CVE-2018-1305
First published: Fri Feb 23 2018(Updated: )
Apache Tomcat versions 7.0.0 to 7.0.84, 8.0.0.RC1 to 8.0.49 and 8.5.0 to 8.5.27 only apply security constraints defined by Servlets once those Servlets are loaded. Depending on the order that Servlets load, some security constraints may not be applied leading to unintended resource exposure. External References: <a href="https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.85">https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.85</a> <a href="https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.50">https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.50</a> <a href="https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.28">https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.28</a> Upstream Fixes: Tomcat 7.0.x: <a href="http://svn.apache.org/viewvc?view=rev&rev=1823322">http://svn.apache.org/viewvc?view=rev&rev=1823322</a> <a href="http://svn.apache.org/viewvc?view=rev&rev=1824360">http://svn.apache.org/viewvc?view=rev&rev=1824360</a> Tomcat 8.0.x: <a href="http://svn.apache.org/viewvc?view=rev&rev=1823319">http://svn.apache.org/viewvc?view=rev&rev=1823319</a> <a href="http://svn.apache.org/viewvc?view=rev&rev=1824359">http://svn.apache.org/viewvc?view=rev&rev=1824359</a> Tomcat 8.5.x: <a href="http://svn.apache.org/viewvc?view=rev&rev=1823314">http://svn.apache.org/viewvc?view=rev&rev=1823314</a> <a href="http://svn.apache.org/viewvc?view=rev&rev=1824358">http://svn.apache.org/viewvc?view=rev&rev=1824358</a>
Credit: security@apache.org security@apache.org security@apache.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| redhat/tomcat | <0:7.0.76-9.el7 | 0:7.0.76-9.el7 |
| redhat/tomcat7 | <0:7.0.70-25.ep7.el6 | 0:7.0.70-25.ep7.el6 |
| redhat/tomcat8 | <0:8.0.36-29.ep7.el6 | 0:8.0.36-29.ep7.el6 |
| redhat/tomcat-native | <0:1.2.8-11.redhat_11.ep7.el6 | 0:1.2.8-11.redhat_11.ep7.el6 |
| redhat/tomcat-vault | <0:1.1.6-1.Final_redhat_1.1.ep7.el6 | 0:1.1.6-1.Final_redhat_1.1.ep7.el6 |
| redhat/tomcat7 | <0:7.0.70-25.ep7.el7 | 0:7.0.70-25.ep7.el7 |
| redhat/tomcat8 | <0:8.0.36-29.ep7.el7 | 0:8.0.36-29.ep7.el7 |
| redhat/tomcat-native | <0:1.2.8-11.redhat_11.ep7.el7 | 0:1.2.8-11.redhat_11.ep7.el7 |
| redhat/tomcat-vault | <0:1.1.6-1.Final_redhat_1.1.ep7.el7 | 0:1.1.6-1.Final_redhat_1.1.ep7.el7 |
| redhat/tomcat | <7.0.85 | 7.0.85 |
| redhat/tomcat | <8.0.50 | 8.0.50 |
| redhat/tomcat | <8.5.28 | 8.5.28 |
| maven/org.apache.tomcat.embed:tomcat-embed-core | >=9.0.0M1<=9.0.4 | 9.0.5 |
| maven/org.apache.tomcat.embed:tomcat-embed-core | >=7.0.0<=7.0.84 | 7.0.85 |
| maven/org.apache.tomcat.embed:tomcat-embed-core | >=8.5.0<=8.5.27 | 8.5.28 |
| Tomcat | >=7.0.0<=7.0.84 | |
| Tomcat | >=8.0.0<=8.0.49 | |
| Tomcat | =8.0.0-rc1 | |
| Tomcat | =8.0.0-rc10 | |
| Tomcat | =8.0.0-rc3 | |
| Tomcat | =8.0.0-rc5 | |
| Tomcat | =9.0.0 | |
| Tomcat | =9.0.0-milestone1 | |
| Tomcat | =9.0.0-milestone10 | |
| Tomcat | =9.0.0-milestone11 | |
| Tomcat | =9.0.0-milestone12 | |
| Tomcat | =9.0.0-milestone13 | |
| Tomcat | =9.0.0-milestone14 | |
| Tomcat | =9.0.0-milestone15 | |
| Tomcat | =9.0.0-milestone16 | |
| Tomcat | =9.0.0-milestone17 | |
| Tomcat | =9.0.0-milestone18 | |
| Tomcat | =9.0.0-milestone19 | |
| Tomcat | =9.0.0-milestone2 | |
| Tomcat | =9.0.0-milestone20 | |
| Tomcat | =9.0.0-milestone21 | |
| Tomcat | =9.0.0-milestone22 | |
| Tomcat | =9.0.0-milestone23 | |
| Tomcat | =9.0.0-milestone24 | |
| Tomcat | =9.0.0-milestone25 | |
| Tomcat | =9.0.0-milestone26 | |
| Tomcat | =9.0.0-milestone27 | |
| Tomcat | =9.0.0-milestone3 | |
| Tomcat | =9.0.0-milestone4 | |
| Tomcat | =9.0.0-milestone5 | |
| Tomcat | =9.0.0-milestone6 | |
| Tomcat | =9.0.0-milestone7 | |
| Tomcat | =9.0.0-milestone8 | |
| Tomcat | =9.0.0-milestone9 | |
| Tomcat | =9.0.1 | |
| Tomcat | =9.0.2 | |
| Tomcat | =9.0.3 | |
| Tomcat | =9.0.4 | |
| Tomcat | >=8.5.0<=8.5.27 | |
| Debian Linux | =7.0 | |
| Debian Linux | =8.0 | |
| Debian Linux | =9.0 | |
| Ubuntu | =14.04 | |
| Ubuntu | =16.04 | |
| Ubuntu | =17.10 | |
| Ubuntu | =18.04 | |
| Oracle Fusion Middleware | =12.2.1.3.0 | |
| Oracle Managed File Transfer | =12.1.3.0.0 | |
| Oracle Managed File Transfer | =12.2.1.3.0 | |
| Oracle Micros Relate Customer Relationship Management Software | =11.4 | |
| Tomcat | =9.0.0-m1 | |
| Tomcat | =9.0.0-m10 | |
| Tomcat | =9.0.0-m11 | |
| Tomcat | =9.0.0-m12 | |
| Tomcat | =9.0.0-m13 | |
| Tomcat | =9.0.0-m14 | |
| Tomcat | =9.0.0-m15 | |
| Tomcat | =9.0.0-m16 | |
| Tomcat | =9.0.0-m17 | |
| Tomcat | =9.0.0-m18 | |
| Tomcat | =9.0.0-m19 | |
| Tomcat | =9.0.0-m2 | |
| Tomcat | =9.0.0-m20 | |
| Tomcat | =9.0.0-m21 | |
| Tomcat | =9.0.0-m22 | |
| Tomcat | =9.0.0-m23 | |
| Tomcat | =9.0.0-m24 | |
| Tomcat | =9.0.0-m25 | |
| Tomcat | =9.0.0-m26 | |
| Tomcat | =9.0.0-m27 | |
| Tomcat | =9.0.0-m3 | |
| Tomcat | =9.0.0-m4 | |
| Tomcat | =9.0.0-m5 | |
| Tomcat | =9.0.0-m6 | |
| Tomcat | =9.0.0-m7 | |
| Tomcat | =9.0.0-m8 | |
| Tomcat | =9.0.0-m9 | |
| debian/tomcat9 | 9.0.43-2~deb11u10 9.0.43-2~deb11u12 9.0.70-2 9.0.95-1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://www.cve.org/CVERecord?id=CVE-2018-1305 https://nvd.nist.gov/vuln/detail/CVE-2018-1305 https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.85 https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.50 https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.28
- https://bugzilla.redhat.com/show_bug.cgi?id=1548282
- https://access.redhat.com/errata/RHSA-2019:2205
- https://access.redhat.com/errata/RHSA-2018:2939
- https://access.redhat.com/errata/RHSA-2018:0465
- https://access.redhat.com/errata/RHSA-2018:0466
- https://access.redhat.com/errata/RHSA-2018:1320
- https://access.redhat.com/security/cve/cve-2018-1305
- http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
- http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
- http://www.securityfocus.com/bid/103144
- http://www.securitytracker.com/id/1040428
- https://lists.apache.org/thread.html/1dd0a59c1295cc08ce4c9e7edae5ad2268acc9ba55adcefa0532e5ba@%3Cdev.tomcat.apache.org%3E
- https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E
- https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708@%3Cdev.tomcat.apache.org%3E
- https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7@%3Cdev.tomcat.apache.org%3E
- https://lists.apache.org/thread.html/5c0e00fd31efc11e147bf99d0f03c00a734447d3b131ab0818644cdb@%3Cdev.tomcat.apache.org%3E
- https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3@%3Cdev.tomcat.apache.org%3E
- https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424@%3Cdev.tomcat.apache.org%3E
- https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a@%3Cdev.tomcat.apache.org%3E
- https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc@%3Cdev.tomcat.apache.org%3E
- https://lists.apache.org/thread.html/d3354bb0a4eda4acc0a66f3eb24a213fdb75d12c7d16060b23e65781@%3Cannounce.tomcat.apache.org%3E
- https://lists.apache.org/thread.html/e85e83e9954f169bbb77b44baae5a33d8de878df557bb32b7f793661@%3Cdev.tomcat.apache.org%3E
- https://lists.apache.org/thread.html/eb6efa8d59c45a7a9eff94c4b925467d3b3fec8ba7697f3daa314b04@%3Cdev.tomcat.apache.org%3E
- https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d@%3Cdev.tomcat.apache.org%3E
- https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0@%3Cdev.tomcat.apache.org%3E
- https://lists.apache.org/thread.html/r6ccee4e849bc77df0840c7f853f6bd09d426f6741247da2b7429d5d9@%3Cdev.tomcat.apache.org%3E
- https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E
- https://lists.apache.org/thread.html/raba0fabaf4d56d4325ab2aca8814f0b30a237ab83d8106b115ee279a@%3Cdev.tomcat.apache.org%3E
- https://lists.debian.org/debian-lts-announce/2018/03/msg00004.html
- https://lists.debian.org/debian-lts-announce/2018/06/msg00008.html
- https://lists.debian.org/debian-lts-announce/2018/07/msg00044.html
- https://security.netapp.com/advisory/ntap-20180706-0001/
- https://usn.ubuntu.com/3665-1/
- https://www.debian.org/security/2018/dsa-4281
- https://www.oracle.com/security-alerts/cpuapr2020.html
- https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
- https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
- https://lists.apache.org/thread.html/1dd0a59c1295cc08ce4c9e7edae5ad2268acc9ba55adcefa0532e5ba%40%3Cdev.tomcat.apache.org%3E
- https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551%40%3Cdev.tomcat.apache.org%3E
- https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708%40%3Cdev.tomcat.apache.org%3E
- https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7%40%3Cdev.tomcat.apache.org%3E
- https://lists.apache.org/thread.html/5c0e00fd31efc11e147bf99d0f03c00a734447d3b131ab0818644cdb%40%3Cdev.tomcat.apache.org%3E
- https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3%40%3Cdev.tomcat.apache.org%3E
- https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424%40%3Cdev.tomcat.apache.org%3E
- https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a%40%3Cdev.tomcat.apache.org%3E
- https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc%40%3Cdev.tomcat.apache.org%3E
- https://lists.apache.org/thread.html/d3354bb0a4eda4acc0a66f3eb24a213fdb75d12c7d16060b23e65781%40%3Cannounce.tomcat.apache.org%3E
- https://lists.apache.org/thread.html/e85e83e9954f169bbb77b44baae5a33d8de878df557bb32b7f793661%40%3Cdev.tomcat.apache.org%3E
- https://lists.apache.org/thread.html/eb6efa8d59c45a7a9eff94c4b925467d3b3fec8ba7697f3daa314b04%40%3Cdev.tomcat.apache.org%3E
- https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d%40%3Cdev.tomcat.apache.org%3E
- https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0%40%3Cdev.tomcat.apache.org%3E
- https://lists.apache.org/thread.html/r6ccee4e849bc77df0840c7f853f6bd09d426f6741247da2b7429d5d9%40%3Cdev.tomcat.apache.org%3E
- https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E
- https://lists.apache.org/thread.html/raba0fabaf4d56d4325ab2aca8814f0b30a237ab83d8106b115ee279a%40%3Cdev.tomcat.apache.org%3E
- https://launchpad.net/bugs/cve/CVE-2018-1305
- https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.85
- https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.50
- https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.28
- http://svn.apache.org/viewvc?view=rev&rev=1823322
- http://svn.apache.org/viewvc?view=rev&rev=1824360
- http://svn.apache.org/viewvc?view=rev&rev=1823319
- http://svn.apache.org/viewvc?view=rev&rev=1824359
- http://svn.apache.org/viewvc?view=rev&rev=1823314
- http://svn.apache.org/viewvc?view=rev&rev=1824358
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1548283
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1548284
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1550284
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1550282
- https://access.redhat.com/support/policy/updates/jboss_notes
- https://nvd.nist.gov/vuln/detail/CVE-2018-1305
- https://web.archive.org/web/20200227030042/http://www.securityfocus.com/bid/103144
- https://web.archive.org/web/20200516094320/http://www.securitytracker.com/id/1040428
- https://github.com/apache/tomcat/commit/2349801827f09fb6582a8afdeca704294106ad9a
- https://github.com/apache/tomcat/commit/2aac69f694d42d9219eb27018b3da0ae1bdd73ab
- https://github.com/apache/tomcat/commit/3e54b2a6314eda11617ff7a7b899c251e222b1a1
- https://github.com/apache/tomcat/commit/4d637bc3986e5d09b9363e2144b8ba74fa6eac3a
- https://github.com/apache/tomcat/commit/c63b96d72cd39287e17b2ba698f4eee0ba508073
- https://github.com/apache/tomcat/commit/de6b4fd58b64828f374503b9ec76a12017b92895
- https://security.netapp.com/advisory/ntap-20180706-0001
- https://usn.ubuntu.com/3665-1
- https://github.com/advisories/GHSA-jx6h-3fjx-cgv5 (Advisory)
- https://svn.apache.org/r1823314
- https://svn.apache.org/r1824358
- https://svn.apache.org/r1823319
- https://svn.apache.org/r1824359
- https://svn.apache.org/r1823322
- https://svn.apache.org/r1824360
- https://security-tracker.debian.org/tracker/CVE-2018-1305
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1305
- https://ubuntu.com/security/CVE-2018-1305
Parent vulnerabilities
(Appears in the following advisories)
Frequently Asked Questions
What is the severity of CVE-2018-1305?
CVE-2018-1305 is classified as a moderate severity vulnerability.
How do I fix CVE-2018-1305?
To fix CVE-2018-1305, upgrade Apache Tomcat to versions 7.0.85, 8.0.50, or 8.5.28 or later.
What versions of Apache Tomcat are affected by CVE-2018-1305?
CVE-2018-1305 affects Apache Tomcat versions 7.0.0 to 7.0.84, 8.0.0.RC1 to 8.0.49, and 8.5.0 to 8.5.27.
What type of vulnerability is CVE-2018-1305?
CVE-2018-1305 is a vulnerability that may lead to unintended resource exposure depending on the order in which Servlets are loaded.
Is there a workaround for CVE-2018-1305?
There are no recommended workarounds for CVE-2018-1305, the best course of action is to apply the necessary updates.
- collector/redhat-cve
- agent/type
- agent/first-publish-date
- collector/launchpad-cve
- source/Launchpad
- agent/severity
- agent/weakness
- agent/author
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2018-1305
- agent/software-canonical-lookup
- collector/github-advisory-latest
- source/GitHub
- alias/GHSA-jx6h-3fjx-cgv5
- collector/github-advisory
- collector/usn-cve
- source/Ubuntu
- agent/references
- agent/remedy
- agent/description
- agent/event
- agent/last-modified-date
- agent/trending
- agent/source
- collector/nvd-api
- agent/software-canonical-lookup-request
- collector/nvd-cve
- source/NVD
- collector/nvd-index
- agent/softwarecombine
- agent/tags
- collector/security-tracker-debian
- source/Debian
- package-manager/redhat
- package-manager/maven
- vendor/apache
- canonical/tomcat
- version/tomcat/7.0.0
- version/tomcat/7.0.84
- version/tomcat/8.0.0
- version/tomcat/8.0.49
- version/tomcat/8.0.0-rc1
- version/tomcat/8.0.0-rc10
- version/tomcat/8.0.0-rc3
- version/tomcat/8.0.0-rc5
- version/tomcat/9.0.0
- version/tomcat/9.0.0-milestone1
- version/tomcat/9.0.0-milestone10
- version/tomcat/9.0.0-milestone11
- version/tomcat/9.0.0-milestone12
- version/tomcat/9.0.0-milestone13
- version/tomcat/9.0.0-milestone14
- version/tomcat/9.0.0-milestone15
- version/tomcat/9.0.0-milestone16
- version/tomcat/9.0.0-milestone17
- version/tomcat/9.0.0-milestone18
- version/tomcat/9.0.0-milestone19
- version/tomcat/9.0.0-milestone2
- version/tomcat/9.0.0-milestone20
- version/tomcat/9.0.0-milestone21
- version/tomcat/9.0.0-milestone22
- version/tomcat/9.0.0-milestone23
- version/tomcat/9.0.0-milestone24
- version/tomcat/9.0.0-milestone25
- version/tomcat/9.0.0-milestone26
- version/tomcat/9.0.0-milestone27
- version/tomcat/9.0.0-milestone3
- version/tomcat/9.0.0-milestone4
- version/tomcat/9.0.0-milestone5
- version/tomcat/9.0.0-milestone6
- version/tomcat/9.0.0-milestone7
- version/tomcat/9.0.0-milestone8
- version/tomcat/9.0.0-milestone9
- version/tomcat/9.0.1
- version/tomcat/9.0.2
- version/tomcat/9.0.3
- version/tomcat/9.0.4
- version/tomcat/8.5.0
- version/tomcat/8.5.27
- vendor/debian
- canonical/debian linux
- version/debian linux/7.0
- version/debian linux/8.0
- version/debian linux/9.0
- vendor/canonical
- canonical/ubuntu
- version/ubuntu/14.04
- version/ubuntu/16.04
- version/ubuntu/17.10
- version/ubuntu/18.04
- vendor/oracle
- canonical/oracle fusion middleware
- version/oracle fusion middleware/12.2.1.3.0
- canonical/oracle managed file transfer
- version/oracle managed file transfer/12.1.3.0.0
- version/oracle managed file transfer/12.2.1.3.0
- canonical/oracle micros relate customer relationship management software
- version/oracle micros relate customer relationship management software/11.4
- version/tomcat/9.0.0-m1
- version/tomcat/9.0.0-m10
- version/tomcat/9.0.0-m11
- version/tomcat/9.0.0-m12
- version/tomcat/9.0.0-m13
- version/tomcat/9.0.0-m14
- version/tomcat/9.0.0-m15
- version/tomcat/9.0.0-m16
- version/tomcat/9.0.0-m17
- version/tomcat/9.0.0-m18
- version/tomcat/9.0.0-m19
- version/tomcat/9.0.0-m2
- version/tomcat/9.0.0-m20
- version/tomcat/9.0.0-m21
- version/tomcat/9.0.0-m22
- version/tomcat/9.0.0-m23
- version/tomcat/9.0.0-m24
- version/tomcat/9.0.0-m25
- version/tomcat/9.0.0-m26
- version/tomcat/9.0.0-m27
- version/tomcat/9.0.0-m3
- version/tomcat/9.0.0-m4
- version/tomcat/9.0.0-m5
- version/tomcat/9.0.0-m6
- version/tomcat/9.0.0-m7
- version/tomcat/9.0.0-m8
- version/tomcat/9.0.0-m9
- package-manager/debian