{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-03T12:17:55.010","vulnerabilities":[{"cve":{"id":"CVE-2016-8735","sourceIdentifier":"security@apache.org","published":"2017-04-06T21:59:00.243","lastModified":"2026-04-21T17:03:44.873","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Remote code execution is possible with Apache Tomcat before 6.0.48, 7.x before 7.0.73, 8.x before 8.0.39, 8.5.x before 8.5.7, and 9.x before 9.0.0.M12 if JmxRemoteLifecycleListener is used and an attacker can reach JMX ports. The issue exists because this listener wasn't updated for consistency with the CVE-2016-3427 Oracle patch that affected credential types."},{"lang":"es","value":"La ejecución remota de código es posible con Apache Tomcat en versiones anteriores a 6.0.48, 7.x en versiones anteriores a 7.0.73, 8.x en versiones anteriores a 8.0.39, 8.5.x en versiones anteriores a 8.5.7 y 9.x en versiones anteriores a 9.0.0.M12 si JmxRemoteLifecycleListener es utilizado y un atacante puede llegar a los puertos JMX. El problema existe porque este oyente no se actualizó por coherencia con el parche de Oracle CVE-2016-3427 que afectó a los tipos de credenciales."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"cisaExploitAdd":"2023-05-12","cisaActionDue":"2023-06-02","cisaRequiredAction":"Apply updates per vendor instructions.","cisaVulnerabilityName":"Apache Tomcat Remote Code Execution Vulnerability","weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*","versionEndExcluding":"6.0.48","matchCriteriaId":"BDAB7E8F-98DA-43F2-B2AE-F0C5F1581B4A"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*","versionStartIncluding":"7.0.0","versionEndExcluding":"7.0.73","matchCriteriaId":"39AB06BF-6948-44FA-AE78-CDEF64D7B771"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*","versionStartIncluding":"8.0","versionEndExcluding":"8.0.39","matchCriteriaId":"FBC4F54A-F99A-4B1A-AAE4-0C64950C118D"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*","versionStartIncluding":"8.5.0","versionEndExcluding":"8.5.7","matchCriteriaId":"EE43E8ED-8C32-42AF-A76F-8731C0F8DE7D"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:tomcat:9.0.0:-:*:*:*:*:*:*","matchCriteriaId":"67BBBD83-E232-4198-9748-C512D9E0EEDD"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:tomcat:9.0.0:milestone1:*:*:*:*:*:*","matchCriteriaId":"9D0689FE-4BC0-4F53-8C79-34B21F9B86C2"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:tomcat:9.0.0:milestone10:*:*:*:*:*:*","matchCriteriaId":"89B129B2-FB6F-4EF9-BF12-E589A87996CF"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:tomcat:9.0.0:milestone11:*:*:*:*:*:*","matchCriteriaId":"8B6787B6-54A8-475E-BA1C-AB99334B2535"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:tomcat:9.0.0:milestone2:*:*:*:*:*:*","matchCriteriaId":"9F542E12-6BA8-4504-A494-DA83E7E19BD5"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:tomcat:9.0.0:milestone3:*:*:*:*:*:*","matchCriteriaId":"C0C5F004-F7D8-45DB-B173-351C50B0EC16"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:tomcat:9.0.0:milestone4:*:*:*:*:*:*","matchCriteriaId":"D1902D2E-1896-4D3D-9E1C-3A675255072C"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:tomcat:9.0.0:milestone5:*:*:*:*:*:*","matchCriteriaId":"49AAF4DF-F61D-47A8-8788-A21E317A145D"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:tomcat:9.0.0:milestone6:*:*:*:*:*:*","matchCriteriaId":"454211D0-60A2-4661-AECA-4C0121413FEB"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:tomcat:9.0.0:milestone7:*:*:*:*:*:*","matchCriteriaId":"0686F977-889F-4960-8E0B-7784B73A7F2D"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:tomcat:9.0.0:milestone8:*:*:*:*:*:*","matchCriteriaId":"558703AE-DB5E-4DFF-B497-C36694DD7B24"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:tomcat:9.0.0:milestone9:*:*:*:*:*:*","matchCriteriaId":"ED6273F2-1165-47A4-8DD7-9E9B2472941B"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*","matchCriteriaId":"7A5301BF-1402-4BE0-A0F8-69FBE79BC6D6"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:netapp:7-mode_transition_tool:-:*:*:*:*:*:*:*","matchCriteriaId":"7EF6650C-558D-45C8-AE7D-136EE70CB6D7"},{"vulnerable":true,"criteria":"cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*","matchCriteriaId":"F1BE6C1F-2565-4E97-92AA-16563E5660A5"},{"vulnerable":true,"criteria":"cpe:2.3:a:netapp:oncommand_shift:-:*:*:*:*:*:*:*","matchCriteriaId":"3BD81527-A341-42C3-9AB9-880D3DB04B08"},{"vulnerable":true,"criteria":"cpe:2.3:a:netapp:snap_creator_framework:-:*:*:*:*:*:*:*","matchCriteriaId":"9F4754FB-E3EB-454A-AB1A-AE3835C5350C"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","matchCriteriaId":"C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:jboss_enterprise_web_server:3.0.0:*:*:*:*:*:*:*","matchCriteriaId":"8E2F2F98-DB90-43F6-8F28-3656207B6188"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:agile_engineering_data_management:6.1.3:*:*:*:*:*:*:*","matchCriteriaId":"61C5D278-11E5-4A2F-9860-6FFA579398CD"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:agile_engineering_data_management:6.2.0:*:*:*:*:*:*:*","matchCriteriaId":"1B21D189-0E7D-4878-91A0-BE38A4ABA1FD"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:agile_engineering_data_management:6.2.1.0:*:*:*:*:*:*:*","matchCriteriaId":"80C9DBB8-3D50-4D5D-859A-B022EB7C2E64"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:agile_plm:9.3.5:*:*:*:*:*:*:*","matchCriteriaId":"ED43772F-D280-42F6-A292-7198284D6FE7"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:agile_plm:9.3.6:*:*:*:*:*:*:*","matchCriteriaId":"C650FEDB-E903-4C2D-AD40-282AB5F2E3C2"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:communications_application_session_controller:3.7.1:*:*:*:*:*:*:*","matchCriteriaId":"CC967A48-D834-4E9B-8CEC-057E7D5B8174"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:communications_application_session_controller:3.8.0:*:*:*:*:*:*:*","matchCriteriaId":"F920CDE4-DF29-4611-93E9-A386C89EDB62"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:communications_instant_messaging_server:10.0.1:*:*:*:*:*:*:*","matchCriteriaId":"622B95F1-8FA4-4AA6-9B68-5FE4302BA150"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:communications_interactive_session_recorder:6.0:*:*:*:*:*:*:*","matchCriteriaId":"C510CE66-DD71-45C8-B678-9BD81EC7FFBB"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:communications_interactive_session_recorder:6.1:*:*:*:*:*:*:*","matchCriteriaId":"BF0A211C-7C3D-46AE-B525-890A9194C422"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:communications_interactive_session_recorder:6.2:*:*:*:*:*:*:*","matchCriteriaId":"B1AD7C68-81DF-4332-AEB3-B368E0221F52"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:hospitality_guest_access:4.2.0:*:*:*:*:*:*:*","matchCriteriaId":"1A3DC116-2844-47A1-BEC2-D0675DD97148"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:hospitality_guest_access:4.2.1:*:*:*:*:*:*:*","matchCriteriaId":"E0F1DF3E-0F2D-4EFC-9A3E-F72149C8AE94"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:micros_relate_crm_software:10.8:*:*:*:*:*:*:*","matchCriteriaId":"BDE82F56-65B9-490B-8096-037ADD9819AB"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:micros_relate_crm_software:11.4:*:*:*:*:*:*:*","matchCriteriaId":"EE3A1A04-5AAE-40D9-842A-8B46211C5D95"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:micros_retail_xbri_loss_prevention:10.0.1:*:*:*:*:*:*:*","matchCriteriaId":"78933DD0-F774-4E60-BC66-D5A57919717A"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:micros_retail_xbri_loss_prevention:10.5.0:*:*:*:*:*:*:*","matchCriteriaId":"8ECA7A7E-8177-4FD4-B9B9-F4B1B6F43F98"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:micros_retail_xbri_loss_prevention:10.6.0:*:*:*:*:*:*:*","matchCriteriaId":"73C9A2AD-F384-44D5-AB33-86B7250760A5"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:micros_retail_xbri_loss_prevention:10.7.7:*:*:*:*:*:*:*","matchCriteriaId":"CD8F1BF2-C047-4296-815B-B21A2A673DFF"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:micros_retail_xbri_loss_prevention:10.8.0:*:*:*:*:*:*:*","matchCriteriaId":"FA3F5761-E2A0-4F67-BAE1-503877676BF3"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:micros_retail_xbri_loss_prevention:10.8.1:*:*:*:*:*:*:*","matchCriteriaId":"C1E3C86B-4483-430A-856D-7EAB7D388D2E"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:mysql_enterprise_monitor:*:*:*:*:*:*:*:*","versionEndIncluding":"3.2.8.2223","matchCriteriaId":"CC2D40A0-F2F0-476C-959E-39CA64B430ED"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:mysql_enterprise_monitor:*:*:*:*:*:*:*:*","versionStartIncluding":"3.3.0","versionEndIncluding":"3.3.4.3247","matchCriteriaId":"C992CCD1-54C9-4BC2-876F-7A5D76571DEA"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:mysql_enterprise_monitor:*:*:*:*:*:*:*:*","versionStartIncluding":"3.4.0","versionEndIncluding":"3.4.2.4181","matchCriteriaId":"BEBB610E-4FE2-41C2-B3A3-D67077A60F82"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:retail_convenience_and_fuel_pos_software:2.1.132:*:*:*:*:*:*:*","matchCriteriaId":"DA5B8931-D3B4-46A9-B1A0-9A6BBA365FC8"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:transportation_management:6.3.0:*:*:*:*:*:*:*","matchCriteriaId":"231DDD84-5AF3-4F0D-81D8-DA0F942E78F1"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:transportation_management:6.3.1:*:*:*:*:*:*:*","matchCriteriaId":"E7A714FB-050A-4040-BC57-C22FA4DD58D2"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:transportation_management:6.3.2:*:*:*:*:*:*:*","matchCriteriaId":"A775321B-6DFB-4770-8F6D-D34D655438AF"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:transportation_management:6.3.3:*:*:*:*:*:*:*","matchCriteriaId":"835BB7D9-633C-4CB3-8E8F-CA6FD62E587A"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:transportation_management:6.3.4:*:*:*:*:*:*:*","matchCriteriaId":"48FE41BA-1E3C-4626-930F-3F8FEE124A78"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:transportation_management:6.3.5:*:*:*:*:*:*:*","matchCriteriaId":"40F284EF-05CF-4CF5-B7CA-F58AE01DA3B6"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:transportation_management:6.3.6:*:*:*:*:*:*:*","matchCriteriaId":"C09892E8-D580-488A-A80E-B358D682A25A"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:transportation_management:6.3.7:*:*:*:*:*:*:*","matchCriteriaId":"A58642E0-CA59-4DE6-A83C-F551FC621C32"}]}]}],"references":[{"url":"http://rhn.redhat.com/errata/RHSA-2017-0457.html","source":"security@apache.org","tags":["Third Party Advisory"]},{"url":"http://seclists.org/oss-sec/2016/q4/502","source":"security@apache.org","tags":["Mailing List","Mitigation","Third Party Advisory"]},{"url":"http://svn.apache.org/viewvc?view=revision&revision=1767644","source":"security@apache.org","tags":["Broken Link","Patch"]},{"url":"http://svn.apache.org/viewvc?view=revision&revision=1767656","source":"security@apache.org","tags":["Broken Link","Patch"]},{"url":"http://svn.apache.org/viewvc?view=revision&revision=1767676","source":"security@apache.org","tags":["Broken Link","Patch"]},{"url":"http://svn.apache.org/viewvc?view=revision&revision=1767684","source":"security@apache.org","tags":["Broken Link","Patch"]},{"url":"http://tomcat.apache.org/security-6.html","source":"security@apache.org","tags":["Release Notes","Vendor Advisory"]},{"url":"http://tomcat.apache.org/security-7.html","source":"security@apache.org","tags":["Release Notes","Vendor Advisory"]},{"url":"http://tomcat.apache.org/security-8.html","source":"security@apache.org","tags":["Release Notes","Vendor Advisory"]},{"url":"http://tomcat.apache.org/security-9.html","source":"security@apache.org","tags":["Release Notes","Vendor Advisory"]},{"url":"http://www.debian.org/security/2016/dsa-3738","source":"security@apache.org","tags":["Mailing List","Third Party Advisory"]},{"url":"http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html","source":"security@apache.org","tags":["Patch","Third Party Advisory"]},{"url":"http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html","source":"security@apache.org","tags":["Patch","Third Party Advisory"]},{"url":"http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html","source":"security@apache.org","tags":["Patch","Third Party Advisory"]},{"url":"http://www.securityfocus.com/bid/94463","source":"security@apache.org","tags":["Broken Link","Third Party Advisory","VDB Entry"]},{"url":"http://www.securitytracker.com/id/1037331","source":"security@apache.org","tags":["Broken Link","Third Party Advisory","VDB Entry"]},{"url":"https://access.redhat.com/errata/RHSA-2017:0455","source":"security@apache.org","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2017:0456","source":"security@apache.org","tags":["Third Party Advisory"]},{"url":"https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551%40%3Cdev.tomcat.apache.org%3E","source":"security@apache.org","tags":["Mailing List","Patch"]},{"url":"https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113%40%3Cdev.tomcat.apache.org%3E","source":"security@apache.org","tags":["Mailing List","Patch"]},{"url":"https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708%40%3Cdev.tomcat.apache.org%3E","source":"security@apache.org","tags":["Mailing List","Patch"]},{"url":"https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b%40%3Cdev.tomcat.apache.org%3E","source":"security@apache.org","tags":["Mailing List","Patch"]},{"url":"https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7%40%3Cdev.tomcat.apache.org%3E","source":"security@apache.org","tags":["Mailing List","Patch"]},{"url":"https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3%40%3Cdev.tomcat.apache.org%3E","source":"security@apache.org","tags":["Mailing List","Patch"]},{"url":"https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424%40%3Cdev.tomcat.apache.org%3E","source":"security@apache.org","tags":["Mailing List","Patch"]},{"url":"https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a%40%3Cdev.tomcat.apache.org%3E","source":"security@apache.org","tags":["Mailing List","Patch"]},{"url":"https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc%40%3Cdev.tomcat.apache.org%3E","source":"security@apache.org","tags":["Mailing List","Patch"]},{"url":"https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95%40%3Cdev.tomcat.apache.org%3E","source":"security@apache.org","tags":["Mailing List","Patch"]},{"url":"https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb%40%3Cdev.tomcat.apache.org%3E","source":"security@apache.org","tags":["Mailing List","Patch"]},{"url":"https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c%40%3Cdev.tomcat.apache.org%3E","source":"security@apache.org","tags":["Mailing List","Patch"]},{"url":"https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b%40%3Cdev.tomcat.apache.org%3E","source":"security@apache.org","tags":["Mailing List","Patch"]},{"url":"https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E","source":"security@apache.org","tags":["Mailing List","Patch"]},{"url":"https://security.netapp.com/advisory/ntap-20180607-0001/","source":"security@apache.org","tags":["Third Party Advisory"]},{"url":"https://usn.ubuntu.com/4557-1/","source":"security@apache.org","tags":["Third Party Advisory"]},{"url":"https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html","source":"security@apache.org","tags":["Patch","Third Party Advisory"]},{"url":"https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html","source":"security@apache.org","tags":["Patch","Third Party Advisory"]},{"url":"http://rhn.redhat.com/errata/RHSA-2017-0457.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"http://seclists.org/oss-sec/2016/q4/502","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Mitigation","Third Party Advisory"]},{"url":"http://svn.apache.org/viewvc?view=revision&revision=1767644","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link","Patch"]},{"url":"http://svn.apache.org/viewvc?view=revision&revision=1767656","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link","Patch"]},{"url":"http://svn.apache.org/viewvc?view=revision&revision=1767676","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link","Patch"]},{"url":"http://svn.apache.org/viewvc?view=revision&revision=1767684","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link","Patch"]},{"url":"http://tomcat.apache.org/security-6.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Release Notes","Vendor Advisory"]},{"url":"http://tomcat.apache.org/security-7.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Release Notes","Vendor Advisory"]},{"url":"http://tomcat.apache.org/security-8.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Release Notes","Vendor Advisory"]},{"url":"http://tomcat.apache.org/security-9.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Release Notes","Vendor Advisory"]},{"url":"http://www.debian.org/security/2016/dsa-3738","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]},{"url":"http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Third Party Advisory"]},{"url":"http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Third Party Advisory"]},{"url":"http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Third Party Advisory"]},{"url":"http://www.securityfocus.com/bid/94463","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link","Third Party Advisory","VDB Entry"]},{"url":"http://www.securitytracker.com/id/1037331","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link","Third Party Advisory","VDB Entry"]},{"url":"https://access.redhat.com/errata/RHSA-2017:0455","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2017:0456","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551%40%3Cdev.tomcat.apache.org%3E","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Patch"]},{"url":"https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113%40%3Cdev.tomcat.apache.org%3E","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Patch"]},{"url":"https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708%40%3Cdev.tomcat.apache.org%3E","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Patch"]},{"url":"https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b%40%3Cdev.tomcat.apache.org%3E","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Patch"]},{"url":"https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7%40%3Cdev.tomcat.apache.org%3E","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Patch"]},{"url":"https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3%40%3Cdev.tomcat.apache.org%3E","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Patch"]},{"url":"https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424%40%3Cdev.tomcat.apache.org%3E","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Patch"]},{"url":"https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a%40%3Cdev.tomcat.apache.org%3E","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Patch"]},{"url":"https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc%40%3Cdev.tomcat.apache.org%3E","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Patch"]},{"url":"https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95%40%3Cdev.tomcat.apache.org%3E","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Patch"]},{"url":"https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb%40%3Cdev.tomcat.apache.org%3E","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Patch"]},{"url":"https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c%40%3Cdev.tomcat.apache.org%3E","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Patch"]},{"url":"https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b%40%3Cdev.tomcat.apache.org%3E","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Patch"]},{"url":"https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Patch"]},{"url":"https://security.netapp.com/advisory/ntap-20180607-0001/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://usn.ubuntu.com/4557-1/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Third Party Advisory"]},{"url":"https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Third Party Advisory"]},{"url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2016-8735","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["US Government Resource"]}]}}]}