Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:maven/org.apache.tomcat/tomcat-catalina@7.0.80
purl pkg:maven/org.apache.tomcat/tomcat-catalina@7.0.80
Tags Ghost
Next non-vulnerable version 9.0.96
Latest non-vulnerable version 11.0.21
Risk 10.0
Vulnerabilities affecting this package (1)
Vulnerability Summary Fixed by
VCID-c4jv-ws83-x7g2
Aliases:
CVE-2017-12616
GHSA-8qq4-8jvq-mfw4
When using a VirtualDirContext with Apache Tomcat 7.0.0 to 7.0.80 it was possible to bypass security constraints and/or view the source code of JSPs for resources served by the VirtualDirContext using a specially crafted request.
7.0.81
Affected by 4 other vulnerabilities.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-04T14:30:19.527781+00:00 GHSA Importer Affected by VCID-c4jv-ws83-x7g2 https://github.com/advisories/GHSA-8qq4-8jvq-mfw4 38.1.0
2026-04-01T12:47:20.615073+00:00 GitLab Importer Affected by VCID-c4jv-ws83-x7g2 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.tomcat/tomcat-catalina/CVE-2017-12616.yml 38.0.0