VulnerableCode Package Details - pkg:apache/tomcat@7.0.13

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:apache/tomcat@7.0.13

Essentials
History (1)

purl	pkg:apache/tomcat@7.0.13

Next non-vulnerable version	7.0.14
Latest non-vulnerable version	11.0.21
Risk	4.0

Vulnerabilities affecting this package (1)

Vulnerability	Summary	Fixed by
VCID-sp3x-x26s-hue6 Aliases: CVE-2011-1582 GHSA-3xpj-jgv5-q4vv	Apache Tomcat 7.0.12 and 7.0.13 processes the first request to a servlet without following security constraints that have been configured through annotations, which allows remote attackers to bypass intended access restrictions via HTTP requests. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-1088, CVE-2011-1183, and CVE-2011-1419.	7.0.14 Affected by 0 other vulnerabilities.

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-01T12:38:15.634601+00:00	Apache Tomcat Importer	Affected by	VCID-sp3x-x26s-hue6	https://tomcat.apache.org/security-7.html	38.0.0