CVEs-PoC/2018/CVE-2018-8034.md at 32a1806d562cf6da8b70706d96ce8fff29b3bbdb

CalvinBackup/CVEs-PoC

Fork 0

mirror of https://github.com/0xMarcio/cve.git synced 2026-05-27 14:32:30 +02:00

Files

T

0xMarcio ba290685fe Update CVE sources 2024-06-09 00:33

2024-06-09 00:33:16 +00:00

Description

The host name verification when using TLS with the WebSocket client was missing. It is now enabled by default. Versions Affected: Apache Tomcat 9.0.0.M1 to 9.0.9, 8.5.0 to 8.5.31, 8.0.0.RC1 to 8.0.52, and 7.0.35 to 7.0.88.

POC

Reference

http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
https://www.oracle.com/security-alerts/cpuapr2020.html
https://www.oracle.com/security-alerts/cpuapr2020.html
https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html

Github

https://github.com/ilmari666/cybsec
https://github.com/tomoyamachi/gocarts
https://github.com/vshaliii/Basic-Pentesting-2-Vulnhub-Walkthrough
https://github.com/yixiangding/YixiangDing-ShuangHu

1.2 KiB Raw Blame History

CVE-2018-8034

Description

POC

Reference

Github

1.2 KiB

Raw Blame History