Search for packages
| purl | pkg:apache/tomcat@8.0.27 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
| This package is not known to be affected by vulnerabilities. | ||
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-c5ge-w5qj-aaam | Directory traversal vulnerability in RequestUtil.java in Apache Tomcat 6.x before 6.0.45, 7.x before 7.0.65, and 8.x before 8.0.27 allows remote authenticated users to bypass intended SecurityManager restrictions and list a parent directory via a /.. (slash dot dot) in a pathname used by a web application in a getResource, getResourceAsStream, or getResourcePaths call, as demonstrated by the $CATALINA_BASE/webapps directory. |
CVE-2015-5174
GHSA-6qr6-x7jm-x2q6 |
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2025-03-28T13:19:26.827168+00:00 | Apache Tomcat Importer | Fixing | VCID-c5ge-w5qj-aaam | https://tomcat.apache.org/security-8.html | 36.0.0 |
| 2024-09-18T08:17:37.138930+00:00 | Apache Tomcat Importer | Fixing | VCID-c5ge-w5qj-aaam | https://tomcat.apache.org/security-8.html | 34.0.1 |
| 2024-01-04T02:15:40.543826+00:00 | Apache Tomcat Importer | Fixing | VCID-c5ge-w5qj-aaam | https://tomcat.apache.org/security-8.html | 34.0.0rc1 |