Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

CVE ID:CVE-2016-6797
Description:The ResourceLinkFactory implementation in Apache Tomcat 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 and 6.0.0 to 6.0.45 did not limit web application access to global JNDI resources to those resources explicitly linked to the web application. Therefore, it was possible for a web application to access any global JNDI resource whether an explicit ResourceLink had been configured or not.
Test IDs: None available
Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2016-6797
BugTraq ID: 93940
Debian Security Information: DSA-3720 (Google Search)
RedHat Security Advisories: RHSA-2017:0455
RedHat Security Advisories: RHSA-2017:0456
RedHat Security Advisories: RHSA-2017:0457
RedHat Security Advisories: RHSA-2017:2247

© 1998-2021 E-Soft Inc. All rights reserved.