Vulnerabilities > Apache > Tomcat Native > High

DATE CVE VULNERABILITY TITLE RISK
2018-07-31 CVE-2018-8020 Improper Certificate Validation vulnerability in multiple products
Apache Tomcat Native 1.2.0 to 1.2.16 and 1.1.23 to 1.1.34 has a flaw that does not properly check OCSP pre-produced responses, which are lists (multiple entries) of certificate statuses.
network
high complexity
debian apache CWE-295
7.4
7.4
2018-07-31 CVE-2018-8019 Improper Certificate Validation vulnerability in multiple products
When using an OCSP responder Apache Tomcat Native 1.2.0 to 1.2.16 and 1.1.23 to 1.1.34 did not correctly handle invalid responses.
network
high complexity
debian apache CWE-295
7.4
7.4