Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:maven/org.apache.tomcat/tomcat@7.0.10
purl pkg:maven/org.apache.tomcat/tomcat@7.0.10
Tags Ghost
Next non-vulnerable version 9.0.117
Latest non-vulnerable version 11.0.21
Risk 4.0
Vulnerabilities affecting this package (1)
Vulnerability Summary Fixed by
VCID-95fn-d2ad-qyg6
Aliases:
CVE-2011-1088
GHSA-mg4v-rf8p-ghqq
Apache Tomcat 7.x before 7.0.10 does not follow ServletSecurity annotations, which allows remote attackers to bypass intended access restrictions via HTTP requests to a web application.
7.0.11
Affected by 3 other vulnerabilities.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-04T14:30:49.463758+00:00 GHSA Importer Fixing VCID-95fn-d2ad-qyg6 https://github.com/advisories/GHSA-mg4v-rf8p-ghqq 38.1.0
2026-04-01T16:00:38.792944+00:00 GHSA Importer Fixing VCID-jau7-gfz8-dkfa https://github.com/advisories/GHSA-f7w7-6pjc-wwm6 38.0.0
2026-04-01T13:11:40.454716+00:00 GithubOSV Importer Fixing VCID-95fn-d2ad-qyg6 https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-mg4v-rf8p-ghqq/GHSA-mg4v-rf8p-ghqq.json 38.0.0
2026-04-01T13:11:31.701439+00:00 GithubOSV Importer Fixing VCID-jau7-gfz8-dkfa https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-f7w7-6pjc-wwm6/GHSA-f7w7-6pjc-wwm6.json 38.0.0
2026-04-01T12:50:00.943336+00:00 GitLab Importer Fixing VCID-jau7-gfz8-dkfa https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.tomcat/tomcat/CVE-2009-3555.yml 38.0.0
2026-04-01T12:38:15.777665+00:00 Apache Tomcat Importer Affected by VCID-95fn-d2ad-qyg6 https://tomcat.apache.org/security-7.html 38.0.0