CVE-2018-1305

First published: Fri Feb 23 2018(Updated: )

Apache Tomcat versions 7.0.0 to 7.0.84, 8.0.0.RC1 to 8.0.49 and 8.5.0 to 8.5.27 only apply security constraints defined by Servlets once those Servlets are loaded. Depending on the order that Servlets load, some security constraints may not be applied leading to unintended resource exposure. External References: <a href="https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.85">https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.85</a> <a href="https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.50">https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.50</a> <a href="https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.28">https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.28</a> Upstream Fixes: Tomcat 7.0.x: <a href="http://svn.apache.org/viewvc?view=rev&rev=1823322">http://svn.apache.org/viewvc?view=rev&rev=1823322</a> <a href="http://svn.apache.org/viewvc?view=rev&rev=1824360">http://svn.apache.org/viewvc?view=rev&rev=1824360</a> Tomcat 8.0.x: <a href="http://svn.apache.org/viewvc?view=rev&rev=1823319">http://svn.apache.org/viewvc?view=rev&rev=1823319</a> <a href="http://svn.apache.org/viewvc?view=rev&rev=1824359">http://svn.apache.org/viewvc?view=rev&rev=1824359</a> Tomcat 8.5.x: <a href="http://svn.apache.org/viewvc?view=rev&rev=1823314">http://svn.apache.org/viewvc?view=rev&rev=1823314</a> <a href="http://svn.apache.org/viewvc?view=rev&rev=1824358">http://svn.apache.org/viewvc?view=rev&rev=1824358</a>

Credit: security@apache.org security@apache.org security@apache.org

Affected Software	Affected Version	How to fix
redhat/tomcat	<0:7.0.76-9.el7	0:7.0.76-9.el7
redhat/tomcat7	<0:7.0.70-25.ep7.el6	0:7.0.70-25.ep7.el6
redhat/tomcat8	<0:8.0.36-29.ep7.el6	0:8.0.36-29.ep7.el6
redhat/tomcat-native	<0:1.2.8-11.redhat_11.ep7.el6	0:1.2.8-11.redhat_11.ep7.el6
redhat/tomcat-vault	<0:1.1.6-1.Final_redhat_1.1.ep7.el6	0:1.1.6-1.Final_redhat_1.1.ep7.el6
redhat/tomcat7	<0:7.0.70-25.ep7.el7	0:7.0.70-25.ep7.el7
redhat/tomcat8	<0:8.0.36-29.ep7.el7	0:8.0.36-29.ep7.el7
redhat/tomcat-native	<0:1.2.8-11.redhat_11.ep7.el7	0:1.2.8-11.redhat_11.ep7.el7
redhat/tomcat-vault	<0:1.1.6-1.Final_redhat_1.1.ep7.el7	0:1.1.6-1.Final_redhat_1.1.ep7.el7
Apache Tomcat	>=7.0.0<=7.0.84
Apache Tomcat	>=8.0.0<=8.0.49
Apache Tomcat	=8.0.0-rc1
Apache Tomcat	=8.0.0-rc10
Apache Tomcat	=8.0.0-rc3
Apache Tomcat	=8.0.0-rc5
Apache Tomcat	=9.0.0
Apache Tomcat	=9.0.0-m1
Apache Tomcat	=9.0.0-m10
Apache Tomcat	=9.0.0-m11
Apache Tomcat	=9.0.0-m12
Apache Tomcat	=9.0.0-m13
Apache Tomcat	=9.0.0-m14
Apache Tomcat	=9.0.0-m15
Apache Tomcat	=9.0.0-m16
Apache Tomcat	=9.0.0-m17
Apache Tomcat	=9.0.0-m18
Apache Tomcat	=9.0.0-m19
Apache Tomcat	=9.0.0-m2
Apache Tomcat	=9.0.0-m20
Apache Tomcat	=9.0.0-m21
Apache Tomcat	=9.0.0-m22
Apache Tomcat	=9.0.0-m23
Apache Tomcat	=9.0.0-m24
Apache Tomcat	=9.0.0-m25
Apache Tomcat	=9.0.0-m26
Apache Tomcat	=9.0.0-m27
Apache Tomcat	=9.0.0-m3
Apache Tomcat	=9.0.0-m4
Apache Tomcat	=9.0.0-m5
Apache Tomcat	=9.0.0-m6
Apache Tomcat	=9.0.0-m7
Apache Tomcat	=9.0.0-m8
Apache Tomcat	=9.0.0-m9
Apache Tomcat	=9.0.1
Apache Tomcat	=9.0.2
Apache Tomcat	=9.0.3
Apache Tomcat	=9.0.4
Apache Tomcat	>=8.5.0<=8.5.27
Debian Debian Linux	=7.0
Debian Debian Linux	=8.0
Debian Debian Linux	=9.0
Canonical Ubuntu Linux	=14.04
Canonical Ubuntu Linux	=16.04
Canonical Ubuntu Linux	=17.10
Canonical Ubuntu Linux	=18.04
Oracle Fusion Middleware	=12.2.1.3.0
Oracle Managed File Transfer	=12.1.3.0.0
Oracle Managed File Transfer	=12.2.1.3.0
Oracle Micros Relate Crm Software	=11.4
Apache Tomcat	=9.0.0-milestone1
Apache Tomcat	=9.0.0-milestone10
Apache Tomcat	=9.0.0-milestone11
Apache Tomcat	=9.0.0-milestone12
Apache Tomcat	=9.0.0-milestone13
Apache Tomcat	=9.0.0-milestone14
Apache Tomcat	=9.0.0-milestone15
Apache Tomcat	=9.0.0-milestone16
Apache Tomcat	=9.0.0-milestone17
Apache Tomcat	=9.0.0-milestone18
Apache Tomcat	=9.0.0-milestone19
Apache Tomcat	=9.0.0-milestone2
Apache Tomcat	=9.0.0-milestone20
Apache Tomcat	=9.0.0-milestone21
Apache Tomcat	=9.0.0-milestone22
Apache Tomcat	=9.0.0-milestone23
Apache Tomcat	=9.0.0-milestone24
Apache Tomcat	=9.0.0-milestone25
Apache Tomcat	=9.0.0-milestone26
Apache Tomcat	=9.0.0-milestone27
Apache Tomcat	=9.0.0-milestone3
Apache Tomcat	=9.0.0-milestone4
Apache Tomcat	=9.0.0-milestone5
Apache Tomcat	=9.0.0-milestone6
Apache Tomcat	=9.0.0-milestone7
Apache Tomcat	=9.0.0-milestone8
Apache Tomcat	=9.0.0-milestone9
redhat/tomcat	<7.0.85	7.0.85
redhat/tomcat	<8.0.50	8.0.50
redhat/tomcat	<8.5.28	8.5.28
maven/org.apache.tomcat.embed:tomcat-embed-core	>=9.0.0M1<=9.0.4	9.0.5
maven/org.apache.tomcat.embed:tomcat-embed-core	>=7.0.0<=7.0.84	7.0.85
maven/org.apache.tomcat.embed:tomcat-embed-core	>=8.5.0<=8.5.27	8.5.28
debian/tomcat9		9.0.43-2~deb11u10 9.0.70-2 9.0.95-1

Never miss a vulnerability like this again

Reference Links

Parent vulnerabilities

(Appears in the following advisories)

collector/redhat-cve
collector/nvd-index
collector/nvd-api
agent/type
agent/first-publish-date
collector/launchpad-cve
source/Launchpad
agent/severity
agent/weakness
agent/author
collector/redhat-bugzilla
source/Red Hat
alias/CVE-2018-1305
agent/software-canonical-lookup
collector/nvd-cve
source/NVD
agent/description
agent/event
collector/github-advisory-latest
source/GitHub
alias/GHSA-jx6h-3fjx-cgv5
agent/last-modified-date
collector/github-advisory
agent/remedy
agent/references
agent/tags
collector/security-tracker-debian
source/Debian
agent/softwarecombine
collector/usn-cve
source/Ubuntu
package-manager/redhat
vendor/apache
canonical/apache tomcat
version/apache tomcat/7.0.0
version/apache tomcat/7.0.84
version/apache tomcat/8.0.0
version/apache tomcat/8.0.49
version/apache tomcat/8.0.0-rc1
version/apache tomcat/8.0.0-rc10
version/apache tomcat/8.0.0-rc3
version/apache tomcat/8.0.0-rc5
version/apache tomcat/9.0.0
version/apache tomcat/9.0.0-m1
version/apache tomcat/9.0.0-m10
version/apache tomcat/9.0.0-m11
version/apache tomcat/9.0.0-m12
version/apache tomcat/9.0.0-m13
version/apache tomcat/9.0.0-m14
version/apache tomcat/9.0.0-m15
version/apache tomcat/9.0.0-m16
version/apache tomcat/9.0.0-m17
version/apache tomcat/9.0.0-m18
version/apache tomcat/9.0.0-m19
version/apache tomcat/9.0.0-m2
version/apache tomcat/9.0.0-m20
version/apache tomcat/9.0.0-m21
version/apache tomcat/9.0.0-m22
version/apache tomcat/9.0.0-m23
version/apache tomcat/9.0.0-m24
version/apache tomcat/9.0.0-m25
version/apache tomcat/9.0.0-m26
version/apache tomcat/9.0.0-m27
version/apache tomcat/9.0.0-m3
version/apache tomcat/9.0.0-m4
version/apache tomcat/9.0.0-m5
version/apache tomcat/9.0.0-m6
version/apache tomcat/9.0.0-m7
version/apache tomcat/9.0.0-m8
version/apache tomcat/9.0.0-m9
version/apache tomcat/9.0.1
version/apache tomcat/9.0.2
version/apache tomcat/9.0.3
version/apache tomcat/9.0.4
version/apache tomcat/8.5.0
version/apache tomcat/8.5.27
vendor/debian
canonical/debian debian linux
version/debian debian linux/7.0
version/debian debian linux/8.0
version/debian debian linux/9.0
vendor/canonical
canonical/canonical ubuntu linux
version/canonical ubuntu linux/14.04
version/canonical ubuntu linux/16.04
version/canonical ubuntu linux/17.10
version/canonical ubuntu linux/18.04
vendor/oracle
canonical/oracle fusion middleware
version/oracle fusion middleware/12.2.1.3.0
canonical/oracle managed file transfer
version/oracle managed file transfer/12.1.3.0.0
version/oracle managed file transfer/12.2.1.3.0
canonical/oracle micros relate crm software
version/oracle micros relate crm software/11.4
version/apache tomcat/9.0.0-milestone1
version/apache tomcat/9.0.0-milestone10
version/apache tomcat/9.0.0-milestone11
version/apache tomcat/9.0.0-milestone12
version/apache tomcat/9.0.0-milestone13
version/apache tomcat/9.0.0-milestone14
version/apache tomcat/9.0.0-milestone15
version/apache tomcat/9.0.0-milestone16
version/apache tomcat/9.0.0-milestone17
version/apache tomcat/9.0.0-milestone18
version/apache tomcat/9.0.0-milestone19
version/apache tomcat/9.0.0-milestone2
version/apache tomcat/9.0.0-milestone20
version/apache tomcat/9.0.0-milestone21
version/apache tomcat/9.0.0-milestone22
version/apache tomcat/9.0.0-milestone23
version/apache tomcat/9.0.0-milestone24
version/apache tomcat/9.0.0-milestone25
version/apache tomcat/9.0.0-milestone26
version/apache tomcat/9.0.0-milestone27
version/apache tomcat/9.0.0-milestone3
version/apache tomcat/9.0.0-milestone4
version/apache tomcat/9.0.0-milestone5
version/apache tomcat/9.0.0-milestone6
version/apache tomcat/9.0.0-milestone7
version/apache tomcat/9.0.0-milestone8
version/apache tomcat/9.0.0-milestone9
package-manager/maven
package-manager/debian

CVE-2018-1305

Remedy

Remedy

Remedy

Never miss a vulnerability like this again

Reference Links

Parent vulnerabilities

Company

Resources

Contact