Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:maven/org.apache.tomcat/tomcat@6.0.33
purl pkg:maven/org.apache.tomcat/tomcat@6.0.33
Tags Ghost
Next non-vulnerable version 9.0.117
Latest non-vulnerable version 11.0.21
Risk 4.0
Vulnerabilities affecting this package (4)
Vulnerability Summary Fixed by
VCID-a9bd-d31y-k7g6
Aliases:
CVE-2014-0033
GHSA-6gjj-c5mj-4cvp
org/apache/catalina/connector/CoyoteAdapter.java in Apache Tomcat 6.0.33 through 6.0.37 does not consider the disableURLRewriting setting when handling a session ID in a URL, which allows remote attackers to conduct session fixation attacks via a crafted URL.
6.0.38
Affected by 0 other vulnerabilities.
6.0.39
Affected by 4 other vulnerabilities.
VCID-hhk9-cr54-8fgc
Aliases:
CVE-2012-0022
GHSA-8h2q-qm9x-55jc
Apache Tomcat 5.5.x before 5.5.35, 6.x before 6.0.34, and 7.x before 7.0.23 uses an inefficient approach for handling parameters, which allows remote attackers to cause a denial of service (CPU consumption) via a request that contains many parameters and parameter values, a different vulnerability than CVE-2011-4858.
6.0.34
Affected by 0 other vulnerabilities.
6.0.35
Affected by 5 other vulnerabilities.
7.0.23
Affected by 1 other vulnerability.
VCID-hxj6-mupf-abbc
Aliases:
CVE-2011-3375
GHSA-rp8h-vr48-4j8p
Apache Tomcat 6.0.30 through 6.0.33 and 7.x before 7.0.22 does not properly perform certain caching and recycling operations involving request objects, which allows remote attackers to obtain unintended read access to IP address and HTTP header information in opportunistic circumstances by reading TCP data.
6.0.35
Affected by 5 other vulnerabilities.
7.0.22
Affected by 1 other vulnerability.
VCID-quwu-ep21-cyew
Aliases:
CVE-2011-3190
GHSA-c38m-v4m2-524v
Certain AJP protocol connector implementations in Apache Tomcat 7.0.0 through 7.0.20, 6.0.0 through 6.0.33, 5.5.0 through 5.5.33, and possibly other versions allow remote attackers to spoof AJP requests, bypass authentication, and obtain sensitive information by causing the connector to interpret a request body as a new request.
6.0.34
Affected by 0 other vulnerabilities.
6.0.35
Affected by 5 other vulnerabilities.
7.0.21
Affected by 2 other vulnerabilities.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-04T14:31:51.273249+00:00 GHSA Importer Affected by VCID-hxj6-mupf-abbc https://github.com/advisories/GHSA-rp8h-vr48-4j8p 38.1.0
2026-04-04T14:30:29.543901+00:00 GHSA Importer Fixing VCID-mctd-9zgv-5qgp https://github.com/advisories/GHSA-c57p-3v2g-w9rg 38.1.0
2026-04-04T14:30:29.381413+00:00 GHSA Importer Fixing VCID-egye-da2v-4ybh https://github.com/advisories/GHSA-6cr4-7c7p-p3xv 38.1.0
2026-04-04T14:30:28.932832+00:00 GHSA Importer Fixing VCID-241m-q6vd-kudk https://github.com/advisories/GHSA-9ggm-7897-x4mg 38.1.0
2026-04-04T14:30:28.686889+00:00 GHSA Importer Fixing VCID-8ebv-6941-jqdy https://github.com/advisories/GHSA-hffm-fqv4-w27r 38.1.0
2026-04-04T14:30:28.580689+00:00 GHSA Importer Fixing VCID-1v6c-f56v-hqh1 https://github.com/advisories/GHSA-4f7h-9j2x-cmr4 38.1.0
2026-04-04T14:30:28.338993+00:00 GHSA Importer Fixing VCID-d9ys-kxh6-nkgr https://github.com/advisories/GHSA-q9xf-jwr4-v445 38.1.0
2026-04-04T14:30:28.241802+00:00 GHSA Importer Affected by VCID-quwu-ep21-cyew https://github.com/advisories/GHSA-c38m-v4m2-524v 38.1.0
2026-04-04T14:30:25.127635+00:00 GHSA Importer Affected by VCID-a9bd-d31y-k7g6 https://github.com/advisories/GHSA-6gjj-c5mj-4cvp 38.1.0
2026-04-03T21:26:07.971603+00:00 GitLab Importer Affected by VCID-hxj6-mupf-abbc https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.tomcat/tomcat/CVE-2011-3375.yml 38.1.0
2026-04-01T13:11:17.904989+00:00 GithubOSV Importer Fixing VCID-mctd-9zgv-5qgp https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-c57p-3v2g-w9rg/GHSA-c57p-3v2g-w9rg.json 38.0.0
2026-04-01T13:10:14.783953+00:00 GithubOSV Importer Fixing VCID-241m-q6vd-kudk https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-9ggm-7897-x4mg/GHSA-9ggm-7897-x4mg.json 38.0.0
2026-04-01T13:09:47.372299+00:00 GithubOSV Importer Fixing VCID-1v6c-f56v-hqh1 https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-4f7h-9j2x-cmr4/GHSA-4f7h-9j2x-cmr4.json 38.0.0
2026-04-01T13:09:40.400932+00:00 GithubOSV Importer Fixing VCID-egye-da2v-4ybh https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-6cr4-7c7p-p3xv/GHSA-6cr4-7c7p-p3xv.json 38.0.0
2026-04-01T13:09:25.727683+00:00 GithubOSV Importer Fixing VCID-8ebv-6941-jqdy https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-hffm-fqv4-w27r/GHSA-hffm-fqv4-w27r.json 38.0.0
2026-04-01T13:07:43.079846+00:00 GithubOSV Importer Fixing VCID-d9ys-kxh6-nkgr https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-q9xf-jwr4-v445/GHSA-q9xf-jwr4-v445.json 38.0.0
2026-04-01T12:50:39.544252+00:00 GitLab Importer Fixing VCID-8ebv-6941-jqdy https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.tomcat/tomcat/CVE-2011-5063.yml 38.0.0
2026-04-01T12:50:38.289822+00:00 GitLab Importer Fixing VCID-d9ys-kxh6-nkgr https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.tomcat/tomcat/CVE-2011-1184.yml 38.0.0
2026-04-01T12:50:37.659595+00:00 GitLab Importer Fixing VCID-mctd-9zgv-5qgp https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.tomcat/tomcat/CVE-2011-2204.yml 38.0.0
2026-04-01T12:50:37.246951+00:00 GitLab Importer Fixing VCID-241m-q6vd-kudk https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.tomcat/tomcat/CVE-2011-2526.yml 38.0.0
2026-04-01T12:50:35.719548+00:00 GitLab Importer Affected by VCID-a9bd-d31y-k7g6 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.tomcat/tomcat/CVE-2014-0033.yml 38.0.0
2026-04-01T12:50:31.505734+00:00 GitLab Importer Affected by VCID-quwu-ep21-cyew https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.tomcat/tomcat/CVE-2011-3190.yml 38.0.0
2026-04-01T12:50:31.094153+00:00 GitLab Importer Fixing VCID-egye-da2v-4ybh https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.tomcat/tomcat/CVE-2011-5064.yml 38.0.0
2026-04-01T12:50:29.876847+00:00 GitLab Importer Fixing VCID-1v6c-f56v-hqh1 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.tomcat/tomcat/CVE-2011-5062.yml 38.0.0
2026-04-01T12:38:17.120144+00:00 Apache Tomcat Importer Fixing VCID-618c-ar98-qfcr https://tomcat.apache.org/security-6.html 38.0.0
2026-04-01T12:38:17.091856+00:00 Apache Tomcat Importer Fixing VCID-241m-q6vd-kudk https://tomcat.apache.org/security-6.html 38.0.0
2026-04-01T12:38:17.062749+00:00 Apache Tomcat Importer Fixing VCID-mctd-9zgv-5qgp https://tomcat.apache.org/security-6.html 38.0.0
2026-04-01T12:38:17.033335+00:00 Apache Tomcat Importer Fixing VCID-d9ys-kxh6-nkgr https://tomcat.apache.org/security-6.html 38.0.0
2026-04-01T12:38:17.001002+00:00 Apache Tomcat Importer Affected by VCID-hhk9-cr54-8fgc https://tomcat.apache.org/security-6.html 38.0.0
2026-04-01T12:38:16.966918+00:00 Apache Tomcat Importer Affected by VCID-quwu-ep21-cyew https://tomcat.apache.org/security-6.html 38.0.0
2026-04-01T12:38:16.937748+00:00 Apache Tomcat Importer Affected by VCID-hxj6-mupf-abbc https://tomcat.apache.org/security-6.html 38.0.0
2026-04-01T12:38:16.707391+00:00 Apache Tomcat Importer Affected by VCID-a9bd-d31y-k7g6 https://tomcat.apache.org/security-6.html 38.0.0