Amazon Linux 2 : tomcat (ALAS-2023-2020)

Language:

Version 1.4 Dec 12, 2024, 9:55 AM CVSS metrics ("Cvssv4 score" set to 0.0) CVSSv2 severity (based on None, severity decreased from "High" to "Low") Detection (updated detection logic) Plugin metadata Plugin Feed: 202412120955
Version 1.3 Sep 16, 2023, 12:10 AM CVE (set "CVE" coverage to "CVE-2017-12616,CVE-2023-28708") Plugin metadata Plugin Feed: 202309160010
Version 1.2 May 25, 2023, 5:09 PM IAVM reference Plugin Feed: 202305251709
Version 1.1 May 17, 2023, 12:01 PM CVE (set "CVE" coverage to "CVE-2017-12616") CVSS metrics ("CVSSv3 score" changed from 4.3 to 7.5. "CVSSv3 vector" changed from "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" to "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N") CVSS temporal metrics ("CVSSv2 temporal vector" set to "CVSS2#E:F/RL:OF/RC:C". "CVSSv3 temporal vector" set to "CVSS:3.0/E:F/RL:O/RC:C") CVSSv2 score source (changed from "CVE-2023-28708" to "CVE-2017-12616") CVSSv3 score source (set to "CVE-2017-12616") CVSSv3 severity (based on CVE-2017-12616, severity increased from "Medium" to "High") Exploit attributes ("Exploit available" set to "True". "Exploit framework d2 elliot" set to "True". "Exploitability ease" changed from "No known exploits are available" to "Exploits are available") Plugin metadata Plugin Feed: 202305171201
Version 1.0 May 3, 2023, 2:04 AM New Plugin Feed: 202305030204

* Changelogs are generally available for changes made after Nov 1, 2022