RHSA-2023:6570
- Source
- https://access.redhat.com/errata/RHSA-2023:6570
- Import Source
- https://security.access.redhat.com/data/osv/RHSA-2023:6570.json
- JSON Data
- https://api.osv.dev/v1/vulns/RHSA-2023:6570
- Related
- Published
- 2024-09-20T14:38:47Z
- Modified
- 2024-10-22T00:41:36Z
- Severity
-
- 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- Red Hat Security Advisory: tomcat security and bug fix update
- Details
- References
-
- https://access.redhat.com/errata/RHSA-2023:6570
- https://access.redhat.com/security/updates/classification/#moderate
- https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/9.3_release_notes/index
- https://bugzilla.redhat.com/show_bug.cgi?id=2172298
- https://bugzilla.redhat.com/show_bug.cgi?id=2173872
- https://bugzilla.redhat.com/show_bug.cgi?id=2180856
- https://bugzilla.redhat.com/show_bug.cgi?id=2184133
- https://bugzilla.redhat.com/show_bug.cgi?id=2189675
- https://bugzilla.redhat.com/show_bug.cgi?id=2210321
- https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_6570.json
- https://access.redhat.com/security/cve/CVE-2023-24998
- https://www.cve.org/CVERecord?id=CVE-2023-24998
- https://nvd.nist.gov/vuln/detail/CVE-2023-24998
- https://commons.apache.org/proper/commons-fileupload/security-reports.html#Fixed_in_Apache_Commons_FileUpload_1.5
- https://access.redhat.com/security/cve/CVE-2023-28708
- https://www.cve.org/CVERecord?id=CVE-2023-28708
- https://nvd.nist.gov/vuln/detail/CVE-2023-28708
- https://bz.apache.org/bugzilla/show_bug.cgi?id=66471
- https://lists.apache.org/thread/hdksc59z3s7tm39x0pp33mtwdrt8qr67
- https://access.redhat.com/security/cve/CVE-2023-28709
- https://www.cve.org/CVERecord?id=CVE-2023-28709
- https://nvd.nist.gov/vuln/detail/CVE-2023-28709
- https://lists.apache.org/thread/7wvxonzwb7k9hx9jt3q33cmy7j97jo3j
Affected packages
Red Hat:enterprise_linux:9::appstream / tomcat
Package
- Name
- tomcat
- Purl
- pkg:rpm/redhat/tomcat
Red Hat:enterprise_linux:9::appstream / tomcat-admin-webapps
Package
- Name
- tomcat-admin-webapps
- Purl
- pkg:rpm/redhat/tomcat-admin-webapps
Red Hat:enterprise_linux:9::appstream / tomcat-docs-webapp
Package
- Name
- tomcat-docs-webapp
- Purl
- pkg:rpm/redhat/tomcat-docs-webapp
Red Hat:enterprise_linux:9::appstream / tomcat-el-3.0-api
Package
- Name
- tomcat-el-3.0-api
- Purl
- pkg:rpm/redhat/tomcat-el-3.0-api
Red Hat:enterprise_linux:9::appstream / tomcat-jsp-2.3-api
Package
- Name
- tomcat-jsp-2.3-api
- Purl
- pkg:rpm/redhat/tomcat-jsp-2.3-api
Red Hat:enterprise_linux:9::appstream / tomcat-lib
Package
- Name
- tomcat-lib
- Purl
- pkg:rpm/redhat/tomcat-lib
Red Hat:enterprise_linux:9::appstream / tomcat-servlet-4.0-api
Package
- Name
- tomcat-servlet-4.0-api
- Purl
- pkg:rpm/redhat/tomcat-servlet-4.0-api