Search for packages
| purl | pkg:apache/tomcat@4.1.37 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-22we-qr8x-aaad
Aliases: CVE-2008-2370 GHSA-m8h8-6rvg-f4mg |
CVE-2008-2370 tomcat RequestDispatcher information disclosure vulnerability |
Affected by 5 other vulnerabilities. Affected by 5 other vulnerabilities. Affected by 5 other vulnerabilities. |
|
VCID-jts3-sumc-aaaq
Aliases: CVE-2008-0128 |
CVE-2008-0128 tomcat5 SSO cookie login information disclosure |
Affected by 5 other vulnerabilities. Affected by 1 other vulnerability. Affected by 1 other vulnerability. |
|
VCID-w2az-ahw2-aaah
Aliases: CVE-2008-1232 GHSA-q74x-qqhr-f8rx |
CVE-2008-1232 tomcat: Cross-Site-Scripting enabled by sendError call |
Affected by 5 other vulnerabilities. Affected by 5 other vulnerabilities. Affected by 5 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-1bxb-dc7f-aaad | CVE-2007-1355 tomcat XSS in samples |
CVE-2007-1355
GHSA-4c6x-gfc8-c26r |
| VCID-5p51-8u8j-aaaj | CVE-2007-2450 tomcat host manager XSS |
CVE-2007-2450
GHSA-5c5p-jxvx-x7j2 |
| VCID-8ha5-3wkt-aaaa | CVE-2007-5333 Improve cookie parsing for tomcat5 |
CVE-2007-5333
GHSA-cww4-vj5r-rx57 |
| VCID-8tsz-hrqv-aaar | CVE-2007-3385 tomcat handling of cookie values |
CVE-2007-3385
GHSA-6j8f-66vh-39mj |
| VCID-e2fg-fd5a-aaan | Cross-site scripting (XSS) vulnerability in SendMailServlet in the examples web application (examples/jsp/mail/sendmail.jsp) in Apache Tomcat 4.0.0 through 4.0.6 and 4.1.0 through 4.1.36 allows remote attackers to inject arbitrary web script or HTML via the From field and possibly other fields, related to generation of error messages. |
CVE-2007-3383
GHSA-wjwr-3jch-479j |
| VCID-es7j-vwa1-aaar | CVE-2007-5461 Absolute path traversal Apache Tomcat WEBDAV |
CVE-2007-5461
GHSA-v5p2-vg3c-pmrr |
| VCID-npzp-axqb-aaaa | CVE-2007-2449 tomcat examples jsp XSS |
CVE-2007-2449
GHSA-hc39-rjwp-qffq |
| VCID-qdyv-j5zf-aaaq | CVE-2007-3382 tomcat handling of cookies |
CVE-2007-3382
GHSA-qff8-g48j-pwpw |
| VCID-vyaw-vkvq-aaas | The AJP connector in Apache Tomcat 4.0.1 through 4.0.6 and 4.1.0 through 4.1.36, as used in Hitachi Cosminexus Application Server and standalone, does not properly handle when a connection is broken before request body data is sent in a POST request, which can lead to an information leak when "unsuitable request body data" is used for a different request, possibly related to Java Servlet pages. |
CVE-2005-3164
GHSA-qhqv-q4xg-f6g7 |
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2025-03-28T13:19:39.724188+00:00 | Apache Tomcat Importer | Fixing | VCID-es7j-vwa1-aaar | https://tomcat.apache.org/security-4.html | 36.0.0 |
| 2025-03-28T13:19:39.663877+00:00 | Apache Tomcat Importer | Fixing | VCID-8ha5-3wkt-aaaa | https://tomcat.apache.org/security-4.html | 36.0.0 |
| 2025-03-28T13:19:39.616575+00:00 | Apache Tomcat Importer | Fixing | VCID-8tsz-hrqv-aaar | https://tomcat.apache.org/security-4.html | 36.0.0 |
| 2025-03-28T13:19:39.558616+00:00 | Apache Tomcat Importer | Fixing | VCID-e2fg-fd5a-aaan | https://tomcat.apache.org/security-4.html | 36.0.0 |
| 2025-03-28T13:19:39.500651+00:00 | Apache Tomcat Importer | Fixing | VCID-qdyv-j5zf-aaaq | https://tomcat.apache.org/security-4.html | 36.0.0 |
| 2025-03-28T13:19:39.442745+00:00 | Apache Tomcat Importer | Fixing | VCID-5p51-8u8j-aaaj | https://tomcat.apache.org/security-4.html | 36.0.0 |
| 2025-03-28T13:19:39.373650+00:00 | Apache Tomcat Importer | Fixing | VCID-npzp-axqb-aaaa | https://tomcat.apache.org/security-4.html | 36.0.0 |
| 2025-03-28T13:19:39.301580+00:00 | Apache Tomcat Importer | Fixing | VCID-1bxb-dc7f-aaad | https://tomcat.apache.org/security-4.html | 36.0.0 |
| 2025-03-28T13:19:39.229870+00:00 | Apache Tomcat Importer | Fixing | VCID-vyaw-vkvq-aaas | https://tomcat.apache.org/security-4.html | 36.0.0 |
| 2025-03-28T13:19:39.162660+00:00 | Apache Tomcat Importer | Affected by | VCID-22we-qr8x-aaad | https://tomcat.apache.org/security-4.html | 36.0.0 |
| 2025-03-28T13:19:39.108612+00:00 | Apache Tomcat Importer | Affected by | VCID-w2az-ahw2-aaah | https://tomcat.apache.org/security-4.html | 36.0.0 |
| 2025-03-28T13:19:39.055009+00:00 | Apache Tomcat Importer | Affected by | VCID-jts3-sumc-aaaq | https://tomcat.apache.org/security-4.html | 36.0.0 |
| 2024-09-18T08:17:49.593804+00:00 | Apache Tomcat Importer | Fixing | VCID-es7j-vwa1-aaar | https://tomcat.apache.org/security-4.html | 34.0.1 |
| 2024-09-18T08:17:49.536389+00:00 | Apache Tomcat Importer | Fixing | VCID-8ha5-3wkt-aaaa | https://tomcat.apache.org/security-4.html | 34.0.1 |
| 2024-09-18T08:17:49.488356+00:00 | Apache Tomcat Importer | Fixing | VCID-8tsz-hrqv-aaar | https://tomcat.apache.org/security-4.html | 34.0.1 |
| 2024-09-18T08:17:49.431221+00:00 | Apache Tomcat Importer | Fixing | VCID-e2fg-fd5a-aaan | https://tomcat.apache.org/security-4.html | 34.0.1 |
| 2024-09-18T08:17:49.371863+00:00 | Apache Tomcat Importer | Fixing | VCID-qdyv-j5zf-aaaq | https://tomcat.apache.org/security-4.html | 34.0.1 |
| 2024-09-18T08:17:49.314457+00:00 | Apache Tomcat Importer | Fixing | VCID-5p51-8u8j-aaaj | https://tomcat.apache.org/security-4.html | 34.0.1 |
| 2024-09-18T08:17:49.246797+00:00 | Apache Tomcat Importer | Fixing | VCID-npzp-axqb-aaaa | https://tomcat.apache.org/security-4.html | 34.0.1 |
| 2024-09-18T08:17:49.178439+00:00 | Apache Tomcat Importer | Fixing | VCID-1bxb-dc7f-aaad | https://tomcat.apache.org/security-4.html | 34.0.1 |
| 2024-09-18T08:17:49.109740+00:00 | Apache Tomcat Importer | Fixing | VCID-vyaw-vkvq-aaas | https://tomcat.apache.org/security-4.html | 34.0.1 |
| 2024-09-18T08:17:49.039026+00:00 | Apache Tomcat Importer | Affected by | VCID-22we-qr8x-aaad | https://tomcat.apache.org/security-4.html | 34.0.1 |
| 2024-09-18T08:17:48.990480+00:00 | Apache Tomcat Importer | Affected by | VCID-w2az-ahw2-aaah | https://tomcat.apache.org/security-4.html | 34.0.1 |
| 2024-09-18T08:17:48.941690+00:00 | Apache Tomcat Importer | Affected by | VCID-jts3-sumc-aaaq | https://tomcat.apache.org/security-4.html | 34.0.1 |
| 2024-01-04T02:15:52.687837+00:00 | Apache Tomcat Importer | Fixing | VCID-es7j-vwa1-aaar | https://tomcat.apache.org/security-4.html | 34.0.0rc1 |
| 2024-01-04T02:15:52.630945+00:00 | Apache Tomcat Importer | Fixing | VCID-8ha5-3wkt-aaaa | https://tomcat.apache.org/security-4.html | 34.0.0rc1 |
| 2024-01-04T02:15:52.582110+00:00 | Apache Tomcat Importer | Fixing | VCID-8tsz-hrqv-aaar | https://tomcat.apache.org/security-4.html | 34.0.0rc1 |
| 2024-01-04T02:15:52.525655+00:00 | Apache Tomcat Importer | Fixing | VCID-e2fg-fd5a-aaan | https://tomcat.apache.org/security-4.html | 34.0.0rc1 |
| 2024-01-04T02:15:52.468924+00:00 | Apache Tomcat Importer | Fixing | VCID-qdyv-j5zf-aaaq | https://tomcat.apache.org/security-4.html | 34.0.0rc1 |
| 2024-01-04T02:15:52.410021+00:00 | Apache Tomcat Importer | Fixing | VCID-5p51-8u8j-aaaj | https://tomcat.apache.org/security-4.html | 34.0.0rc1 |
| 2024-01-04T02:15:52.340788+00:00 | Apache Tomcat Importer | Fixing | VCID-npzp-axqb-aaaa | https://tomcat.apache.org/security-4.html | 34.0.0rc1 |
| 2024-01-04T02:15:52.273791+00:00 | Apache Tomcat Importer | Fixing | VCID-1bxb-dc7f-aaad | https://tomcat.apache.org/security-4.html | 34.0.0rc1 |
| 2024-01-04T02:15:52.207387+00:00 | Apache Tomcat Importer | Fixing | VCID-vyaw-vkvq-aaas | https://tomcat.apache.org/security-4.html | 34.0.0rc1 |
| 2024-01-04T02:15:52.145794+00:00 | Apache Tomcat Importer | Affected by | VCID-22we-qr8x-aaad | https://tomcat.apache.org/security-4.html | 34.0.0rc1 |
| 2024-01-04T02:15:52.093888+00:00 | Apache Tomcat Importer | Affected by | VCID-w2az-ahw2-aaah | https://tomcat.apache.org/security-4.html | 34.0.0rc1 |
| 2024-01-04T02:15:52.042778+00:00 | Apache Tomcat Importer | Affected by | VCID-jts3-sumc-aaaq | https://tomcat.apache.org/security-4.html | 34.0.0rc1 |