Common Vulnerabilities & Exposures (CVE) Survival Guide

In 2 years Tomitribe support has patched over 80 CVEs on Apache Tomcat, TomEE & ActiveMQ.

Our teams work together to make surviving the frequency of CVEs possible.

CVEs are not black and white. Knowledge of both the app and server is required to truly determine risk and appropriate reaction.

POWERED BY

Sonatype Nexus Lifecycle

Sonatype & Tomitribe: Working Together

Read our Case Study

Vulnerability Playbook

Scan

365 days a year we automatically scan your exact versions of Tomcat, TomEE or ActiveMQ.

Discover & Notify

Vulnerabilities receive immediate attention from our support team & support tickets are created on your behalf in our portal.

Assess & React

We work collaboratively to help determine if your application is affected & backed by our support team, you react appropriately & own risk confidently

Patch & Rollout

The Tomitribe Support team immediately begins work on a patch for your version, new binaries are posted to your open ticket, & can be rolled out immediately.

Keeping up to date?

Check if you are using an affected version of Apache Tomcat or Apache TomEE & get a patch.

CVEs

Severity

CVE-2020-1938 - AJP / Ghostcat

HIGH 9.8

Versions Affected

CVE-2020-1935 - HTTP Request Smuggling - incorrect header parsing

MEDIUM 4.8

Versions Affected

CVE-2019-17569 - HTTP Request Smuggling - incorrect transfer-encoding handling

MEDIUM 4.8

Versions Affected

CVE-2019-17563 - Session Fixation

HIGH 7.5

Versions Affected

CVE-2019-12418 - JMX Remote Lifecycle Listener

HIGH 7.5

Versions Affected

Common Vulnerabilities & Exposures (CVE) Survival Guide

In 2 years Tomitribe support has patched over 80 CVEs on Apache Tomcat, TomEE & ActiveMQ.

Our teams work together to make surviving the frequency of CVEs possible.

CVEs are not black and white. Knowledge of both the app and server is required to truly determine risk and appropriate reaction.

POWERED BY

Sonatype Nexus Lifecycle

Sonatype & Tomitribe: Working Together

Read our Case Study

Vulnerability Playbook

Scan

Discover & Notify

Assess & React

Patch & Rollout

Keeping up to date?

Scanned for Vulnerabilities lately?

Contact us & see how we can help.

First name ^*
Last name ^*
Email ^*
Company ^*
How did you hear about Tomitribe? ^*
Tell us more ^*

^* These fields are required.

Tomitribe

Services

Tribestream

Common Vulnerabilities & Exposures (CVE) Survival Guide

In 2 years Tomitribe support has patched over 80 CVEs on Apache Tomcat, TomEE & ActiveMQ.

Our teams work together to make surviving the frequency of CVEs possible.

CVEs are not black and white. Knowledge of both the app and server is required to truly determine risk and appropriate reaction.

POWERED BY

Sonatype Nexus Lifecycle

Sonatype & Tomitribe: Working Together

Read our Case Study

Vulnerability Playbook

Scan

Discover & Notify

Assess & React

Patch & Rollout

Keeping up to date?

Scanned for Vulnerabilities lately?

Contact us & see how we can help.

First name * Last name * Email * Company * How did you hear about Tomitribe? * BlogsConference/Event TalkColleague ReferralSocial MediaSearch EngineOpen Source (please be specific)Other (please be specific) Tell us more * * These fields are required.

Tomitribe

Services

Tribestream

First name ^*
Last name ^*
Email ^*
Company ^*
How did you hear about Tomitribe? ^*
Tell us more ^*

^* These fields are required.