Search for packages
| purl | pkg:apache/tomcat@8.0.3 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-3vzq-2cx8-aaab
Aliases: CVE-2014-0099 GHSA-xh5x-j8jf-pcpx |
Integer overflow in java/org/apache/tomcat/util/buf/Ascii.java in Apache Tomcat before 6.0.40, 7.x before 7.0.53, and 8.x before 8.0.4, when operated behind a reverse proxy, allows remote attackers to conduct HTTP request smuggling attacks via a crafted Content-Length HTTP header. |
Affected by 1 other vulnerability. |
|
VCID-691b-gvyr-aaaj
Aliases: CVE-2014-0096 GHSA-qprx-q2r7-3rx6 |
java/org/apache/catalina/servlets/DefaultServlet.java in the default servlet in Apache Tomcat before 6.0.40, 7.x before 7.0.53, and 8.x before 8.0.4 does not properly restrict XSLT stylesheets, which allows remote attackers to bypass security-manager restrictions and read arbitrary files via a crafted web application that provides an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue. |
Affected by 1 other vulnerability. |
|
VCID-74gj-w1me-aaaj
Aliases: CVE-2014-0095 GHSA-wf5v-jhxj-q632 |
java/org/apache/coyote/ajp/AbstractAjpProcessor.java in Apache Tomcat 8.x before 8.0.4 allows remote attackers to cause a denial of service (thread consumption) by using a "Content-Length: 0" AJP request to trigger a hang in request processing. |
Affected by 1 other vulnerability. |
|
VCID-u3ks-rt2w-aaaf
Aliases: CVE-2014-0075 GHSA-475f-74wp-pqv5 |
Integer overflow in the parseChunkHeader function in java/org/apache/coyote/http11/filters/ChunkedInputFilter.java in Apache Tomcat before 6.0.40, 7.x before 7.0.53, and 8.x before 8.0.4 allows remote attackers to cause a denial of service (resource consumption) via a malformed chunk size in chunked transfer coding of a request during the streaming of data. |
Affected by 1 other vulnerability. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-qcms-zybq-aaap | High severity vulnerability that affects commons-fileupload:commons-fileupload |
CVE-2014-0050
GHSA-xx68-jfcg-xmmf |
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2025-03-28T13:19:27.466267+00:00 | Apache Tomcat Importer | Fixing | VCID-qcms-zybq-aaap | https://tomcat.apache.org/security-8.html | 36.0.0 |
| 2025-03-28T13:19:27.404020+00:00 | Apache Tomcat Importer | Affected by | VCID-3vzq-2cx8-aaab | https://tomcat.apache.org/security-8.html | 36.0.0 |
| 2025-03-28T13:19:27.345168+00:00 | Apache Tomcat Importer | Affected by | VCID-691b-gvyr-aaaj | https://tomcat.apache.org/security-8.html | 36.0.0 |
| 2025-03-28T13:19:27.288439+00:00 | Apache Tomcat Importer | Affected by | VCID-74gj-w1me-aaaj | https://tomcat.apache.org/security-8.html | 36.0.0 |
| 2025-03-28T13:19:27.234508+00:00 | Apache Tomcat Importer | Affected by | VCID-u3ks-rt2w-aaaf | https://tomcat.apache.org/security-8.html | 36.0.0 |
| 2024-09-18T08:17:37.710554+00:00 | Apache Tomcat Importer | Fixing | VCID-qcms-zybq-aaap | https://tomcat.apache.org/security-8.html | 34.0.1 |
| 2024-09-18T08:17:37.652979+00:00 | Apache Tomcat Importer | Affected by | VCID-3vzq-2cx8-aaab | https://tomcat.apache.org/security-8.html | 34.0.1 |
| 2024-09-18T08:17:37.600426+00:00 | Apache Tomcat Importer | Affected by | VCID-691b-gvyr-aaaj | https://tomcat.apache.org/security-8.html | 34.0.1 |
| 2024-09-18T08:17:37.545975+00:00 | Apache Tomcat Importer | Affected by | VCID-74gj-w1me-aaaj | https://tomcat.apache.org/security-8.html | 34.0.1 |
| 2024-09-18T08:17:37.490966+00:00 | Apache Tomcat Importer | Affected by | VCID-u3ks-rt2w-aaaf | https://tomcat.apache.org/security-8.html | 34.0.1 |
| 2024-01-04T02:15:41.045813+00:00 | Apache Tomcat Importer | Fixing | VCID-qcms-zybq-aaap | https://tomcat.apache.org/security-8.html | 34.0.0rc1 |
| 2024-01-04T02:15:40.998901+00:00 | Apache Tomcat Importer | Affected by | VCID-3vzq-2cx8-aaab | https://tomcat.apache.org/security-8.html | 34.0.0rc1 |
| 2024-01-04T02:15:40.945579+00:00 | Apache Tomcat Importer | Affected by | VCID-691b-gvyr-aaaj | https://tomcat.apache.org/security-8.html | 34.0.0rc1 |
| 2024-01-04T02:15:40.892445+00:00 | Apache Tomcat Importer | Affected by | VCID-74gj-w1me-aaaj | https://tomcat.apache.org/security-8.html | 34.0.0rc1 |
| 2024-01-04T02:15:40.844871+00:00 | Apache Tomcat Importer | Affected by | VCID-u3ks-rt2w-aaaf | https://tomcat.apache.org/security-8.html | 34.0.0rc1 |