Search for packages
| purl | pkg:maven/org.apache.tomcat/tomcat@8.0 |
| Tags | Ghost |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-enaj-f97c-jbh7
Aliases: CVE-2017-7674 GHSA-73rx-3f9r-x949 |
The CORS Filter in Apache Tomcat 9.0.0.M1 to 9.0.0.M21, 8.5.0 to 8.5.15, 8.0.0.RC1 to 8.0.44 and 7.0.41 to 7.0.78 did not add an HTTP Vary header indicating that the response varies depending on Origin. This permitted client and server side cache poisoning in some circumstances. |
Affected by 7 other vulnerabilities. Affected by 26 other vulnerabilities. Affected by 7 other vulnerabilities. Affected by 27 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-01T12:47:18.362185+00:00 | GitLab Importer | Affected by | VCID-enaj-f97c-jbh7 | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.tomcat/tomcat/CVE-2017-7674.yml | 38.0.0 |