Search for packages
Package details: pkg:maven/org.apache.tomcat/tomcat@6.0.10
purl pkg:maven/org.apache.tomcat/tomcat@6.0.10
Tags Ghost
Next non-vulnerable version None.
Latest non-vulnerable version None.
Risk 10.0
Vulnerabilities affecting this package (2)
Vulnerability Summary Fixed by
VCID-1bxb-dc7f-aaad
Aliases:
CVE-2007-1355
GHSA-4c6x-gfc8-c26r
CVE-2007-1355 tomcat XSS in samples
6.0.11
Affected by 0 other vulnerabilities.
VCID-chsg-486g-aaac
Aliases:
CVE-2005-2090
GHSA-f2gq-p6qv-ccw4
Jakarta Tomcat 5.0.19 (Coyote/1.1) and Tomcat 4.1.24 (Coyote/1.0) allows remote attackers to poison the web cache, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with both a "Transfer-Encoding: chunked" header and a Content-Length header, which causes Tomcat to incorrectly handle and forward the body of the request in a way that causes the receiving server to process it as a separate HTTP request, aka "HTTP Request Smuggling."
6.0.11
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2025-03-28T13:19:35.957060+00:00 Apache Tomcat Importer Fixing VCID-8ev5-nn75-aaap https://tomcat.apache.org/security-6.html 36.0.0
2025-03-28T13:19:35.904686+00:00 Apache Tomcat Importer Affected by VCID-chsg-486g-aaac https://tomcat.apache.org/security-6.html 36.0.0
2025-03-28T13:19:35.853126+00:00 Apache Tomcat Importer Affected by VCID-1bxb-dc7f-aaad https://tomcat.apache.org/security-6.html 36.0.0
2024-10-15T18:00:15.445025+00:00 GithubOSV Importer Fixing VCID-8ev5-nn75-aaap https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-4prh-gqw8-rgh5/GHSA-4prh-gqw8-rgh5.json 34.0.2
2024-09-18T09:14:26.869132+00:00 GithubOSV Importer Fixing VCID-8ev5-nn75-aaap https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-4prh-gqw8-rgh5/GHSA-4prh-gqw8-rgh5.json 34.0.1
2024-09-18T08:17:45.941085+00:00 Apache Tomcat Importer Fixing VCID-8ev5-nn75-aaap https://tomcat.apache.org/security-6.html 34.0.1
2024-09-18T08:17:45.887408+00:00 Apache Tomcat Importer Affected by VCID-chsg-486g-aaac https://tomcat.apache.org/security-6.html 34.0.1
2024-09-18T08:17:45.835207+00:00 Apache Tomcat Importer Affected by VCID-1bxb-dc7f-aaad https://tomcat.apache.org/security-6.html 34.0.1
2024-09-17T22:02:52.419366+00:00 GHSA Importer Fixing VCID-8ev5-nn75-aaap https://github.com/advisories/GHSA-4prh-gqw8-rgh5 34.0.1
2024-04-23T23:09:17.649281+00:00 GithubOSV Importer Fixing VCID-8ev5-nn75-aaap https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-4prh-gqw8-rgh5/GHSA-4prh-gqw8-rgh5.json 34.0.0rc4
2024-01-04T02:15:49.022446+00:00 Apache Tomcat Importer Fixing VCID-8ev5-nn75-aaap https://tomcat.apache.org/security-6.html 34.0.0rc1
2024-01-04T02:15:48.971216+00:00 Apache Tomcat Importer Affected by VCID-chsg-486g-aaac https://tomcat.apache.org/security-6.html 34.0.0rc1
2024-01-04T02:15:48.924309+00:00 Apache Tomcat Importer Affected by VCID-1bxb-dc7f-aaad https://tomcat.apache.org/security-6.html 34.0.0rc1
2024-01-03T17:37:40.612569+00:00 GHSA Importer Fixing VCID-8ev5-nn75-aaap https://github.com/advisories/GHSA-4prh-gqw8-rgh5 34.0.0rc1