Search for packages
| purl | pkg:apache/tomcat@6.0.43 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-5wj3-qn6v-aaab
Aliases: CVE-2014-0230 GHSA-pxcx-cxq8-4mmw |
Apache Tomcat 6.x before 6.0.44, 7.x before 7.0.55, and 8.x before 8.0.9 does not properly handle cases where an HTTP response occurs before finishing the reading of an entire request body, which allows remote attackers to cause a denial of service (thread consumption) via a series of aborted upload attempts. |
Affected by 4 other vulnerabilities. Affected by 42 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-cxzy-t2vt-aaar
Aliases: CVE-2014-7810 GHSA-4c43-cwvx-9crh |
The Expression Language (EL) implementation in Apache Tomcat 6.x before 6.0.44, 7.x before 7.0.58, and 8.x before 8.0.16 does not properly consider the possibility of an accessible interface implemented by an inaccessible class, which allows attackers to bypass a SecurityManager protection mechanism via a web application that leverages use of incorrect privileges during EL evaluation. |
Affected by 4 other vulnerabilities. Affected by 41 other vulnerabilities. Affected by 41 other vulnerabilities. Affected by 0 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-y7g9-rfw9-aaaa | java/org/apache/coyote/http11/filters/ChunkedInputFilter.java in Apache Tomcat 6.x before 6.0.42, 7.x before 7.0.55, and 8.x before 8.0.9 does not properly handle attempts to continue reading data after an error has occurred, which allows remote attackers to conduct HTTP request smuggling attacks or cause a denial of service (resource consumption) by streaming data with malformed chunked transfer coding. |
CVE-2014-0227
GHSA-42j3-498q-m6vp |
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2025-03-28T13:19:33.043561+00:00 | Apache Tomcat Importer | Fixing | VCID-y7g9-rfw9-aaaa | https://tomcat.apache.org/security-6.html | 36.0.0 |
| 2025-03-28T13:19:32.985628+00:00 | Apache Tomcat Importer | Affected by | VCID-cxzy-t2vt-aaar | https://tomcat.apache.org/security-6.html | 36.0.0 |
| 2025-03-28T13:19:32.931046+00:00 | Apache Tomcat Importer | Affected by | VCID-5wj3-qn6v-aaab | https://tomcat.apache.org/security-6.html | 36.0.0 |
| 2024-09-18T08:17:43.143071+00:00 | Apache Tomcat Importer | Fixing | VCID-y7g9-rfw9-aaaa | https://tomcat.apache.org/security-6.html | 34.0.1 |
| 2024-09-18T08:17:43.090879+00:00 | Apache Tomcat Importer | Affected by | VCID-cxzy-t2vt-aaar | https://tomcat.apache.org/security-6.html | 34.0.1 |
| 2024-09-18T08:17:43.043103+00:00 | Apache Tomcat Importer | Affected by | VCID-5wj3-qn6v-aaab | https://tomcat.apache.org/security-6.html | 34.0.1 |
| 2024-01-04T02:15:46.236178+00:00 | Apache Tomcat Importer | Fixing | VCID-y7g9-rfw9-aaaa | https://tomcat.apache.org/security-6.html | 34.0.0rc1 |
| 2024-01-04T02:15:46.182919+00:00 | Apache Tomcat Importer | Affected by | VCID-cxzy-t2vt-aaar | https://tomcat.apache.org/security-6.html | 34.0.0rc1 |
| 2024-01-04T02:15:46.133386+00:00 | Apache Tomcat Importer | Affected by | VCID-5wj3-qn6v-aaab | https://tomcat.apache.org/security-6.html | 34.0.0rc1 |