VulnerableCode Package Details - pkg:apache/tomcat@6.0.10

Search for packages

Vulnerability	Summary	Fixed by
VCID-1bxb-dc7f-aaad Aliases: CVE-2007-1355 GHSA-4c6x-gfc8-c26r	CVE-2007-1355 tomcat XSS in samples	6.0.11 Affected by 0 other vulnerabilities.
VCID-chsg-486g-aaac Aliases: CVE-2005-2090 GHSA-f2gq-p6qv-ccw4	Jakarta Tomcat 5.0.19 (Coyote/1.1) and Tomcat 4.1.24 (Coyote/1.0) allows remote attackers to poison the web cache, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with both a "Transfer-Encoding: chunked" header and a Content-Length header, which causes Tomcat to incorrectly handle and forward the body of the request in a way that causes the receiving server to process it as a separate HTTP request, aka "HTTP Request Smuggling."	6.0.11 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-1bxb-dc7f-aaad
Aliases:
CVE-2007-1355
GHSA-4c6x-gfc8-c26r

CVE-2007-1355 tomcat XSS in samples

6.0.11
Affected by 0 other vulnerabilities.

VCID-chsg-486g-aaac
Aliases:
CVE-2005-2090
GHSA-f2gq-p6qv-ccw4

Jakarta Tomcat 5.0.19 (Coyote/1.1) and Tomcat 4.1.24 (Coyote/1.0) allows remote attackers to poison the web cache, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with both a "Transfer-Encoding: chunked" header and a Content-Length header, which causes Tomcat to incorrectly handle and forward the body of the request in a way that causes the receiving server to process it as a separate HTTP request, aka "HTTP Request Smuggling."

6.0.11
Affected by 0 other vulnerabilities.

Vulnerability	Summary	Aliases
VCID-8ev5-nn75-aaap	CVE-2007-0450 tomcat directory traversal	CVE-2007-0450 GHSA-4prh-gqw8-rgh5

Vulnerability

Summary

Aliases

VCID-8ev5-nn75-aaap

CVE-2007-0450 tomcat directory traversal

CVE-2007-0450
GHSA-4prh-gqw8-rgh5

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-03-28T13:19:35.936032+00:00	Apache Tomcat Importer	Fixing	VCID-8ev5-nn75-aaap	https://tomcat.apache.org/security-6.html	36.0.0
2025-03-28T13:19:35.883145+00:00	Apache Tomcat Importer	Affected by	VCID-chsg-486g-aaac	https://tomcat.apache.org/security-6.html	36.0.0
2025-03-28T13:19:35.831100+00:00	Apache Tomcat Importer	Affected by	VCID-1bxb-dc7f-aaad	https://tomcat.apache.org/security-6.html	36.0.0
2024-09-18T08:17:45.920881+00:00	Apache Tomcat Importer	Fixing	VCID-8ev5-nn75-aaap	https://tomcat.apache.org/security-6.html	34.0.1
2024-09-18T08:17:45.867332+00:00	Apache Tomcat Importer	Affected by	VCID-chsg-486g-aaac	https://tomcat.apache.org/security-6.html	34.0.1
2024-09-18T08:17:45.814223+00:00	Apache Tomcat Importer	Affected by	VCID-1bxb-dc7f-aaad	https://tomcat.apache.org/security-6.html	34.0.1
2024-01-04T02:15:49.002684+00:00	Apache Tomcat Importer	Fixing	VCID-8ev5-nn75-aaap	https://tomcat.apache.org/security-6.html	34.0.0rc1
2024-01-04T02:15:48.951671+00:00	Apache Tomcat Importer	Affected by	VCID-chsg-486g-aaac	https://tomcat.apache.org/security-6.html	34.0.0rc1
2024-01-04T02:15:48.904359+00:00	Apache Tomcat Importer	Affected by	VCID-1bxb-dc7f-aaad	https://tomcat.apache.org/security-6.html	34.0.0rc1