CVE-2016-1240
tomcat8 - security update
EPSS 22.2%
How to fix CVE-2016-1240
To remediate CVE-2016-1240, upgrade the affected package to a fixed version below.
- Debian/tomcat6—upgrade to 6.0.45+dfsg-1~deb7u2 or later
- Debian/tomcat7—upgrade to 7.0.28-4+deb7u6 or later
- Debian/tomcat7—upgrade to 7.0.56-3+deb8u4 or later
- Debian/tomcat8—upgrade to 8.0.14-1+deb8u3 or later
Is CVE-2016-1240 being exploited?
Moderate — EPSS is 22.2%. Track this CVE but it's not at the top of the prioritisation list.
Affected packages (4)
- from 0, < 6.0.45+dfsg-1~deb7u2
- from 0, < 7.0.28-4+deb7u6
- from 0, < 7.0.56-3+deb8u4
- from 0, < 8.0.14-1+deb8u3