Search for packages
Package details: pkg:maven/org.apache.tomcat/tomcat@6.0.39
purl pkg:maven/org.apache.tomcat/tomcat@6.0.39
Tags Ghost
Next non-vulnerable version None.
Latest non-vulnerable version None.
Risk 10.0
Vulnerabilities affecting this package (4)
Vulnerability Summary Fixed by
VCID-3vzq-2cx8-aaab
Aliases:
CVE-2014-0099
GHSA-xh5x-j8jf-pcpx
Integer overflow in java/org/apache/tomcat/util/buf/Ascii.java in Apache Tomcat before 6.0.40, 7.x before 7.0.53, and 8.x before 8.0.4, when operated behind a reverse proxy, allows remote attackers to conduct HTTP request smuggling attacks via a crafted Content-Length HTTP header.
6.0.40
Affected by 0 other vulnerabilities.
6.0.41
Affected by 1 other vulnerability.
7.0.53
Affected by 51 other vulnerabilities.
7.0.54
Affected by 48 other vulnerabilities.
8.0.5
Affected by 39 other vulnerabilities.
8.0.6
Affected by 0 other vulnerabilities.
8.0.8
Affected by 36 other vulnerabilities.
VCID-691b-gvyr-aaaj
Aliases:
CVE-2014-0096
GHSA-qprx-q2r7-3rx6
java/org/apache/catalina/servlets/DefaultServlet.java in the default servlet in Apache Tomcat before 6.0.40, 7.x before 7.0.53, and 8.x before 8.0.4 does not properly restrict XSLT stylesheets, which allows remote attackers to bypass security-manager restrictions and read arbitrary files via a crafted web application that provides an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.
6.0.40
Affected by 0 other vulnerabilities.
6.0.41
Affected by 1 other vulnerability.
7.0.53
Affected by 51 other vulnerabilities.
7.0.54
Affected by 48 other vulnerabilities.
8.0.5
Affected by 39 other vulnerabilities.
8.0.6
Affected by 0 other vulnerabilities.
8.0.8
Affected by 36 other vulnerabilities.
VCID-cnyr-2n1f-aaar
Aliases:
CVE-2014-0119
GHSA-prc3-7f44-w48j
Apache Tomcat before 6.0.40, 7.x before 7.0.54, and 8.x before 8.0.6 does not properly constrain the class loader that accesses the XML parser used with an XSLT stylesheet, which allows remote attackers to (1) read arbitrary files via a crafted web application that provides an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue, or (2) read files associated with different web applications on a single Tomcat instance via a crafted web application.
6.0.40
Affected by 0 other vulnerabilities.
6.0.41
Affected by 1 other vulnerability.
7.0.54
Affected by 48 other vulnerabilities.
8.0.6
Affected by 0 other vulnerabilities.
8.0.8
Affected by 36 other vulnerabilities.
VCID-u3ks-rt2w-aaaf
Aliases:
CVE-2014-0075
GHSA-475f-74wp-pqv5
Integer overflow in the parseChunkHeader function in java/org/apache/coyote/http11/filters/ChunkedInputFilter.java in Apache Tomcat before 6.0.40, 7.x before 7.0.53, and 8.x before 8.0.4 allows remote attackers to cause a denial of service (resource consumption) via a malformed chunk size in chunked transfer coding of a request during the streaming of data.
6.0.40
Affected by 0 other vulnerabilities.
6.0.41
Affected by 1 other vulnerability.
7.0.53
Affected by 51 other vulnerabilities.
8.0.4
Affected by 0 other vulnerabilities.
8.0.5
Affected by 39 other vulnerabilities.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2025-03-28T13:19:33.547008+00:00 Apache Tomcat Importer Fixing VCID-n2sr-4pag-aaas https://tomcat.apache.org/security-6.html 36.0.0
2025-03-28T13:19:33.483886+00:00 Apache Tomcat Importer Fixing VCID-3k3s-uk1p-aaag https://tomcat.apache.org/security-6.html 36.0.0
2025-03-28T13:19:33.426801+00:00 Apache Tomcat Importer Fixing VCID-frgh-n7zt-aaar https://tomcat.apache.org/security-6.html 36.0.0
2025-03-28T13:19:33.376473+00:00 Apache Tomcat Importer Fixing VCID-mmcg-y2kn-aaab https://tomcat.apache.org/security-6.html 36.0.0
2025-03-28T13:19:33.323358+00:00 Apache Tomcat Importer Fixing VCID-dcgs-veeg-aaah https://tomcat.apache.org/security-6.html 36.0.0
2025-03-28T13:19:33.269361+00:00 Apache Tomcat Importer Affected by VCID-cnyr-2n1f-aaar https://tomcat.apache.org/security-6.html 36.0.0
2025-03-28T13:19:33.210153+00:00 Apache Tomcat Importer Affected by VCID-3vzq-2cx8-aaab https://tomcat.apache.org/security-6.html 36.0.0
2025-03-28T13:19:33.160011+00:00 Apache Tomcat Importer Affected by VCID-691b-gvyr-aaaj https://tomcat.apache.org/security-6.html 36.0.0
2025-03-28T13:19:33.113105+00:00 Apache Tomcat Importer Affected by VCID-u3ks-rt2w-aaaf https://tomcat.apache.org/security-6.html 36.0.0
2025-01-17T02:29:15.458344+00:00 GHSA Importer Fixing VCID-3k3s-uk1p-aaag None 35.1.0
2024-10-15T18:08:43.995483+00:00 GithubOSV Importer Fixing VCID-3k3s-uk1p-aaag https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-87w9-x2c3-hrjj/GHSA-87w9-x2c3-hrjj.json 34.0.2
2024-10-15T18:08:41.262327+00:00 GithubOSV Importer Fixing VCID-frgh-n7zt-aaar https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-wq2p-q66w-q8gp/GHSA-wq2p-q66w-q8gp.json 34.0.2
2024-10-15T18:08:39.759784+00:00 GithubOSV Importer Fixing VCID-mmcg-y2kn-aaab https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-j448-j653-r3vj/GHSA-j448-j653-r3vj.json 34.0.2
2024-09-18T09:13:58.495303+00:00 GithubOSV Importer Fixing VCID-3k3s-uk1p-aaag https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-87w9-x2c3-hrjj/GHSA-87w9-x2c3-hrjj.json 34.0.1
2024-09-18T09:10:37.170661+00:00 GithubOSV Importer Fixing VCID-mmcg-y2kn-aaab https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-j448-j653-r3vj/GHSA-j448-j653-r3vj.json 34.0.1
2024-09-18T09:08:40.532784+00:00 GithubOSV Importer Fixing VCID-frgh-n7zt-aaar https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-wq2p-q66w-q8gp/GHSA-wq2p-q66w-q8gp.json 34.0.1
2024-09-18T08:17:43.602472+00:00 Apache Tomcat Importer Fixing VCID-n2sr-4pag-aaas https://tomcat.apache.org/security-6.html 34.0.1
2024-09-18T08:17:43.551596+00:00 Apache Tomcat Importer Fixing VCID-3k3s-uk1p-aaag https://tomcat.apache.org/security-6.html 34.0.1
2024-09-18T08:17:43.501036+00:00 Apache Tomcat Importer Fixing VCID-frgh-n7zt-aaar https://tomcat.apache.org/security-6.html 34.0.1
2024-09-18T08:17:43.451927+00:00 Apache Tomcat Importer Fixing VCID-mmcg-y2kn-aaab https://tomcat.apache.org/security-6.html 34.0.1
2024-09-18T08:17:43.399495+00:00 Apache Tomcat Importer Fixing VCID-dcgs-veeg-aaah https://tomcat.apache.org/security-6.html 34.0.1
2024-09-18T08:17:43.348206+00:00 Apache Tomcat Importer Affected by VCID-cnyr-2n1f-aaar https://tomcat.apache.org/security-6.html 34.0.1
2024-09-18T08:17:43.295219+00:00 Apache Tomcat Importer Affected by VCID-3vzq-2cx8-aaab https://tomcat.apache.org/security-6.html 34.0.1
2024-09-18T08:17:43.249940+00:00 Apache Tomcat Importer Affected by VCID-691b-gvyr-aaaj https://tomcat.apache.org/security-6.html 34.0.1
2024-09-18T08:17:43.204250+00:00 Apache Tomcat Importer Affected by VCID-u3ks-rt2w-aaaf https://tomcat.apache.org/security-6.html 34.0.1
2024-09-17T22:36:50.823026+00:00 GitLab Importer Fixing VCID-mmcg-y2kn-aaab https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.tomcat/tomcat/CVE-2013-4286.yml 34.0.1
2024-09-17T22:36:43.519121+00:00 GitLab Importer Fixing VCID-3k3s-uk1p-aaag https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.tomcat/tomcat/CVE-2013-4590.yml 34.0.1
2024-09-17T22:36:34.108699+00:00 GitLab Importer Fixing VCID-frgh-n7zt-aaar https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.tomcat/tomcat/CVE-2013-4322.yml 34.0.1
2024-09-17T22:03:09.331861+00:00 GHSA Importer Fixing VCID-mmcg-y2kn-aaab https://github.com/advisories/GHSA-j448-j653-r3vj 34.0.1
2024-09-17T22:03:08.977869+00:00 GHSA Importer Fixing VCID-frgh-n7zt-aaar https://github.com/advisories/GHSA-wq2p-q66w-q8gp 34.0.1
2024-09-17T22:01:00.000845+00:00 GHSA Importer Fixing VCID-3k3s-uk1p-aaag https://github.com/advisories/GHSA-87w9-x2c3-hrjj 34.0.1
2024-04-23T23:08:53.150444+00:00 GithubOSV Importer Fixing VCID-3k3s-uk1p-aaag https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-87w9-x2c3-hrjj/GHSA-87w9-x2c3-hrjj.json 34.0.0rc4
2024-04-23T23:06:16.498541+00:00 GithubOSV Importer Fixing VCID-mmcg-y2kn-aaab https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-j448-j653-r3vj/GHSA-j448-j653-r3vj.json 34.0.0rc4
2024-04-23T23:04:39.526211+00:00 GithubOSV Importer Fixing VCID-frgh-n7zt-aaar https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-wq2p-q66w-q8gp/GHSA-wq2p-q66w-q8gp.json 34.0.0rc4
2024-04-23T17:40:34.110138+00:00 GHSA Importer Fixing VCID-mmcg-y2kn-aaab https://github.com/advisories/GHSA-j448-j653-r3vj 34.0.0rc4
2024-04-23T17:40:33.692662+00:00 GHSA Importer Fixing VCID-frgh-n7zt-aaar https://github.com/advisories/GHSA-wq2p-q66w-q8gp 34.0.0rc4
2024-04-23T17:40:03.610424+00:00 GHSA Importer Fixing VCID-3k3s-uk1p-aaag https://github.com/advisories/GHSA-87w9-x2c3-hrjj 34.0.0rc4
2024-01-04T02:15:46.699860+00:00 Apache Tomcat Importer Fixing VCID-n2sr-4pag-aaas https://tomcat.apache.org/security-6.html 34.0.0rc1
2024-01-04T02:15:46.652370+00:00 Apache Tomcat Importer Fixing VCID-3k3s-uk1p-aaag https://tomcat.apache.org/security-6.html 34.0.0rc1
2024-01-04T02:15:46.604906+00:00 Apache Tomcat Importer Fixing VCID-frgh-n7zt-aaar https://tomcat.apache.org/security-6.html 34.0.0rc1
2024-01-04T02:15:46.558411+00:00 Apache Tomcat Importer Fixing VCID-mmcg-y2kn-aaab https://tomcat.apache.org/security-6.html 34.0.0rc1
2024-01-04T02:15:46.508809+00:00 Apache Tomcat Importer Fixing VCID-dcgs-veeg-aaah https://tomcat.apache.org/security-6.html 34.0.0rc1
2024-01-04T02:15:46.454023+00:00 Apache Tomcat Importer Affected by VCID-cnyr-2n1f-aaar https://tomcat.apache.org/security-6.html 34.0.0rc1
2024-01-04T02:15:46.396227+00:00 Apache Tomcat Importer Affected by VCID-3vzq-2cx8-aaab https://tomcat.apache.org/security-6.html 34.0.0rc1
2024-01-04T02:15:46.348178+00:00 Apache Tomcat Importer Affected by VCID-691b-gvyr-aaaj https://tomcat.apache.org/security-6.html 34.0.0rc1
2024-01-04T02:15:46.298445+00:00 Apache Tomcat Importer Affected by VCID-u3ks-rt2w-aaaf https://tomcat.apache.org/security-6.html 34.0.0rc1
2024-01-03T17:59:54.430122+00:00 GitLab Importer Fixing VCID-mmcg-y2kn-aaab https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.tomcat/tomcat/CVE-2013-4286.yml 34.0.0rc1
2024-01-03T17:59:47.335850+00:00 GitLab Importer Fixing VCID-3k3s-uk1p-aaag https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.tomcat/tomcat/CVE-2013-4590.yml 34.0.0rc1
2024-01-03T17:59:38.673648+00:00 GitLab Importer Fixing VCID-frgh-n7zt-aaar https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.tomcat/tomcat/CVE-2013-4322.yml 34.0.0rc1
2024-01-03T17:39:10.511412+00:00 GHSA Importer Fixing VCID-3k3s-uk1p-aaag https://github.com/advisories/GHSA-87w9-x2c3-hrjj 34.0.0rc1
2024-01-03T17:37:57.241981+00:00 GHSA Importer Fixing VCID-mmcg-y2kn-aaab https://github.com/advisories/GHSA-j448-j653-r3vj 34.0.0rc1
2024-01-03T17:37:56.855558+00:00 GHSA Importer Fixing VCID-frgh-n7zt-aaar https://github.com/advisories/GHSA-wq2p-q66w-q8gp 34.0.0rc1