VulnerableCode Package Details - pkg:apache/tomcat@4.1.13

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:apache/tomcat@4.1.13

Essentials
History (2)

purl	pkg:apache/tomcat@4.1.13

Vulnerabilities affecting this package (0)

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerabilities fixed by this package (2)

Vulnerability	Summary	Aliases
VCID-j2sv-62js-xbav	Apache Tomcat 4.0.5 and earlier, when using both the invoker servlet and the default servlet, allows remote attackers to read source code for server files or bypass certain protections, a variant of CAN-2002-1148.	CVE-2002-1394 GHSA-8v5p-2cpv-c2x6
VCID-ssnx-gz8e-87ab	Cross-site scripting vulnerability in Apache Tomcat 4.0.3 allows remote attackers to execute script as other web users via script in a URL with the /servlet/ mapping, which does not filter the script when an exception is thrown by the servlet.	CVE-2002-0682

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-01T12:38:20.489555+00:00	Apache Tomcat Importer	Fixing	VCID-ssnx-gz8e-87ab	https://tomcat.apache.org/security-4.html	38.0.0
2026-04-01T12:38:20.451045+00:00	Apache Tomcat Importer	Fixing	VCID-j2sv-62js-xbav	https://tomcat.apache.org/security-4.html	38.0.0