Search for packages
Package details: pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.0.4
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.0.4
Tags Ghost
Next non-vulnerable version 8.5.99
Latest non-vulnerable version 11.0.8
Risk 10.0
Vulnerabilities affecting this package (1)
Vulnerability Summary Fixed by
VCID-ah95-hj74-aaaq
Aliases:
CVE-2017-12617
GHSA-xjgh-84hx-56c5
Unrestricted Upload of File with Dangerous Type When running Apache Tomcat with HTTP PUTs enabled it was possible to upload a JSP file to the server via a specially crafted request. This JSP could then be requested and any code it contained would be executed by the server.
8.0.5
Affected by 20 other vulnerabilities.
8.0.8
Affected by 19 other vulnerabilities.
8.0.47
Affected by 15 other vulnerabilities.
8.5.23
Affected by 37 other vulnerabilities.
9.0.1
Affected by 39 other vulnerabilities.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2024-10-15T18:08:56.295926+00:00 GithubOSV Importer Fixing VCID-74gj-w1me-aaaj https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-wf5v-jhxj-q632/GHSA-wf5v-jhxj-q632.json 34.0.2
2024-09-18T09:08:11.772318+00:00 GithubOSV Importer Fixing VCID-74gj-w1me-aaaj https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-wf5v-jhxj-q632/GHSA-wf5v-jhxj-q632.json 34.0.1
2024-09-17T22:40:51.010752+00:00 GitLab Importer Affected by VCID-ah95-hj74-aaaq https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.tomcat.embed/tomcat-embed-core/CVE-2017-12617.yml 34.0.1
2024-09-17T22:40:50.535940+00:00 GitLab Importer Fixing VCID-74gj-w1me-aaaj https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.tomcat.embed/tomcat-embed-core/CVE-2014-0095.yml 34.0.1
2024-09-17T22:01:23.930834+00:00 GHSA Importer Fixing VCID-74gj-w1me-aaaj https://github.com/advisories/GHSA-wf5v-jhxj-q632 34.0.1
2024-04-23T23:04:15.955421+00:00 GithubOSV Importer Fixing VCID-74gj-w1me-aaaj https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-wf5v-jhxj-q632/GHSA-wf5v-jhxj-q632.json 34.0.0rc4
2024-04-23T17:40:11.313831+00:00 GHSA Importer Fixing VCID-74gj-w1me-aaaj https://github.com/advisories/GHSA-wf5v-jhxj-q632 34.0.0rc4
2024-01-09T15:41:58.472148+00:00 GitLab Importer Fixing VCID-74gj-w1me-aaaj https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.tomcat.embed/tomcat-embed-core/CVE-2014-0095.yml 34.0.0rc1
2024-01-08T23:56:54.987751+00:00 GHSA Importer Fixing VCID-74gj-w1me-aaaj https://github.com/advisories/GHSA-wf5v-jhxj-q632 34.0.0rc1
2024-01-03T18:03:14.474272+00:00 GitLab Importer Affected by VCID-ah95-hj74-aaaq https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.tomcat.embed/tomcat-embed-core/CVE-2017-12617.yml 34.0.0rc1