CVE-2018-11784

Published: 4 October 2018

When the default servlet in Apache Tomcat versions 9.0.0.M1 to 9.0.11, 8.5.0 to 8.5.33 and 7.0.23 to 7.0.90 returned a redirect to a directory (e.g. redirecting to '/foo/' when the user requested '/foo') a specially crafted URL could be used to cause the redirect to be generated to any URI of the attackers choice.

Priority

CVSS 3 base score: 4.3

Status

Package	Release	Status
tomcat6 Launchpad, Ubuntu, Debian	bionic	Does not exist
	cosmic	Does not exist
	disco	Does not exist
	eoan	Does not exist
	focal	Does not exist
	groovy	Does not exist
	hirsute	Does not exist
	impish	Does not exist
	jammy	Does not exist
	precise	Ignored (end of ESM support, was needed)
	trusty	Needed
	upstream	Needed
	xenial	Ignored (end of standard support, was needed)
tomcat7 Launchpad, Ubuntu, Debian	bionic	Needed
	cosmic	Ignored (reached end-of-life)
	disco	Does not exist
	eoan	Does not exist
	focal	Does not exist
	groovy	Does not exist
	hirsute	Does not exist
	impish	Does not exist
	jammy	Does not exist
	precise	Does not exist
	trusty	Released (7.0.52-1ubuntu0.16)
	upstream	Released (7.0.91)
	xenial	Ignored (end of standard support, was needed)
tomcat8 Launchpad, Ubuntu, Debian	bionic	Released (8.5.39-1ubuntu1~18.04.1)
	cosmic	Released (8.5.39-1ubuntu1~18.10)
	disco	Does not exist
	eoan	Does not exist
	focal	Does not exist
	groovy	Does not exist
	hirsute	Does not exist
	impish	Does not exist
	jammy	Does not exist
	precise	Does not exist
	trusty	Does not exist
	upstream	Released (8.5.34)
	xenial	Released (8.0.32-1ubuntu1.8)
tomcat8.0 Launchpad, Ubuntu, Debian	bionic	Does not exist
	cosmic	Does not exist
	disco	Does not exist
	eoan	Does not exist
	focal	Does not exist
	groovy	Does not exist
	hirsute	Does not exist
	impish	Does not exist
	jammy	Does not exist
	precise	Does not exist
	trusty	Does not exist
	upstream	Needs triage
	xenial	Does not exist

CVE-2018-11784

Medium

Status

References

Bugs

Join the discussion

Canonical is offering Extended Security Maintenance

Further reading