Search for packages
Package details: pkg:maven/org.apache.tomcat/tomcat@6.0.35
purl pkg:maven/org.apache.tomcat/tomcat@6.0.35
Tags Ghost
Next non-vulnerable version None.
Latest non-vulnerable version None.
Risk 4.0
Vulnerabilities affecting this package (5)
Vulnerability Summary Fixed by
VCID-h97e-vw19-aaap
Aliases:
CVE-2012-2733
java/org/apache/coyote/http11/InternalNioInputBuffer.java in the HTTP NIO connector in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.28 does not properly restrict the request-header size, which allows remote attackers to cause a denial of service (memory consumption) via a large amount of header data.
6.0.36
Affected by 2 other vulnerabilities.
7.0.28
Affected by 1 other vulnerability.
VCID-ntxm-uwj5-aaae
Aliases:
CVE-2012-4431
GHSA-76vr-72mv-mf3q
org/apache/catalina/filters/CsrfPreventionFilter.java in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.32 allows remote attackers to bypass the cross-site request forgery (CSRF) protection mechanism via a request that lacks a session identifier.
6.0.36
Affected by 2 other vulnerabilities.
7.0.32
Affected by 1 other vulnerability.
VCID-rd75-u224-aaaj
Aliases:
CVE-2012-3546
GHSA-jgm2-m5cg-f66g
org/apache/catalina/realm/RealmBase.java in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.30, when FORM authentication is used, allows remote attackers to bypass security-constraint checks by leveraging a previous setUserPrincipal call and then placing /j_security_check at the end of a URI.
6.0.36
Affected by 2 other vulnerabilities.
7.0.30
Affected by 0 other vulnerabilities.
VCID-se2g-2qje-aaab
Aliases:
CVE-2012-4534
org/apache/tomcat/util/net/NioEndpoint.java in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.28, when the NIO connector is used in conjunction with sendfile and HTTPS, allows remote attackers to cause a denial of service (infinite loop) by terminating the connection during the reading of a response.
6.0.36
Affected by 2 other vulnerabilities.
7.0.28
Affected by 1 other vulnerability.
VCID-ua97-8gn8-aaaq
Aliases:
CVE-2012-3439
CVE-2012-3439 Rejected: CVE-2012-3439
6.0.36
Affected by 2 other vulnerabilities.
7.0.30
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2025-03-28T13:19:34.111460+00:00 Apache Tomcat Importer Fixing VCID-hfvf-t5zf-aaaf https://tomcat.apache.org/security-6.html 36.0.0
2025-03-28T13:19:34.047565+00:00 Apache Tomcat Importer Fixing VCID-49pd-2mxh-aaaq https://tomcat.apache.org/security-6.html 36.0.0
2025-03-28T13:19:33.993287+00:00 Apache Tomcat Importer Fixing VCID-21dz-gxvm-aaam https://tomcat.apache.org/security-6.html 36.0.0
2025-03-28T13:19:33.934016+00:00 Apache Tomcat Importer Affected by VCID-se2g-2qje-aaab https://tomcat.apache.org/security-6.html 36.0.0
2025-03-28T13:19:33.877331+00:00 Apache Tomcat Importer Affected by VCID-ntxm-uwj5-aaae https://tomcat.apache.org/security-6.html 36.0.0
2025-03-28T13:19:33.823196+00:00 Apache Tomcat Importer Affected by VCID-rd75-u224-aaaj https://tomcat.apache.org/security-6.html 36.0.0
2025-03-28T13:19:33.768691+00:00 Apache Tomcat Importer Affected by VCID-ua97-8gn8-aaaq https://tomcat.apache.org/security-6.html 36.0.0
2025-03-28T13:19:33.713997+00:00 Apache Tomcat Importer Affected by VCID-h97e-vw19-aaap https://tomcat.apache.org/security-6.html 36.0.0
2025-01-17T02:28:48.902318+00:00 GHSA Importer Fixing VCID-rhcq-wuxw-aaad None 35.1.0
2024-10-15T18:07:55.878309+00:00 GithubOSV Importer Fixing VCID-rhcq-wuxw-aaad https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-wr3m-gw98-mc3j/GHSA-wr3m-gw98-mc3j.json 34.0.2
2024-10-15T18:07:51.573537+00:00 GithubOSV Importer Fixing VCID-21dz-gxvm-aaam https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-rp8h-vr48-4j8p/GHSA-rp8h-vr48-4j8p.json 34.0.2
2024-10-15T18:07:40.441723+00:00 GithubOSV Importer Fixing VCID-q83w-hakh-aaaa https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-pvjh-7h8q-q56r/GHSA-pvjh-7h8q-q56r.json 34.0.2
2024-09-18T09:12:33.087322+00:00 GithubOSV Importer Fixing VCID-q83w-hakh-aaaa https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-pvjh-7h8q-q56r/GHSA-pvjh-7h8q-q56r.json 34.0.1
2024-09-18T09:10:52.056005+00:00 GithubOSV Importer Fixing VCID-rhcq-wuxw-aaad https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-wr3m-gw98-mc3j/GHSA-wr3m-gw98-mc3j.json 34.0.1
2024-09-18T09:07:53.459328+00:00 GithubOSV Importer Fixing VCID-21dz-gxvm-aaam https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-rp8h-vr48-4j8p/GHSA-rp8h-vr48-4j8p.json 34.0.1
2024-09-18T08:17:44.129783+00:00 Apache Tomcat Importer Fixing VCID-hfvf-t5zf-aaaf https://tomcat.apache.org/security-6.html 34.0.1
2024-09-18T08:17:44.074007+00:00 Apache Tomcat Importer Fixing VCID-49pd-2mxh-aaaq https://tomcat.apache.org/security-6.html 34.0.1
2024-09-18T08:17:44.026078+00:00 Apache Tomcat Importer Fixing VCID-21dz-gxvm-aaam https://tomcat.apache.org/security-6.html 34.0.1
2024-09-18T08:17:43.968326+00:00 Apache Tomcat Importer Affected by VCID-se2g-2qje-aaab https://tomcat.apache.org/security-6.html 34.0.1
2024-09-18T08:17:43.915152+00:00 Apache Tomcat Importer Affected by VCID-ntxm-uwj5-aaae https://tomcat.apache.org/security-6.html 34.0.1
2024-09-18T08:17:43.863591+00:00 Apache Tomcat Importer Affected by VCID-rd75-u224-aaaj https://tomcat.apache.org/security-6.html 34.0.1
2024-09-18T08:17:43.803935+00:00 Apache Tomcat Importer Affected by VCID-ua97-8gn8-aaaq https://tomcat.apache.org/security-6.html 34.0.1
2024-09-18T08:17:43.751569+00:00 Apache Tomcat Importer Affected by VCID-h97e-vw19-aaap https://tomcat.apache.org/security-6.html 34.0.1
2024-09-17T22:36:45.572816+00:00 GitLab Importer Fixing VCID-21dz-gxvm-aaam https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.tomcat/tomcat/CVE-2011-3375.yml 34.0.1
2024-09-17T22:36:32.230648+00:00 GitLab Importer Fixing VCID-q83w-hakh-aaaa https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.tomcat/tomcat/CVE-2010-4312.yml 34.0.1
2024-09-17T22:36:29.844429+00:00 GitLab Importer Fixing VCID-rhcq-wuxw-aaad https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.tomcat/tomcat/CVE-2011-4858.yml 34.0.1
2024-09-17T22:04:21.078261+00:00 GHSA Importer Fixing VCID-rhcq-wuxw-aaad https://github.com/advisories/GHSA-wr3m-gw98-mc3j 34.0.1
2024-09-17T22:01:20.834168+00:00 GHSA Importer Fixing VCID-21dz-gxvm-aaam https://github.com/advisories/GHSA-rp8h-vr48-4j8p 34.0.1
2024-09-17T22:01:10.604459+00:00 GHSA Importer Fixing VCID-q83w-hakh-aaaa https://github.com/advisories/GHSA-pvjh-7h8q-q56r 34.0.1
2024-04-23T23:07:49.023163+00:00 GithubOSV Importer Fixing VCID-q83w-hakh-aaaa https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-pvjh-7h8q-q56r/GHSA-pvjh-7h8q-q56r.json 34.0.0rc4
2024-04-23T23:06:29.017659+00:00 GithubOSV Importer Fixing VCID-rhcq-wuxw-aaad https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-wr3m-gw98-mc3j/GHSA-wr3m-gw98-mc3j.json 34.0.0rc4
2024-04-23T23:04:01.413416+00:00 GithubOSV Importer Fixing VCID-21dz-gxvm-aaam https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-rp8h-vr48-4j8p/GHSA-rp8h-vr48-4j8p.json 34.0.0rc4
2024-02-10T15:38:46.258403+00:00 GitLab Importer Fixing VCID-q83w-hakh-aaaa https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.tomcat/tomcat/CVE-2010-4312.yml 34.0.0rc2
2024-02-08T00:40:06.941854+00:00 GHSA Importer Fixing VCID-q83w-hakh-aaaa https://github.com/advisories/GHSA-pvjh-7h8q-q56r 34.0.0rc2
2024-01-22T15:44:08.776766+00:00 GitLab Importer Fixing VCID-21dz-gxvm-aaam https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.tomcat/tomcat/CVE-2011-3375.yml 34.0.0rc2
2024-01-19T20:15:33.209932+00:00 GHSA Importer Fixing VCID-21dz-gxvm-aaam https://github.com/advisories/GHSA-rp8h-vr48-4j8p 34.0.0rc2
2024-01-04T02:15:47.226447+00:00 Apache Tomcat Importer Fixing VCID-hfvf-t5zf-aaaf https://tomcat.apache.org/security-6.html 34.0.0rc1
2024-01-04T02:15:47.164353+00:00 Apache Tomcat Importer Fixing VCID-49pd-2mxh-aaaq https://tomcat.apache.org/security-6.html 34.0.0rc1
2024-01-04T02:15:47.108973+00:00 Apache Tomcat Importer Fixing VCID-21dz-gxvm-aaam https://tomcat.apache.org/security-6.html 34.0.0rc1
2024-01-04T02:15:47.049767+00:00 Apache Tomcat Importer Affected by VCID-se2g-2qje-aaab https://tomcat.apache.org/security-6.html 34.0.0rc1
2024-01-04T02:15:46.999759+00:00 Apache Tomcat Importer Affected by VCID-ntxm-uwj5-aaae https://tomcat.apache.org/security-6.html 34.0.0rc1
2024-01-04T02:15:46.949748+00:00 Apache Tomcat Importer Affected by VCID-rd75-u224-aaaj https://tomcat.apache.org/security-6.html 34.0.0rc1
2024-01-04T02:15:46.897041+00:00 Apache Tomcat Importer Affected by VCID-ua97-8gn8-aaaq https://tomcat.apache.org/security-6.html 34.0.0rc1
2024-01-04T02:15:46.844812+00:00 Apache Tomcat Importer Affected by VCID-h97e-vw19-aaap https://tomcat.apache.org/security-6.html 34.0.0rc1
2024-01-03T17:59:35.014004+00:00 GitLab Importer Fixing VCID-rhcq-wuxw-aaad https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.tomcat/tomcat/CVE-2011-4858.yml 34.0.0rc1
2024-01-03T17:39:05.178177+00:00 GHSA Importer Fixing VCID-rhcq-wuxw-aaad https://github.com/advisories/GHSA-wr3m-gw98-mc3j 34.0.0rc1