tomcat · threatengine.sh

CVE-2026-43515

>= 7.0.0 and <= 7.0.109

Improper Authorization vulnerability when multiple method constraints define an HTTP method for the same extension in Apache Tomca

9.1CRITICAL

CVE-2026-43514

>= 7.0.0 and <= 7.0.109

Observable Timing Discrepancy vulnerability when comparing AJP secret in Apache Tomcat. This issue affects Apache Tomcat: from 1

3.7LOW

CVE-2026-43513

>= 7.0.0 and <= 7.0.109

Improper Handling of Case Sensitivity vulnerability in LockOutRealm in Apache Tomcat. This issue affects Apache Tomcat: from 11.0

7.5HIGH

CVE-2026-43512

>= 7.0.0 and <= 7.0.109

DEPRECATED: Authentication Bypass Issues vulnerability in digest authentication in Apache Tomcat. This issue affects Apache Tomca

9.8CRITICAL

CVE-2026-42498

>= 7.0.0 and <= 7.0.109

Exposure of HTTP Authentication Header to unexpected hosts during WebSocket authentication vulnerability in Apache Tomcat. This i

7.3HIGH

CVE-2026-41293

>= 8.5.0 and <= 8.5.100

Improper Input Validation vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.21, from

9.8CRITICAL

CVE-2026-41284

>= 4.0.0 and <= 7.0.109

Allocation of Resources Without Limits or Throttling vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.

7.5HIGH

CVE-2026-34500

>= 9.0.92 and < 9.0.117

CLIENT_CERT authentication does not fail as expected for some scenarios when soft fail is disabled and FFM is used in Apache Tomca

6.5MEDIUM

CVE-2026-34487

>= 9.0.13 and < 9.0.117

Insertion of Sensitive Information into Log File vulnerability in the cloud membership for clustering component of Apache Tomcat e

7.5HIGH

CVE-2026-34486

all versions

Missing Encryption of Sensitive Data vulnerability in Apache Tomcat due to the fix for CVE-2026-29146 allowing the bypass of the

7.5HIGH

CVE-2026-34483

>= 9.0.40 and < 9.0.117

Improper Encoding or Escaping of Output vulnerability in the JsonAccessLogValve component of Apache Tomcat. This issue affects Ap

7.5HIGH

CVE-2026-32990

>= 9.0.113 and < 9.0.116

Improper Input Validation vulnerability in Apache Tomcat due to an incomplete fix of CVE-2025-66614. This issue affects Apache To

5.3MEDIUM

CVE-2026-29146

>= 7.0.100 and <= 7.0.109

Padding Oracle vulnerability in Apache Tomcat's EncryptInterceptor with default configuration. This issue affects Apache Tomcat:

7.5HIGH

CVE-2026-29145

>= 9.0.83 and < 9.0.116

CLIENT_CERT authentication does not fail as expected for some scenarios when soft fail is disabled vulnerability in Apache Tomcat,

9.1CRITICAL

CVE-2026-29129

>= 9.0.114 and < 9.0.116

Configured cipher preference order not preserved vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.16 t

7.5HIGH

CVE-2026-25854

>= 9.0.1 and < 9.0.116

Occasional URL redirection to untrusted Site ('Open Redirect') vulnerability in Apache Tomcat via the LoadBalancerDrainingValve.

6.1MEDIUM

CVE-2026-24880

>= 9.0.0 and < 9.0.116

Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') vulnerability in Apache Tomcat via invalid chunk

7.5HIGH

CVE-2026-24734

>= 9.0.83 and < 9.0.115

Improper Input Validation vulnerability in Apache Tomcat Native, Apache Tomcat. When using an OCSP responder, Tomcat Native (and

7.5HIGH

CVE-2026-24733

>= 9.0.1 and < 9.0.113

Improper Input Validation vulnerability in Apache Tomcat. Tomcat did not limit HTTP/0.9 requests to the GET method. If a securit

3.7LOW

CVE-2025-66614

>= 9.0.1 and < 9.0.113

Improper Input Validation vulnerability. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.14, from 10.1.0-M1 through

9.1CRITICAL

CVE-2025-61795

>= 8.5.0 and <= 8.5.100

Improper Resource Shutdown or Release vulnerability in Apache Tomcat. If an error occurred (including exceeding limits) during th

5.3MEDIUM

CVE-2025-55754

>= 8.5.60 and <= 8.5.100

Improper Neutralization of Escape, Meta, or Control Sequences vulnerability in Apache Tomcat. Tomcat did not escape ANSI escape s

9.6CRITICAL

CVE-2025-55752

>= 8.5.6 and <= 8.5.100

Relative Path Traversal vulnerability in Apache Tomcat. The fix for bug 60013 introduced a regression where the rewritten U

7.5HIGH

CVE-2025-55668

>= 9.0.1 and < 9.0.106

Session Fixation vulnerability in Apache Tomcat via rewrite valve. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.

6.5MEDIUM

CVE-2025-48989

>= 9.0.1 and < 9.0.108

Improper Resource Shutdown or Release vulnerability in Apache Tomcat made Tomcat vulnerable to the made you reset attack. This is

7.5HIGH

CVE-2025-53506

>= 9.0.0 and <= 9.0.106

Uncontrolled Resource Consumption vulnerability in Apache Tomcat if an HTTP/2 client did not acknowledge the initial settings fram

7.5HIGH

CVE-2025-52520

>= 9.0.0 and < 9.0.107

For some unlikely configurations of multipart upload, an Integer Overflow vulnerability in Apache Tomcat could lead to a DoS via b

7.5HIGH

CVE-2025-52434

>= 9.0.0 and < 9.0.107

Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') vulnerability in Apache Tomcat when us

7.5HIGH

CVE-2025-49125

>= 9.0.0 and < 9.0.106

Authentication Bypass Using an Alternate Path or Channel vulnerability in Apache Tomcat. When using PreResources or PostResource

7.5HIGH

CVE-2025-49124

>= 9.0.23 and < 9.0.106

Untrusted Search Path vulnerability in Apache Tomcat installer for Windows. During installation, the Tomcat installer for Windows

8.4HIGH

CVE-2025-48988

>= 9.0.0 and < 9.0.106

Allocation of Resources Without Limits or Throttling vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.

7.5HIGH

CVE-2025-46701

>= 9.0.0 and < 9.0.105

Improper Handling of Case Sensitivity vulnerability in Apache Tomcat's GCI servlet allows security constraint bypass of security c

7.3HIGH

CVE-2025-31651

>= 9.0.0 and < 9.0.104

Improper Neutralization of Escape, Meta, or Control Sequences vulnerability in Apache Tomcat. For a subset of unlikely rewrite ru

9.8CRITICAL

CVE-2025-31650

>= 9.0.76 and < 9.0.104

Improper Input Validation vulnerability in Apache Tomcat. Incorrect error handling for some invalid HTTP priority headers resulted

7.5HIGH

CVE-2025-24813

< 9.0.99

Path Equivalence: 'file.Name' (Internal Dot) leading to Remote Code Execution and/or Information disclosure and/or malicious con

9.8CRITICAL

CVE-2024-56337

>= 9.0.0 and < 9.0.98

Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M

9.8CRITICAL

CVE-2024-54677

>= 9.0.0 and < 9.0.98

Uncontrolled Resource Consumption vulnerability in the examples web application provided with Apache Tomcat leads to denial of ser

5.3MEDIUM

CVE-2024-50379

>= 9.0.0 and < 9.0.98

Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability during JSP compilation in Apache Tomcat permits an RCE on case ins

9.8CRITICAL

CVE-2024-52318

all versions

Incorrect object recycling and reuse vulnerability in Apache Tomcat. This issue affects Apache Tomcat: 11.0.0, 10.1.31, 9.0.96.

6.1MEDIUM

CVE-2024-52317

>= 9.0.92 and < 9.0.96

Incorrect object re-cycling and re-use vulnerability in Apache Tomcat. Incorrect recycling of the request and response used by HT

6.5MEDIUM

CVE-2024-52316

>= 9.0.0 and < 9.0.96

Unchecked Error Condition vulnerability in Apache Tomcat. If Tomcat is configured to use a custom Jakarta Authentication (formerly

9.8CRITICAL

CVE-2024-38286

>= 9.0.13 and < 9.0.90

Allocation of Resources Without Limits or Throttling vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.

8.6HIGH

CVE-2024-34750

>= 9.0.0 and < 9.0.90

Improper Handling of Exceptional Conditions, Uncontrolled Resource Consumption vulnerability in Apache Tomcat. When processing an

7.5HIGH

CVE-2024-24549

>= 8.5.0 and < 8.5.99

Denial of Service due to improper input validation vulnerability for HTTP/2 requests in Apache Tomcat. When processing an HTTP/2 r

7.5HIGH

CVE-2024-23672

>= 8.5.0 and < 8.5.99

Denial of Service via incomplete cleanup vulnerability in Apache Tomcat. It was possible for WebSocket clients to keep WebSocket c

6.3MEDIUM

CVE-2024-21733

>= 8.5.7 and < 8.5.64

Generation of Error Message Containing Sensitive Information vulnerability in Apache Tomcat.This issue affects Apache Tomcat: from

5.3MEDIUM

CVE-2023-46589

>= 8.5.0 and < 8.5.96

Improper Input Validation vulnerability in Apache Tomcat.Tomcat from 11.0.0-M1 through 11.0.0-M10, from 10.1.0-M1 through 10.1.15,

7.5HIGH

CVE-2023-45648

>= 8.5.0 and < 8.5.94

Improper Input Validation vulnerability in Apache Tomcat.Tomcat from 11.0.0-M1 through 11.0.0-M11, from 10.1.0-M1 through 10.1.13

5.3MEDIUM

CVE-2023-42795

>= 8.5.0 and < 8.5.94

Incomplete Cleanup vulnerability in Apache Tomcat.When recycling various internal objects in Apache Tomcat from 11.0.0-M1 through

5.3MEDIUM

CVE-2023-42794

>= 8.5.85 and < 8.5.94

Incomplete Cleanup vulnerability in Apache Tomcat. The internal fork of Commons FileUpload packaged with Apache Tomcat 9.0.70 thr

5.9MEDIUM

CVE-2023-44487

>= 8.5.0 and <= 8.5.93

The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams q

7.5HIGH

CVE-2023-41080

>= 8.5.0 and <= 8.5.92

URL Redirection to Untrusted Site ('Open Redirect') vulnerability in FORM authentication feature Apache Tomcat.This issue affects

6.1MEDIUM

CVE-2023-34981

all versions

A regression in the fix for bug 66512 in Apache Tomcat 11.0.0-M5, 10.1.8, 9.0.74 and 8.5.88 meant that, if a response did not incl

7.5HIGH

CVE-2023-28709

>= 8.5.85 and <= 8.5.87

The fix for CVE-2023-24998 was incomplete for Apache Tomcat 11.0.0-M2 to 11.0.0-M4, 10.1.5 to 10.1.7, 9.0.71 to 9.0.73 and 8.5.85

7.5HIGH

CVE-2023-28708

>= 8.5.0 and < 8.5.86

When using the RemoteIpFilter with requests received from a reverse proxy via HTTP that include the X-Forwarded-Proto header

4.3MEDIUM

CVE-2022-45143

>= 9.0.40 and < 9.0.69

The JsonErrorReportValve in Apache Tomcat 8.5.83, 9.0.40 to 9.0.68 and 10.1.0-M1 to 10.1.1 did not escape the type, message or des

7.5HIGH

CVE-2022-42252

>= 8.5.0 and < 8.5.83

If Apache Tomcat 8.5.0 to 8.5.82, 9.0.0-M1 to 9.0.67, 10.0.0-M1 to 10.0.26 or 10.1.0-M1 to 10.1.0 was configured to ignore invalid

7.5HIGH

CVE-2021-43980

>= 8.5.0 and <= 8.5.77

The simplified implementation of blocking reads and writes introduced in Tomcat 10 and back-ported to Tomcat 9.0.47 onwards expose

3.7LOW

CVE-2022-34305

>= 8.5.50 and <= 8.5.81

In Apache Tomcat 10.1.0-M1 to 10.1.0-M16, 10.0.0-M1 to 10.0.22, 9.0.30 to 9.0.64 and 8.5.50 to 8.5.81 the Form authentication exam

6.1MEDIUM

CVE-2022-25762

>= 8.5.0 and < 8.5.76

If a web application sends a WebSocket message concurrently with the WebSocket connection closing when running on Apache Tomcat 8.

8.6HIGH

CVE-2022-29885

>= 8.5.38 and <= 8.5.78

The documentation of Apache Tomcat 10.1.0-M1 to 10.1.0-M14, 10.0.0-M1 to 10.0.20, 9.0.13 to 9.0.62 and 8.5.38 to 8.5.78 for the En

7.5HIGH

CVE-2022-23181

>= 8.5.55 and <= 8.5.73

The fix for bug CVE-2020-9484 introduced a time of check, time of use vulnerability into Apache Tomcat 10.1.0-M1 to 10.1.0-M8, 10.

7.0HIGH

CVE-2021-42340

>= 8.5.60 and < 8.5.72

The fix for bug 63362 present in Apache Tomcat 10.1.0-M1 to 10.1.0-M5, 10.0.0-M1 to 10.0.11, 9.0.40 to 9.0.53 and 8.5.60 to 8.5.71

7.5HIGH

CVE-2021-41079

>= 8.5.0 and < 8.5.64

Apache Tomcat 8.5.0 to 8.5.63, 9.0.0-M1 to 9.0.43 and 10.0.0-M1 to 10.0.2 did not properly validate incoming TLS packets. When Tom

7.5HIGH

CVE-2021-33037

>= 8.5.0 and <= 8.5.66

Apache Tomcat 10.0.0-M1 to 10.0.6, 9.0.0.M1 to 9.0.46 and 8.5.0 to 8.5.66 did not correctly parse the HTTP transfer-encoding reque

5.3MEDIUM

CVE-2021-30640

>= 7.0.0 and < 7.0.109

A vulnerability in the JNDI Realm of Apache Tomcat allows an attacker to authenticate using variations of a valid user name and/or

6.5MEDIUM

CVE-2021-30639

all versions

A vulnerability in Apache Tomcat allows an attacker to remotely trigger a denial of service. An error introduced as part of a chan

7.5HIGH

CVE-2021-25329

>= 7.0.0 and <= 7.0.107

The fix for CVE-2020-9484 was incomplete. When using Apache Tomcat 10.0.0-M1 to 10.0.0, 9.0.0.M1 to 9.0.41, 8.5.0 to 8.5.61 or 7.0

7.0HIGH

CVE-2021-25122

>= 8.5.0 and <= 8.5.61

When responding to new h2c connection requests, Apache Tomcat versions 10.0.0-M1 to 10.0.0, 9.0.0.M1 to 9.0.41 and 8.5.0 to 8.5.61

7.5HIGH

CVE-2021-24122

>= 7.0.0 and <= 7.0.106

When serving resources from a network location using the NTFS file system, Apache Tomcat versions 10.0.0-M1 to 10.0.0-M9, 9.0.0.M1

5.9MEDIUM

CVE-2020-17527

>= 8.5.1 and <= 8.5.59

While investigating bug 64830 it was discovered that Apache Tomcat 10.0.0-M1 to 10.0.0-M9, 9.0.0-M1 to 9.0.39 and 8.5.0 to 8.5.59

7.5HIGH

CVE-2020-13943

all versions

If an HTTP/2 client connecting to Apache Tomcat 10.0.0-M1 to 10.0.0-M7, 9.0.0.M1 to 9.0.37 or 8.5.0 to 8.5.57 exceeded the agreed

4.3MEDIUM

CVE-2020-13935

>= 7.0.27 and <= 7.0.104

The payload length in a WebSocket frame was not correctly validated in Apache Tomcat 10.0.0-M1 to 10.0.0-M6, 9.0.0.M1 to 9.0.36, 8

7.5HIGH

CVE-2020-13934

>= 8.5.1 and <= 8.5.56

An h2c direct connection to Apache Tomcat 10.0.0-M1 to 10.0.0-M6, 9.0.0.M5 to 9.0.36 and 8.5.1 to 8.5.56 did not release the HTTP/

7.5HIGH

CVE-2020-8022

< 8.0.53-29.32.1

A Incorrect Default Permissions vulnerability in the packaging of tomcat on SUSE Enterprise Storage 5, SUSE Linux Enterprise Serve

7.7HIGH

CVE-2020-11996

>= 8.5.0 and <= 8.5.55

A specially crafted sequence of HTTP/2 requests sent to Apache Tomcat 10.0.0-M1 to 10.0.0-M5, 9.0.0.M1 to 9.0.35 and 8.5.0 to 8.5.

7.5HIGH

CVE-2020-9484

>= 7.0.0 and < 7.0.108

When using Apache Tomcat versions 10.0.0-M1 to 10.0.0-M4, 9.0.0.M1 to 9.0.34, 8.5.0 to 8.5.54 and 7.0.0 to 7.0.103 if a) an attack

7.0HIGH

CVE-2020-1938

>= 7.0.0 and < 7.0.100

When using the Apache JServ Protocol (AJP), care must be taken when trusting incoming connections to Apache Tomcat. Tomcat treats

9.8CRITICAL

CVE-2020-1935

>= 7.0.0 and <= 7.0.99

In Apache Tomcat 9.0.0.M1 to 9.0.30, 8.5.0 to 8.5.50 and 7.0.0 to 7.0.99 the HTTP header parsing code used an approach to end-of-l

4.8MEDIUM

CVE-2019-17569

>= 7.0.98 and <= 7.0.99

The refactoring present in Apache Tomcat 9.0.28 to 9.0.30, 8.5.48 to 8.5.50 and 7.0.98 to 7.0.99 introduced a regression. The resu

4.8MEDIUM

CVE-2019-12418

>= 7.0.0 and <= 7.0.97

When Apache Tomcat 9.0.0.M1 to 9.0.28, 8.5.0 to 8.5.47, 7.0.0 and 7.0.97 is configured with the JMX Remote Lifecycle Listener, a l

7.0HIGH

CVE-2019-17563

>= 7.0.0 and <= 7.0.98

When using FORM authentication with Apache Tomcat 9.0.0.M1 to 9.0.29, 8.5.0 to 8.5.49 and 7.0.0 to 7.0.98 there was a narrow windo

7.5HIGH

CVE-2019-10072

>= 8.5.0 and <= 8.5.40

The fix for CVE-2019-0199 was incomplete and did not address HTTP/2 connection window exhaustion on write in Apache Tomcat version

7.5HIGH

CVE-2019-0221

>= 7.0.0 and <= 7.0.93

The SSI printenv command in Apache Tomcat 9.0.0.M1 to 9.0.0.17, 8.5.0 to 8.5.39 and 7.0.0 to 7.0.93 echoes user provided data with

6.1MEDIUM

CVE-2019-2684

>= 7.0.0 and <= 7.0.97

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: RMI). Supported versions that are affect

5.9MEDIUM

CVE-2019-0232

>= 7.0.0 and <= 7.0.93

When running on Windows with enableCmdLineArguments enabled, the CGI Servlet in Apache Tomcat 9.0.0.M1 to 9.0.17, 8.5.0 to 8.5.39

8.1HIGH

CVE-2019-0199

>= 8.5.0 and <= 8.5.37

The HTTP/2 implementation in Apache Tomcat 9.0.0.M1 to 9.0.14 and 8.5.0 to 8.5.37 accepted streams with excessive numbers of SETTI

7.5HIGH

CVE-2018-11784

>= 7.0.23 and <= 7.0.90

When the default servlet in Apache Tomcat versions 9.0.0.M1 to 9.0.11, 8.5.0 to 8.5.33 and 7.0.23 to 7.0.90 returned a redirect to

4.3MEDIUM

CVE-2018-8037

>= 8.5.5 and <= 8.5.31

If an async request was completed by the application at the same time as the container triggered the async timeout, a race conditi

5.9MEDIUM

CVE-2018-1336

>= 7.0.28 and <= 7.0.86

An improper handing of overflow in the UTF-8 decoder with supplementary characters can lead to an infinite loop in the decoder cau

7.5HIGH

CVE-2018-8034

>= 7.0.35 and <= 7.0.88

The host name verification when using TLS with the WebSocket client was missing. It is now enabled by default. Versions Affected:

7.5HIGH

CVE-2018-8014

>= 7.0.41 and <= 7.0.88

The defaults settings for the CORS filter provided in Apache Tomcat 9.0.0.M1 to 9.0.8, 8.5.0 to 8.5.31, 8.0.0.RC1 to 8.0.52, 7.0.4

9.8CRITICAL

CVE-2018-1304

>= 7.0.0 and <= 7.0.84

The URL pattern of "" (the empty string) which exactly maps to the context root was not correctly handled in Apache Tomcat 9.0.0.M

5.9MEDIUM

CVE-2018-1305

>= 7.0.0 and <= 7.0.84

Security constraints defined by annotations of Servlets in Apache Tomcat 9.0.0.M1 to 9.0.4, 8.5.0 to 8.5.27, 8.0.0.RC1 to 8.0.49 a

6.5MEDIUM

CVE-2017-15706

>= 7.0.79 and <= 7.0.82

As part of the fix for bug 61201, the documentation for Apache Tomcat 9.0.0.M22 to 9.0.1, 8.5.16 to 8.5.23, 8.0.45 to 8.0.47 and 7

5.3MEDIUM

CVE-2017-12617

>= 7.0.0 and < 7.0.82

When running Apache Tomcat versions 9.0.0.M1 to 9.0.0, 8.5.0 to 8.5.22, 8.0.0.RC1 to 8.0.46 and 7.0.0 to 7.0.81 with HTTP PUTs ena

8.1HIGH

CVE-2017-12616

all versions

When using a VirtualDirContext with Apache Tomcat 7.0.0 to 7.0.80 it was possible to bypass security constraints and/or view the s

7.5HIGH

CVE-2017-12615

>= 7.0.0 and <= 7.0.79

When running Apache Tomcat 7.0.0 to 7.0.79 on Windows with HTTP PUTs enabled (e.g. via setting the readonly initialisation paramet

8.1HIGH

CVE-2017-7675

all versions

The HTTP/2 implementation in Apache Tomcat 9.0.0.M1 to 9.0.0.M21 and 8.5.0 to 8.5.15 bypassed a number of security checks that pre

7.5HIGH

CVE-2017-7674

all versions

The CORS Filter in Apache Tomcat 9.0.0.M1 to 9.0.0.M21, 8.5.0 to 8.5.15, 8.0.0.RC1 to 8.0.44 and 7.0.41 to 7.0.78 did not add an H

4.3MEDIUM

CVE-2016-6796

>= 6.0.0 and <= 6.0.45

A malicious web application running on Apache Tomcat 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 an

7.5HIGH

CVE-2016-8745

all versions

A bug in the error handling of the send file code for the NIO HTTP connector in Apache Tomcat 9.0.0.M1 to 9.0.0.M13, 8.5.0 to 8.5.

7.5HIGH

CVE-2016-6817

all versions

The HTTP/2 header parser in Apache Tomcat 9.0.0.M1 to 9.0.0.M11 and 8.5.0 to 8.5.6 entered an infinite loop if a header was receiv

7.5HIGH

CVE-2016-6797

>= 6.0.0 and <= 6.0.45

The ResourceLinkFactory implementation in Apache Tomcat 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70

7.5HIGH

CVE-2016-6794

>= 6.0.0 and <= 6.0.45

When a SecurityManager is configured, a web application's ability to read system properties should be controlled by the SecurityMa

5.3MEDIUM

CVE-2016-5018

>= 6.0.0 and <= 6.0.45

In Apache Tomcat 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 and 6.0.0 to 6.0.45 a malicious web ap

9.1CRITICAL

CVE-2016-0762

>= 6.0.0 and <= 6.0.45

The Realm implementations in Apache Tomcat versions 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 and

5.9MEDIUM

CVE-2017-5664

all versions

The error page mechanism of the Java Servlet Specification requires that, when an error occurs and an error page is configured for

7.5HIGH

CVE-2017-5651

all versions

In Apache Tomcat 9.0.0.M1 to 9.0.0.M18 and 8.5.0 to 8.5.12, the refactoring of the HTTP connectors introduced a regression in the

9.8CRITICAL

CVE-2017-5650

all versions

In Apache Tomcat 9.0.0.M1 to 9.0.0.M18 and 8.5.0 to 8.5.12, the handling of an HTTP/2 GOAWAY frame for a connection did not close

7.5HIGH

CVE-2017-5648

all versions

While investigating bug 60718, it was noticed that some calls to application listeners in Apache Tomcat 9.0.0.M1 to 9.0.0.M17, 8.5

9.1CRITICAL

CVE-2017-5647

all versions

A bug in the handling of the pipelined requests in Apache Tomcat 9.0.0.M1 to 9.0.0.M18, 8.5.0 to 8.5.12, 8.0.0.RC1 to 8.0.42, 7.0.

7.5HIGH

CVE-2016-8735

< 6.0.48

Remote code execution is possible with Apache Tomcat before 6.0.48, 7.x before 7.0.73, 8.x before 8.0.39, 8.5.x before 8.5.7, and

9.8CRITICAL

CVE-2016-9775

all versions

The postrm script in the tomcat6 package before 6.0.45+dfsg-1~deb7u3 on Debian wheezy, before 6.0.45+dfsg-1~deb8u1 on Debian jessi

7.8HIGH

CVE-2016-9774

all versions

The postinst script in the tomcat6 package before 6.0.45+dfsg-1~deb7u4 on Debian wheezy, before 6.0.35-1ubuntu3.9 on Ubuntu 12.04

7.8HIGH

CVE-2016-6816

all versions

The code in Apache Tomcat 9.0.0.M1 to 9.0.0.M11, 8.5.0 to 8.5.6, 8.0.0.RC1 to 8.0.38, 7.0.0 to 7.0.72, and 6.0.0 to 6.0.47 that pa

7.1HIGH

CVE-2016-8747

>= 8.5.7 and < 8.5.10

An information disclosure issue was discovered in Apache Tomcat 8.5.7 to 8.5.9 and 9.0.0.M11 to 9.0.0.M15 in reverse-proxy configu

7.5HIGH

CVE-2016-6325

all versions

The Tomcat package on Red Hat Enterprise Linux (RHEL) 5 through 7, JBoss Web Server 3.0, and JBoss EWS 2 uses weak permissions for

7.8HIGH

CVE-2016-5425

all versions

The Tomcat package on Red Hat Enterprise Linux (RHEL) 7, Fedora, CentOS, Oracle Linux, and possibly other Linux distributions uses

7.8HIGH

CVE-2016-1240

all versions

The Tomcat init script in the tomcat7 package before 7.0.56-3+deb8u4 and tomcat8 package before 8.0.14-1+deb8u3 on Debian jessie a

7.8HIGH

CVE-2016-5388

>= 6.0 and <= 6.0.45

Apache Tomcat 7.x through 7.0.70 and 8.x through 8.5.4, when the CGI Servlet is enabled, follows RFC 3875 section 4.1.18 and there

8.1HIGH

CVE-2016-3092

all versions

The MultipartStream class in Apache Commons Fileupload before 1.3.2, as used in Apache Tomcat 7.x before 7.0.70, 8.x before 8.0.36

7.5HIGH

CVE-2016-0763

all versions

The setGlobalContext method in org/apache/naming/factory/ResourceLinkFactory.java in Apache Tomcat 7.x before 7.0.68, 8.x before 8

6.3MEDIUM

CVE-2016-0714

all versions

The session-persistence implementation in Apache Tomcat 6.x before 6.0.45, 7.x before 7.0.68, 8.x before 8.0.31, and 9.x before 9.

8.8HIGH

CVE-2016-0706

all versions

Apache Tomcat 6.x before 6.0.45, 7.x before 7.0.68, 8.x before 8.0.31, and 9.x before 9.0.0.M2 does not place org.apache.catalina.

4.3MEDIUM

CVE-2015-5351

all versions

The (1) Manager and (2) Host Manager applications in Apache Tomcat 7.x before 7.0.68, 8.x before 8.0.31, and 9.x before 9.0.0.M2 e

8.8HIGH

CVE-2015-5346

all versions

Session fixation vulnerability in Apache Tomcat 7.x before 7.0.66, 8.x before 8.0.30, and 9.x before 9.0.0.M2, when different sess

8.1HIGH

CVE-2015-5345

all versions

The Mapper component in Apache Tomcat 6.x before 6.0.45, 7.x before 7.0.68, 8.x before 8.0.30, and 9.x before 9.0.0.M2 processes r

5.3MEDIUM

CVE-2015-5174

all versions

Directory traversal vulnerability in RequestUtil.java in Apache Tomcat 6.x before 6.0.45, 7.x before 7.0.65, and 8.x before 8.0.27

4.3MEDIUM

CVE-2014-7810

all versions

The Expression Language (EL) implementation in Apache Tomcat 6.x before 6.0.44, 7.x before 7.0.58, and 8.x before 8.0.16 does not

CVE-2014-0230

all versions

Apache Tomcat 6.x before 6.0.44, 7.x before 7.0.55, and 8.x before 8.0.9 does not properly handle cases where an HTTP response occ

CVE-2014-0227

all versions

java/org/apache/coyote/http11/filters/ChunkedInputFilter.java in Apache Tomcat 6.x before 6.0.42, 7.x before 7.0.55, and 8.x befor

CVE-2013-4444

<= 7.0.39

Unrestricted file upload vulnerability in Apache Tomcat 7.x before 7.0.40, in certain situations involving outdated java.io.File c

CVE-2014-0119

<= 6.0.39

Apache Tomcat before 6.0.40, 7.x before 7.0.54, and 8.x before 8.0.6 does not properly constrain the class loader that accesses th

CVE-2014-0099

<= 6.0.39

Integer overflow in java/org/apache/tomcat/util/buf/Ascii.java in Apache Tomcat before 6.0.40, 7.x before 7.0.53, and 8.x before 8

CVE-2014-0096

<= 6.0.39

java/org/apache/catalina/servlets/DefaultServlet.java in the default servlet in Apache Tomcat before 6.0.40, 7.x before 7.0.53, an

CVE-2014-0095

all versions

java/org/apache/coyote/ajp/AbstractAjpProcessor.java in Apache Tomcat 8.x before 8.0.4 allows remote attackers to cause a denial o

CVE-2014-0075

<= 6.0.39

Integer overflow in the parseChunkHeader function in java/org/apache/coyote/http11/filters/ChunkedInputFilter.java in Apache Tomca

CVE-2014-0050

all versions

MultipartStream.java in Apache Commons FileUpload before 1.3.1, as used in Apache Tomcat, JBoss Web, and other products, allows re

CVE-2014-0033

all versions

org/apache/catalina/connector/CoyoteAdapter.java in Apache Tomcat 6.0.33 through 6.0.37 does not consider the disableURLRewriting

CVE-2013-4590

<= 6.0.37

Apache Tomcat before 6.0.39, 7.x before 7.0.50, and 8.x before 8.0.0-RC10 allows attackers to obtain "Tomcat internals" informatio

CVE-2013-4322

<= 6.0.37

Apache Tomcat before 6.0.39, 7.x before 7.0.50, and 8.x before 8.0.0-RC10 processes chunked transfer coding without properly handl

CVE-2013-4286

<= 6.0.37

Apache Tomcat before 6.0.39, 7.x before 7.0.47, and 8.x before 8.0.0-RC3, when an HTTP connector or AJP connector is used, does no

CVE-2013-0346

all versions

Apache Tomcat 7.x uses world-readable permissions for the log directory and its files, which might allow local users to obtain sen

CVE-2013-2185

<= 7.0.39

The readObject method in the DiskFileItem class in Apache Tomcat and JBoss Web, as used in Red Hat JBoss Enterprise Application Pl

CVE-2013-6357

<= 5.5.25

Cross-site request forgery (CSRF) vulnerability in the Manager application in Apache Tomcat 5.5.25 and earlier allows remote attac

CVE-2013-2071

all versions

java/org/apache/catalina/core/AsyncContextImpl.java in Apache Tomcat 7.x before 7.0.40 does not properly handle the throwing of a

CVE-2013-2067

all versions

java/org/apache/catalina/authenticator/FormAuthenticator.java in the form authentication feature in Apache Tomcat 6.0.21 through 6

CVE-2012-3544

all versions

Apache Tomcat 6.x before 6.0.37 and 7.x before 7.0.30 does not properly handle chunk extensions in chunked transfer coding, which

CVE-2012-4534

all versions

org/apache/tomcat/util/net/NioEndpoint.java in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.28, when the NIO connector is us

CVE-2012-4431

all versions

org/apache/catalina/filters/CsrfPreventionFilter.java in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.32 allows remote attac

CVE-2012-3546

all versions

org/apache/catalina/realm/RealmBase.java in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.30, when FORM authentication is use

CVE-2012-5568

>= 7.0.0 and <= 7.0.105

Apache Tomcat through 7.0.x allows remote attackers to cause a denial of service (daemon outage) via partial HTTP requests, as dem

CVE-2012-5887

>= 5.5.0 and < 5.5.36

The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.36, 6.x before 6.0.36, and 7.x before 7.0.3

CVE-2012-5886

all versions

The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.36, 6.x before 6.0.36, and 7.x before 7.0.3

CVE-2012-5885

all versions

The replay-countermeasure functionality in the HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.

CVE-2012-2733

all versions

java/org/apache/coyote/http11/InternalNioInputBuffer.java in the HTTP NIO connector in Apache Tomcat 6.x before 6.0.36 and 7.x bef

CVE-2012-0022

all versions

Apache Tomcat 5.5.x before 5.5.35, 6.x before 6.0.34, and 7.x before 7.0.23 uses an inefficient approach for handling parameters,

CVE-2011-3375

all versions

Apache Tomcat 6.0.30 through 6.0.33 and 7.x before 7.0.22 does not properly perform certain caching and recycling operations invol

CVE-2011-5064

all versions

DigestAuthenticator.java in the HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.34, 6.x before

CVE-2011-5063

all versions

The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.1

CVE-2011-5062

all versions

The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.1

CVE-2011-1184

all versions

The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.1

CVE-2011-4858

all versions

Apache Tomcat before 5.5.35, 6.x before 6.0.35, and 7.x before 7.0.23 computes hash values for form parameters without restricting

CVE-2011-3376

all versions

org/apache/catalina/core/DefaultInstanceManager.java in Apache Tomcat 7.x before 7.0.22 does not properly restrict ContainerServle

CVE-2011-3190

all versions

Certain AJP protocol connector implementations in Apache Tomcat 7.0.0 through 7.0.20, 6.0.0 through 6.0.33, 5.5.0 through 5.5.33,

CVE-2011-2729

all versions

native/unix/native/jsvc-unix.c in jsvc in the Daemon component 1.0.3 through 1.0.6 in Apache Commons, as used in Apache Tomcat 5.5

CVE-2011-2481

all versions

Apache Tomcat 7.0.x before 7.0.17 permits web applications to replace an XML parser used for other web applications, which allows

CVE-2011-2526

all versions

Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.19, when sendfile is enabled for the HTTP APR or HTTP NIO

CVE-2011-2204

all versions

Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.17, when the MemoryUserDatabase is used, creates log entr

CVE-2011-1582

all versions

Apache Tomcat 7.0.12 and 7.0.13 processes the first request to a servlet without following security constraints that have been con

CVE-2011-1475

all versions

The HTTP BIO connector in Apache Tomcat 7.0.x before 7.0.12 does not properly handle HTTP pipelining, which allows remote attacker

CVE-2011-1183

all versions

Apache Tomcat 7.0.11, when web.xml has no login configuration, does not follow security constraints, which allows remote attackers

CVE-2011-1419

all versions

Apache Tomcat 7.x before 7.0.11, when web.xml has no security constraints, does not follow ServletSecurity annotations, which allo

CVE-2011-1088

all versions

Apache Tomcat 7.x before 7.0.10 does not follow ServletSecurity annotations, which allows remote attackers to bypass intended acce

CVE-2011-0013

all versions

Multiple cross-site scripting (XSS) vulnerabilities in the HTML Manager Interface in Apache Tomcat 5.5 before 5.5.32, 6.0 before 6

CVE-2011-0534

all versions

Apache Tomcat 7.0.0 through 7.0.6 and 6.0.0 through 6.0.30 does not enforce the maxHttpHeaderSize limit for requests involving the

CVE-2010-3718

all versions

Apache Tomcat 7.0.0 through 7.0.3, 6.0.x, and 5.5.x, when running within a SecurityManager, does not make the ServletContext attri

CVE-2010-4312

all versions

The default configuration of Apache Tomcat 6.x does not include the HTTPOnly flag in a Set-Cookie header, which makes it easier fo

CVE-2010-4172

all versions

Multiple cross-site scripting (XSS) vulnerabilities in the Manager application in Apache Tomcat 6.0.12 through 6.0.29 and 7.0.0 th

CVE-2009-2696

<= 4.1.39

Cross-site scripting (XSS) vulnerability in jsp/cal/cal2.jsp in the calendar application in the examples web application in Apache

CVE-2010-2227

all versions

Apache Tomcat 5.5.0 through 5.5.29, 6.0.0 through 6.0.27, and 7.0.0 beta does not properly handle an invalid Transfer-Encoding hea

CVE-2010-1157

all versions

Apache Tomcat 5.5.0 through 5.5.29 and 6.0.0 through 6.0.26 might allow remote attackers to discover the server's hostname or IP a

CVE-2009-2902

all versions

Directory traversal vulnerability in Apache Tomcat 5.5.0 through 5.5.28 and 6.0.0 through 6.0.20 allows remote attackers to delete

CVE-2009-2901

all versions

The autodeployment process in Apache Tomcat 5.5.0 through 5.5.28 and 6.0.0 through 6.0.20, when autoDeploy is enabled, deploys app

CVE-2009-2693

all versions

Directory traversal vulnerability in Apache Tomcat 5.5.0 through 5.5.28 and 6.0.0 through 6.0.20 allows remote attackers to create

CVE-2009-3548

all versions

The Windows installer for Apache Tomcat 6.0.0 through 6.0.20, 5.5.0 through 5.5.28, and possibly earlier versions uses a blank def

CVE-2008-5515

all versions

Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, 6.0.0 through 6.0.18, and possibly earlier versions normalizes the targe

CVE-2009-0783

>= 4.1.0 and <= 4.1.39

Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18 permits web applications to replace an XML pars

4.2MEDIUM

CVE-2009-0580

all versions

Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18, when FORM authentication is used, allows remot

CVE-2009-0033

all versions

Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18, when the Java AJP connector and mod_jk load ba

CVE-2008-5519

all versions

The JK Connector (aka mod_jk) 1.2.0 through 1.2.26 in Apache Tomcat allows remote attackers to obtain sensitive information via an

CVE-2009-0781

all versions

Cross-site scripting (XSS) vulnerability in jsp/cal/cal2.jsp in the calendar application in the examples web application in Apache

CVE-2008-4308

all versions

The doRead method in Apache Tomcat 4.1.32 through 4.1.34 and 5.5.10 through 5.5.20 does not return a -1 to indicate when a certain

CVE-2008-3271

all versions

Apache Tomcat 5.5.0 and 4.1.0 through 4.1.31 allows remote attackers to bypass an IP address restriction and obtain sensitive info

CVE-2008-2938

>= 4.0.0 and <= 4.1.37

Directory traversal vulnerability in Apache Tomcat 4.1.0 through 4.1.37, 5.5.0 through 5.5.26, and 6.0.0 through 6.0.16, when allo

CVE-2008-2370

all versions

Apache Tomcat 4.1.0 through 4.1.37, 5.5.0 through 5.5.26, and 6.0.0 through 6.0.16, when a RequestDispatcher is used, performs pat

CVE-2008-1232

>= 4.1.0 and <= 4.1.37

Cross-site scripting (XSS) vulnerability in Apache Tomcat 4.1.0 through 4.1.37, 5.5.0 through 5.5.26, and 6.0.0 through 6.0.16 all

CVE-2008-1947

all versions

Cross-site scripting (XSS) vulnerability in Apache Tomcat 5.5.9 through 5.5.26 and 6.0.0 through 6.0.16 allows remote attackers to

CVE-2008-0002

all versions

Apache Tomcat 6.0.0 through 6.0.15 processes parameters in the context of the wrong request when an exception occurs during parame

CVE-2007-6286

all versions

Apache Tomcat 5.5.11 through 5.5.25 and 6.0.0 through 6.0.15, when the native APR connector is used, does not properly handle an e

CVE-2007-5333

>= 4.1.0 and <= 4.1.36

Apache Tomcat 6.0.0 through 6.0.14, 5.5.0 through 5.5.25, and 4.1.0 through 4.1.36 does not properly handle (1) double quote (") c

CVE-2008-0128

<= 5.5.20

The SingleSignOn Valve (org.apache.catalina.authenticator.SingleSignOn) in Apache Tomcat before 5.5.21 does not set the secure fla

CVE-2007-5342

all versions

The default catalina.policy in the JULI logging component in Apache Tomcat 5.5.9 through 5.5.25 and 6.0.0 through 6.0.15 does not

CVE-2007-5461

all versions

Absolute path traversal vulnerability in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0, 5.0.0, 5.5.0 through 5.5.25, and 6.0.0 through

CVE-2007-4724

all versions

Cross-site request forgery (CSRF) vulnerability in cal2.jsp in the calendar examples application in Apache Tomcat 4.1.31 allows re

CVE-2007-3386

all versions

Cross-site scripting (XSS) vulnerability in the Host Manager Servlet for Apache Tomcat 6.0.0 to 6.0.13 and 5.5.0 to 5.5.24 allows

CVE-2007-3385

all versions

Apache Tomcat 6.0.0 to 6.0.13, 5.5.0 to 5.5.24, 5.0.0 to 5.0.30, 4.1.0 to 4.1.36, and 3.3 to 3.3.2 does not properly handle the \"

CVE-2007-3382

all versions

Apache Tomcat 6.0.0 to 6.0.13, 5.5.0 to 5.5.24, 5.0.0 to 5.0.30, 4.1.0 to 4.1.36, and 3.3 to 3.3.2 treats single quotes ("'") as d

CVE-2007-3384

all versions

Multiple cross-site scripting (XSS) vulnerabilities in examples/servlet/CookieExample in Apache Tomcat 3.3 through 3.3.2 allow rem

CVE-2007-3383

all versions

Cross-site scripting (XSS) vulnerability in SendMailServlet in the examples web application (examples/jsp/mail/sendmail.jsp) in Ap

CVE-2007-2450

all versions

Multiple cross-site scripting (XSS) vulnerabilities in the (1) Manager and (2) Host Manager web applications in Apache Tomcat 4.0.

CVE-2007-2449

<= 4.1.36

Multiple cross-site scripting (XSS) vulnerabilities in certain JSP files in the examples web application in Apache Tomcat 4.0.0 th

CVE-2007-1355

all versions

Multiple cross-site scripting (XSS) vulnerabilities in the appdev/sample/web/hello.jsp example application in Tomcat 4.0.0 through

CVE-2007-1858

all versions

The default SSL cipher configuration in Apache Tomcat 4.1.28 through 4.1.31, 5.0.0 through 5.0.30, and 5.5.0 through 5.5.17 uses c

CVE-2007-1358

<= 4.1.31

Cross-site scripting (XSS) vulnerability in certain applications using Apache Tomcat 4.0.0 through 4.0.6 and 4.1.0 through 4.1.34

CVE-2006-7196

<= 4.1.31

Cross-site scripting (XSS) vulnerability in the calendar application example in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0 through 4

CVE-2006-7195

all versions

Cross-site scripting (XSS) vulnerability in implicit-objects.jsp in Apache Tomcat 5.0.0 through 5.0.30 and 5.5.0 through 5.5.17 al

CVE-2006-7197

all versions

The AJP connector in Apache Tomcat 5.5.15 uses an incorrect length for chunks, which can cause a buffer over-read in the ajp_proce

CVE-2007-0450

>= 5.0.0 and < 5.5.22

Directory traversal vulnerability in Apache HTTP Server and Tomcat 5.x before 5.5.22 and 6.x before 6.0.10, when using certain pro

CVE-2006-3835

all versions

Apache Tomcat 5 before 5.5.17 allows remote attackers to list directories via a semicolon (;) preceding a filename with a mapped e

CVE-2005-4838

<= 5.5.6

Multiple cross-site scripting (XSS) vulnerabilities in the example web applications for Jakarta Tomcat 5.5.6 and earlier allow rem

CVE-2005-4836

all versions

The HTTP/1.1 connector in Apache Tomcat 4.1.15 through 4.1.40 does not reject NULL bytes in a URL when allowLinking is configured,

CVE-2005-4703

all versions

Apache Tomcat 4.0.3, when running on Windows, allows remote attackers to obtain sensitive information via a request for a file tha

CVE-2005-3510

all versions

Apache Tomcat 5.5.0 to 5.5.11 allows remote attackers to cause a denial of service (CPU consumption) via a large number of simulta

CVE-2005-3164

>= 4.0.1 and <= 4.0.6

The AJP connector in Apache Tomcat 4.0.1 through 4.0.6 and 4.1.0 through 4.1.36, as used in Hitachi Cosminexus Application Server

CVE-2005-2090

all versions

Jakarta Tomcat 5.0.19 (Coyote/1.1) and Tomcat 4.1.24 (Coyote/1.0) allows remote attackers to poison the web cache, bypass web appl

CVE-2005-0808

all versions

Apache Tomcat before 5.x allows remote attackers to cause a denial of service (application crash) via a crafted AJP12 packet to TC

CVE-2003-0866

all versions

The Catalina org.apache.catalina.connector.http package in Tomcat 4.0.x up to 4.0.3 allows remote attackers to cause a denial of s

CVE-2002-1567

all versions

Cross-site scripting (XSS) vulnerability in Apache Tomcat 4.1 allows remote attackers to execute arbitrary web script and steal co

CVE-2003-0045

all versions

Jakarta Tomcat before 3.3.1a on certain Windows systems may allow remote attackers to cause a denial of service (thread hang and r

CVE-2003-0044

all versions

Multiple cross-site scripting (XSS) vulnerabilities in the (1) examples and (2) ROOT web applications for Jakarta Tomcat 3.x throu

CVE-2003-0043

all versions

Jakarta Tomcat before 3.3.1a, when used with JDK 1.3.1 or earlier, uses trusted privileges when processing the web.xml file, which

CVE-2003-0042

all versions

Jakarta Tomcat before 3.3.1a, when used with JDK 1.3.1 or earlier, allows remote attackers to list directories even with an index.

CVE-2002-1394

all versions

Apache Tomcat 4.0.5 and earlier, when using both the invoker servlet and the default servlet, allows remote attackers to read sour

CVE-2002-2272

all versions

Tomcat 4.0 through 4.1.12, using mod_jk 1.2.1 module on Apache 1.3 through 1.3.27, allows remote attackers to cause a denial of se

CVE-2002-2009

all versions

Apache Tomcat 4.0.1 allows remote attackers to obtain the web root path via HTTP requests for JSP files preceded by (1) +/, (2) >/

CVE-2002-2008

all versions

Apache Tomcat 4.0.3 for Windows allows remote attackers to obtain the web root path via an HTTP request for a resource that does n

CVE-2002-2007

all versions

The default installations of Apache Tomcat 3.2.3 and 3.2.4 allows remote attackers to obtain sensitive system information such as

CVE-2002-2006

all versions

The default installation of Apache Tomcat 4.0 through 4.1 and 3.0 through 3.3.1 allows remote attackers to obtain the installation

CVE-2002-1895

all versions

The servlet engine in Jakarta Apache Tomcat 3.3 and 4.0.4, when using IIS and the ajp1.3 connector, allows remote attackers to cau

CVE-2002-1148

all versions

The default servlet (org.apache.catalina.servlets.DefaultServlet) in Tomcat 4.0.4 and 4.1.10 and earlier allows remote attackers t

CVE-2002-0936

all versions

The Java Server Pages (JSP) engine in Tomcat allows web page owners to cause a denial of service (engine crash) on the web server

CVE-2002-0935

all versions

Apache Tomcat 4.0.3, and possibly other versions before 4.1.3 beta, allows remote attackers to cause a denial of service (resource

CVE-2002-0493

<= 3.3.2

Apache Tomcat may be started without proper security settings if errors are encountered while reading the web.xml file, which coul

CVE-2002-0682

all versions

Cross-site scripting vulnerability in Apache Tomcat 4.0.3 allows remote attackers to execute script as other web users via script

CVE-2000-1210

<= 3.1

Directory traversal vulnerability in source.jsp of Apache Tomcat before 3.1 allows remote attackers to read arbitrary files via a

CVE-2001-1563

all versions

Unknown vulnerability in Tomcat 3.2.1 running on HP Secure OS for Linux 1.0 allows attackers to access servlet resources. NOTE: d

CVE-2001-0829

all versions

A cross-site scripting vulnerability in Apache Tomcat 3.2.1 allows a malicious webmaster to embed Javascript in a request for a .J

CVE-2001-0917

all versions

Jakarta Tomcat 4.0.1 allows remote attackers to reveal physical path information by requesting a long URL with a .JSP extension.

CVE-2001-0590

<= 3.2.2

Apache Software Foundation Tomcat Servlet prior to 3.2.2 allows a remote attacker to read the source code to arbitrary 'jsp' files

CVE-2000-0760

all versions

The Snoop servlet in Jakarta Tomcat 3.1 and 3.0 under Apache reveals sensitive system information when a remote attacker requests

CVE-2000-0759

all versions

Jakarta Tomcat 3.1 under Apache reveals physical path information when a remote attacker requests a URL that does not exist, which

CVE-2000-0672

all versions

The default configuration of Jakarta Tomcat does not restrict access to the /admin context, which allows remote attackers to read

apache tomcat