528
Apache Tomcat Vulnerabilities in IBM UrbanCode Release (CVE-2014-0075,CVE-2014-0095,CVE-2014-0096,CVE-2014-0099,CVE-2014-0119)

Source: CCN
Type: IBM Security Bulletin 1682371
Rational Reporting for Development Intelligence - Open Source Tomcat reported in May 2014 X-Force Report

Source: CCN
Type: IBM Security Bulletin 1682376
Rational Insight - Open Source Tomcat reported in May 2014 X-Force Report

Source: CCN
Type: IBM Security Bulletin 1682393
Apache Tomcat Vulnerabilities in IBM UrbanCode Deploy (CVE-2014-0075,CVE-2014-0095,CVE-2014-0096,CVE-2014-0099,CVE-2014-0119)

Source: CCN
Type: IBM Security Bulletin 1682740
Cognos BI Server is affected by the following vulnerabilities: CVE-2014-0107, CVE-2014-0075, CVE-2014-0096, CVE-2014-0099, CVE-2014-0119, CVE-2014-0878, CVE-2014-0460

Source: CCN
Type: IBM Security Bulletin 1683334
: IBM InfoSphere Guardium Database Activity Monitor is affected by CVE-2014-0075, CVE-2014-0095, CVE-2014-0096, CVE-2014-0099, CVE-2014-0119

Source: CCN
Type: IBM Security Bulletin 1683430
IBM Cognos Metrics Manager is affected by the following Tomcat vulnerabilities: CVE-2014-0075, CVE-2014-0096, CVE-2014-0099, CVE-2014-0119

Source: CCN
Type: IBM Security Bulletin 1683445
IBM Rational Connector for SAP Solution Manager (CVE-2014-0075, CVE-2014-0095, CVE-2014-0096, CVE-2014-0099, CVE-2014-0119)

Source: CCN
Type: IBM Security Bulletin 1684768
Rational Directory Server and Rational Directory Administrator can be affected by vulnerabilities (CVE-2014-4263, CVE-2014-0075, CVE-2014-0096, CVE-2014-0099 and CVE-2014-0119)

Source: CCN
Type: IBM Security Bulletin 1684910
IBM Cognos Business Viewpoint is affected by the following Apache Tomcat vulnerabilities (CVE-2014-0075, CVE-2014-0095, CVE-2014-0096. CVE-2014-0099, CVE-2014-0119)

Source: CCN
Type: IBM Security Bulletin 1686477
Multiple Apache Tomcat vulnerabilities in QRadar (CVE-2014-0075, CVE-2014-0095, CVE-2014-0096, CVE-2014-0099, CVE-2014-0119)

Source: CCN
Type: IBM Security Bulletin 1688095
Security vulnerabilities in Apache Tomcat for WebSphere Application Server Community Edition 2.1.1.6 and 3.0.0.4CVE-2014-0075, CVE-2014-0096 and CVE-2014-0119

Source: CCN
Type: IBM Security Bulletin 1689761
Apache Tomcat vulnerability in Policy Tester (CVE-2014-0119)

Source: CCN
Type: IBM Security Bulletin 1689762
Apache Tomcat vulnerability in AppScan Enterprise (CVE-2014-0119)

Source: CCN
Type: IBM Security Bulletin 1691579
Vulnerabilities in tomcat affect SmartCloud Provisioning 2.1 for IBM Provided Software Virtual Appliance (CVE-2013-4590, CVE-2014-0119)

Source: CCN
Type: IBM Security Bulletin 1692154
Security vulnerabilities in Apache Tomcat affects multiple IBM Rational products based on IBM's Jazz technology (CVE-2014-0075, CVE-2014-0095, CVE-2014-0096, CVE-2014-0099, CVE-2014-0119,)

Source: CCN
Type: IBM Security Bulletin 1692277
IBM Algo One is affected by multiple Open Source Tomcat security vulnerabilities reported in May 2014 X-Force Report (CVE-2014-0096, CVE-2014-0099, CVE-2014-0119).

Source: CCN
Type: IBM Security Bulletin 1693651
Vulnerabilities in Sametime Unified Telephony (OpenSSL: CVE-2014-3508 to CVE-2014-3512, CVE-2014-5139. Apache Tomcat: CVE-2014-0099, CVE-2014-0119, CVE-2013-4444)

Source: CCN
Type: IBM Security Bulletin 1976103
Multiple Security Vulnerabilities in Apache Tomcat affect IBM RLKS Administration and Reporting Tool

Source: MANDRIVA
Type: UNKNOWN
MDVSA-2015:052

Source: MANDRIVA
Type: UNKNOWN
MDVSA-2015:053

Source: MANDRIVA
Type: UNKNOWN
MDVSA-2015:084

Source: CCN
Type: Oracle CPUOct2016
Oracle Critical Patch Update Advisory - October 2016

Source: CONFIRM
Type: UNKNOWN
http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html

Source: CONFIRM
Type: UNKNOWN
http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html

Source: CCN
Type: Oracle Critical Patch Update Advisory - October 2014
Oracle Critical Patch Update Advisory - October 2014

Source: CONFIRM
Type: UNKNOWN
http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html

Source: CCN
Type: OSVDB ID: 107453
Apache Tomcat Crafted XML Parser External Entities Limit Bypass Cross-application Information Disclosure

Source: BUGTRAQ
Type: UNKNOWN
20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities

Source: BID
Type: UNKNOWN
67669

Source: CCN
Type: BID-67669
Apache Tomcat CVE-2014-0119 XML External Entity Information Disclosure Vulnerability

Source: SECTRACK
Type: UNKNOWN
1030298

Source: UBUNTU
Type: UNKNOWN
USN-2654-1

Source: CONFIRM
Type: UNKNOWN
http://www.vmware.com/security/advisories/VMSA-2014-0012.html

Source: XF
Type: UNKNOWN
tomcat-cve20140119-info-disc(93368)

Source: CONFIRM
Type: UNKNOWN
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04851013

Source: MLIST
Type: UNKNOWN
[tomcat-dev] 20190413 svn commit: r1857494 [15/20] - in /tomcat/site/trunk: ./ docs/ xdocs/

Source: MLIST
Type: UNKNOWN
[tomcat-dev] 20190325 svn commit: r1856174 [21/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/

Source: MLIST
Type: UNKNOWN
[tomcat-dev] 20190415 svn commit: r1857582 [16/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/

Source: MLIST
Type: UNKNOWN
[tomcat-dev] 20190319 svn commit: r1855831 [23/30] - in /tomcat/site/trunk: ./ docs/ xdocs/

Source: MLIST
Type: UNKNOWN
[tomcat-dev] 20200203 svn commit: r1873527 [23/30] - /tomcat/site/trunk/docs/

Source: MLIST
Type: UNKNOWN
[tomcat-dev] 20200213 svn commit: r1873980 [26/34] - /tomcat/site/trunk/docs/

Source: MLIST
Type: UNKNOWN
[tomcat-dev] 20200213 svn commit: r1873980 [27/34] - /tomcat/site/trunk/docs/

Source: CCN
Type: IBM Security Bulletin 6496741 (Sterling B2B Integrator)
Apache Log4j Vulnerabilities Affect IBM Sterling B2B Integrator

Source: CCN
Type: IBM Security Bulletin 6595755 (Disconnected Log Collector)
IBM Disconnected Log Collector is vulnerable to using components with known vulnerabilities

Source: CCN
Type: IBM Security Bulletin 6858013 (Tivoli Application Dependency Discovery Manager)
TADDM affected by multiple vulnerabilities due to Apache Tomcat libraries

Source: CCN
Type: WhiteSource Vulnerability Database
CVE-2014-0119

Vulnerable Configuration:

Configuration 1:

cpe:/a:apache:tomcat:8.0.0:rc1:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:8.0.0:rc10:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:8.0.0:rc2:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:8.0.0:rc5:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:8.0.1:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:8.0.3:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:8.0.5:*:*:*:*:*:*:*

Configuration 2:

cpe:/a:apache:tomcat:6:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.0:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.0:alpha:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.1:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.1:alpha:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.2:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.2:alpha:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.2:beta:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.3:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.4:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.4:alpha:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.5:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.6:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.6:alpha:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.7:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.7:alpha:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.7:beta:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.8:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.8:alpha:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.9:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.9:beta:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.10:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.11:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.12:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.13:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.14:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.15:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.16:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.17:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.18:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.19:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.20:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.24:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.26:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.27:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.28:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.29:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.30:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.31:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.32:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.33:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.35:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.36:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.37:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:*:*:*:*:*:*:*:* (Version <= 6.0.39)

Configuration 3:

cpe:/a:apache:tomcat:7.0.0:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.0:beta:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.1:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.2:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.2:beta:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.3:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.4:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.4:beta:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.5:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.6:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.7:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.8:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.9:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.10:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.11:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.12:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.13:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.14:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.15:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.16:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.17:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.18:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.19:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.20:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.21:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.22:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.23:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.24:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.25:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.26:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.27:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.28:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.29:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.30:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.31:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.32:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.33:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.34:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.35:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.36:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.37:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.38:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.39:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.40:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.41:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.42:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.43:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.44:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.45:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.46:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.47:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.48:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.49:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.50:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.52:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.53:*:*:*:*:*:*:*

Configuration RedHat 1:

cpe:/o:redhat:enterprise_linux:7:*:*:*:*:*:*:*

Configuration RedHat 2:

cpe:/o:redhat:enterprise_linux:7::client:*:*:*:*:*

Configuration RedHat 3:

cpe:/o:redhat:enterprise_linux:7::computenode:*:*:*:*:*

Configuration RedHat 4:

cpe:/o:redhat:enterprise_linux:7::server:*:*:*:*:*

Configuration RedHat 5:

cpe:/o:redhat:enterprise_linux:7::workstation:*:*:*:*:*

Configuration RedHat 6:

cpe:/o:redhat:enterprise_linux:6:*:*:*:*:*:*:*

Configuration RedHat 7:

cpe:/o:redhat:enterprise_linux:6::client:*:*:*:*:*

Configuration RedHat 8:

cpe:/o:redhat:enterprise_linux:6::computenode:*:*:*:*:*

Configuration RedHat 9:

cpe:/o:redhat:enterprise_linux:6::server:*:*:*:*:*

Configuration RedHat 10:

cpe:/o:redhat:enterprise_linux:6::workstation:*:*:*:*:*

Configuration CCN 1:

cpe:/a:apache:tomcat:6.0.0:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.0:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:8.0.0:rc1:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:6.0.39:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.52:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:8.0.3:*:*:*:*:*:*:*

AND

cpe:/a:ibm:cognos_business_intelligence:8.4.1:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:6::server:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:6::workstation:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux_desktop:6:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux_hpc_node:6:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_policy_tester:8.5:*:*:*:*:*:*:*

OR cpe:/a:ibm:infosphere_guardium:8.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_directory_server:5.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:security_appscan:8.6:*:*:*:enterprise:*:*:*

OR cpe:/a:ibm:infosphere_guardium:9.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:cognos_business_intelligence:10.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:cognos_business_intelligence:10.1.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:cognos_business_intelligence:10.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:qradar_security_information_and_event_manager:7.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_directory_server:5.2.0.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_directory_server:5.2.0.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_directory_server:5.2.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_directory_server:5.1.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_directory_server:5.1.1.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_directory_server:5.1.1.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_insight:1.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_insight:1.1.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_insight:1.1.1.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:security_appscan:8.7.0.0:-:enterprise:*:*:*:*:*

OR cpe:/a:ibm:cognos_business_intelligence:10.2.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:smartcloud_provisioning:2.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:smartcloud_provisioning:2.1.0.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:qradar_security_information_and_event_manager:7.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:security_appscan:8.8:*:*:*:enterprise:*:*:*

OR cpe:/a:ibm:rational_reporting:2.0:*:*:*:development_intelligence:*:*:*

OR cpe:/a:ibm:rational_reporting:2.0.1:*:*:*:development_intelligence:*:*:*

OR cpe:/a:ibm:rational_reporting:2.0.3:*:*:*:development_intelligence:*:*:*

OR cpe:/a:ibm:rational_reporting:2.0.4:*:*:*:development_intelligence:*:*:*

OR cpe:/a:ibm:rational_reporting:2.0.5:*:*:*:development_intelligence:*:*:*

OR cpe:/a:ibm:rational_reporting:2.0.6:*:*:*:development_intelligence:*:*:*

OR cpe:/a:ibm:rational_directory_server:6.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_directory_server:6.0.0.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:urbancode_deploy:6.1.0.2:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux_hpc_node:7:*:*:*:*:*:*:*

OR cpe:/a:ibm:urbancode:6.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:urbancode:6.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:urbancode:6.0.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:algo_audit_and_compliance:2.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:cognos_business_viewpoint:10.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:cognos_business_viewpoint:10.1.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:urbancode:6.0.0.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:urbancode:6.0.1.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:urbancode:6.0.1.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:urbancode:6.0.1.3:*:*:*:*:*:*:*

OR cpe:/a:ibm:algo_one:4.9:*:*:*:*:*:*:*

OR cpe:/a:ibm:algo_one:5.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:security_appscan:9.0:*:*:*:enterprise:*:*:*

OR cpe:/a:ibm:smartcloud_provisioning:2.1.0.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:smartcloud_provisioning:2.1.0.3:*:*:*:*:*:*:*

OR cpe:/a:ibm:tivoli_application_dependency_discovery_manager:7.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:tivoli_application_dependency_discovery_manager:7.2.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:tivoli_application_dependency_discovery_manager:7.2.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_application_server:3.0.0.4:-:community:*:*:*:*:*

OR cpe:/a:ibm:rational_collaborative_lifecycle_management:3.0.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_collaborative_lifecycle_management:4.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:infosphere_guardium:9.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_license_key_server:8.1.4:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_license_key_server:8.1.4.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_license_key_server:8.1.4.3:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_collaborative_lifecycle_management:3.0.1.6:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_collaborative_lifecycle_management:4.0.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_collaborative_lifecycle_management:4.0.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_collaborative_lifecycle_management:4.0.3:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_collaborative_lifecycle_management:4.0.4:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_collaborative_lifecycle_management:4.0.5:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_collaborative_lifecycle_management:4.0.6:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_collaborative_lifecycle_management:5.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:tivoli_application_dependency_discovery_manager:7.1.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:algo_one:4.7:*:*:*:*:*:*:*

OR cpe:/a:ibm:algo_one:4.7.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:algo_one:4.8:*:*:*:*:*:*:*

OR cpe:/a:ibm:urbancode_deploy:6.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:urbancode_deploy:6.0.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:urbancode_deploy:6.0.1.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:urbancode_deploy:6.0.1.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:urbancode_deploy:6.0.1.3:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_connector:4:*:*:*:sap_solution_manager:*:*:*

OR cpe:/a:ibm:openpages_grc_platform:6.0.1.5:*:*:*:*:*:*:*

OR cpe:/a:ibm:openpages_grc_platform:6.1.0.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_reporting:5.0:*:*:*:development_intelligence:*:*:*

OR cpe:/a:ibm:rational_insight:1.1.1.4:*:*:*:*:*:*:*

OR cpe:/a:ibm:algo_one:4.9.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_collaborative_lifecycle_management:4.0.7:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_collaborative_lifecycle_management:5.0.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_insight:1.1.1.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_insight:1.1.1.3:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_test_workbench:8.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_test_workbench:8.0.0.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_test_workbench:8.0.0.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_test_workbench:8.0.0.3:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_test_workbench:8.0.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_test_workbench:8.0.1.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_test_workbench:8.0.1.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_test_workbench:8.0.1.3:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_test_workbench:8.0.1.4:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_test_workbench:8.5:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_test_workbench:8.5.0.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_test_workbench:8.5.0.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:urbancode_deploy:6.0.1.4:*:*:*:*:*:*:*

OR cpe:/a:ibm:urbancode_deploy:6.0.1.5:*:*:*:*:*:*:*

OR cpe:/a:ibm:urbancode_deploy:6.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:urbancode_deploy:6.1.0.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:urbancode:6.0.1.4:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_doors_web_access:1.4.0.4:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_doors_web_access:1.4.0.5:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_doors_web_access:1.5:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_doors_web_access:1.5.0.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_doors_web_access:9.5:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_doors_web_access:9.5.0.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_doors_web_access:9.5.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_doors_web_access:9.5.1.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_doors_web_access:9.5.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_doors_web_access:9.5.2.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_doors_web_access:9.6:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_doors_web_access:9.6.0.1:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux_desktop:7:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux_server:7:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux_workstation:7:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_license_key_server:8.1.4.4:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_license_key_server:8.1.4.5:*:*:*:*:*:*:*

OR cpe:/a:ibm:tivoli_common_reporting:2.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:tivoli_common_reporting:2.1.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:tivoli_common_reporting:3.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:tivoli_common_reporting:3.1.0.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:tivoli_common_reporting:3.1.0.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_license_key_server:8.1.4.6:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_license_key_server:8.1.4.7:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_license_key_server:8.1.4.8:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_license_key_server:8.1.4.9:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_license_key_server:8.1.4.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:sterling_b2b_integrator:6.0.0.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:sterling_b2b_integrator:5.2.0.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:tivoli_application_dependency_discovery_manager:7.3.0.0:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:20140119	V	CVE-2014-0119	2022-05-20
oval:org.opensuse.security:def:34607	P	Security update for the Linux Kernel (Important)	2021-12-02
oval:org.opensuse.security:def:32232	P	Security update for webkit2gtk3 (Important)	2021-12-01
oval:org.opensuse.security:def:34005	P	Security update for xen (Moderate)	2021-12-01
oval:org.opensuse.security:def:30132	P	Security update for libqt5-qtbase (Important)	2021-09-30
oval:org.opensuse.security:def:32999	P	Security update for grilo (Important)	2021-09-09
oval:org.opensuse.security:def:30121	P	Security update for openexr (Important)	2021-09-02
oval:org.opensuse.security:def:30120	P	Security update for bind (Moderate)	2021-08-30
oval:org.opensuse.security:def:34517	P	Security update for openssl-1_1 (Important)	2021-08-24
oval:org.opensuse.security:def:32145	P	Security update for the Linux Kernel (Live Patch 37 for SLE 12 SP3) (Important)	2021-07-21
oval:org.opensuse.security:def:34460	P	Security update for the Linux Kernel (Important)	2021-06-09
oval:org.opensuse.security:def:36312	P	tomcat6-6.0.41-0.43.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:42719	P	tomcat6-6.0.41-0.43.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:30206	P	Security update for MozillaFirefox (Important)	2021-06-08
oval:org.opensuse.security:def:26065	P	Security update for polkit (Important)	2021-06-03
oval:org.opensuse.security:def:32912	P	Security update for python36 (Moderate)	2021-05-04
oval:org.opensuse.security:def:32088	P	Security update for bind (Important)	2021-05-04
oval:org.opensuse.security:def:31609	P	Security update for sudo (Important)	2021-04-20
oval:org.opensuse.security:def:28963	P	Security update for openssl (Moderate)	2021-03-24
oval:org.opensuse.security:def:34044	P	Security update for wavpack (Important)	2021-03-24
oval:org.opensuse.security:def:26203	P	Security update for openldap2 (Important)	2021-03-03
oval:org.opensuse.security:def:26146	P	Security update for python3 (Important)	2021-02-08
oval:org.opensuse.security:def:29956	P	Security update for xen (Important)	2020-12-10
oval:org.opensuse.security:def:35620	P	openssh-5.1p1-41.31.36 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35661	P	OpenEXR-1.6.1-83.17.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:31778	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:29257	P	Security update for tomcat6 (Important)	2020-12-01
oval:org.opensuse.security:def:32761	P	pam on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26540	P	enscript on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31864	P	Security update for curl (Moderate)	2020-12-01
oval:org.opensuse.security:def:34766	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:26637	P	ruby on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28527	P	Security update for wget (Moderate)	2020-12-01
oval:org.opensuse.security:def:34912	P	Security update for e2fsprogs (Moderate)	2020-12-01
oval:org.opensuse.security:def:25861	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:30427	P	Security update for xorg-x11-libs (Moderate)	2020-12-01
oval:org.opensuse.security:def:33261	P	strongswan on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28737	P	Security update for lcms2	2020-12-01
oval:org.opensuse.security:def:32444	P	Security update for xen (Important)	2020-12-01
oval:org.opensuse.security:def:25937	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:30726	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:33367	P	Security update for sblim-sfcb (Moderate)	2020-12-01
oval:org.opensuse.security:def:34131	P	Security update for ntp (Important)	2020-12-01
oval:org.opensuse.security:def:32554	P	libltdl7 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:32536	P	kdelibs3 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:30869	P	Security update for evolution-data-server	2020-12-01
oval:org.opensuse.security:def:34362	P	Security update for tcpdump	2020-12-01
oval:org.opensuse.security:def:29218	P	Security update for php53 (Important)	2020-12-01
oval:org.opensuse.security:def:33275	P	tomcat6 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:32626	P	OpenEXR on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26491	P	Security update for nextcloud (Moderate)	2020-12-01
oval:org.opensuse.security:def:31571	P	Security update for strongswan (Moderate)	2020-12-01
oval:org.opensuse.security:def:31790	P	Security update for MozillaFirefox (Moderate)	2020-12-01
oval:org.opensuse.security:def:29318	P	Security update for compat-openssl097g	2020-12-01
oval:org.opensuse.security:def:26593	P	libnetpbm10 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28526	P	Security update for wget (Moderate)	2020-12-01
oval:org.opensuse.security:def:34873	P	Security update for CUPS	2020-12-01
oval:org.opensuse.security:def:30338	P	Security update for transfig (Low)	2020-12-01
oval:org.opensuse.security:def:33212	P	nagios-plugins on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27310	P	tomcat6 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28606	P	Security update for Xen	2020-12-01
oval:org.opensuse.security:def:32388	P	Security update for tomcat6 (Important)	2020-12-01
oval:org.opensuse.security:def:34982	P	Security update for ghostscript-library (Moderate)	2020-12-01
oval:org.opensuse.security:def:25873	P	Security update for libcares2 (Low)	2020-12-01
oval:org.opensuse.security:def:30571	P	Security update for libxslt	2020-12-01
oval:org.opensuse.security:def:33323	P	Security update for curl (Important)	2020-12-01
oval:org.opensuse.security:def:34130	P	Security update for ntp (Important)	2020-12-01
oval:org.opensuse.security:def:28879	P	security update for xen (Moderate)	2020-12-01
oval:org.opensuse.security:def:32532	P	java-1_4_2-ibm on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:30830	P	Security update for curl (Moderate)	2020-12-01
oval:org.opensuse.security:def:34226	P	Security update for php5 (Moderate)	2020-12-01
oval:org.opensuse.security:def:29169	P	Security update for mailman (Important)	2020-12-01
oval:org.opensuse.security:def:33236	P	ppc64-diag on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:32548	P	libarchive2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26438	P	Security update for ansible (Moderate)	2020-12-01
oval:org.opensuse.security:def:30933	P	Recommended update for ghostscript-library (Important)	2020-12-01
oval:org.opensuse.security:def:31779	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:29274	P	Security update for xen (Important)	2020-12-01
oval:org.opensuse.security:def:32855	P	evince on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26579	P	libMagickCore1-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31996	P	Security update for java-1_7_1-ibm (Moderate)	2020-12-01
oval:org.opensuse.security:def:34824	P	Security update for augeas (Moderate)	2020-12-01
oval:org.opensuse.security:def:29992	P	Security update for tomcat6	2020-12-01
oval:org.opensuse.security:def:33155	P	libicu-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27275	P	pure-ftpd on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28538	P	Security update for coreutils	2020-12-01
oval:org.opensuse.security:def:34938	P	Security update for Mozilla Firefox	2020-12-01
oval:org.opensuse.security:def:25862	P	Recommended update for mariadb (Important)	2020-12-01
oval:org.opensuse.security:def:30484	P	Security update for clamav	2020-12-01
oval:org.opensuse.security:def:33300	P	xorg-x11-libXv-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28822	P	Security update for python-lxml	2020-12-01
oval:org.opensuse.security:def:32493	P	bzip2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:30781	P	Security update for bind	2020-12-01
oval:org.opensuse.security:def:34142	P	Security update for openldap2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:29115	P	Security update for java-1_7_0-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:32598	P	python on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:32537	P	kdelibs4 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26287	P	Security update for zeromq (Moderate)	2020-12-01
oval:org.opensuse.security:def:30889	P	Security update for Mozilla Firefox	2020-12-01
oval:org.cisecurity:def:585	P	DSA-3530-1 -- tomcat6 -- security update	2016-07-01
oval:org.mitre.oval:def:27179	P	ELSA-2014-1034 -- tomcat security update (low)	2014-12-15
oval:org.mitre.oval:def:27228	P	ELSA-2014-1038 -- tomcat6 security update (low)	2014-12-15
oval:org.mitre.oval:def:26443	P	SUSE-SU-2014:1015-1 -- Security update for tomcat6	2014-10-27
oval:org.mitre.oval:def:26183	P	RHSA-2014:1034: tomcat security update (Low)	2014-10-13
oval:org.mitre.oval:def:26374	P	RHSA-2014:1038: tomcat6 security update (Low)	2014-10-13
oval:com.redhat.rhsa:def:20141038	P	RHSA-2014:1038: tomcat6 security update (Low)	2014-08-11
oval:com.redhat.rhsa:def:20141034	P	RHSA-2014:1034: tomcat security update (Low)	2014-08-07
oval:com.ubuntu.xenial:def:20140119000	V	CVE-2014-0119 on Ubuntu 16.04 LTS (xenial) - low.	2014-05-31
oval:com.ubuntu.cosmic:def:20140119000	V	CVE-2014-0119 on Ubuntu 18.10 (cosmic) - low.	2014-05-31
oval:com.ubuntu.cosmic:def:201401190000000	V	CVE-2014-0119 on Ubuntu 18.10 (cosmic) - low.	2014-05-31
oval:com.ubuntu.precise:def:20140119000	V	CVE-2014-0119 on Ubuntu 12.04 LTS (precise) - low.	2014-05-31
oval:com.ubuntu.bionic:def:201401190000000	V	CVE-2014-0119 on Ubuntu 18.04 LTS (bionic) - low.	2014-05-31
oval:com.ubuntu.artful:def:20140119000	V	CVE-2014-0119 on Ubuntu 17.10 (artful) - low.	2014-05-31
oval:com.ubuntu.trusty:def:20140119000	V	CVE-2014-0119 on Ubuntu 14.04 LTS (trusty) - low.	2014-05-31
oval:com.ubuntu.xenial:def:201401190000000	V	CVE-2014-0119 on Ubuntu 16.04 LTS (xenial) - low.	2014-05-31
oval:com.ubuntu.bionic:def:20140119000	V	CVE-2014-0119 on Ubuntu 18.04 LTS (bionic) - low.	2014-05-31