Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Version 1 Next »

The security breach is in the Apache JServ Protocol (AJP). This breach allows an intruder, to read files and code in the webapps folder. In some cases, the breach allows to upload executable code.

Affected Versions

Apache Tomcat version 6.x (all versions)

Apache Tomcat version 7.x (before version 7.0.100)

Apache Tomcat version 8.x (before version 8.5.51)

Apache Tomcat version 9.x (before version 9.0.31)

How can I fix it?

You can fix the breach by installing the versions Apache Tomcat version 7.0.100 , 8.5.51 or 9.0.31.

  • No labels