Search for packages
Package details: pkg:maven/org.apache.tomcat/tomcat@6.0.45
purl pkg:maven/org.apache.tomcat/tomcat@6.0.45
Tags Ghost
Next non-vulnerable version None.
Latest non-vulnerable version None.
Risk 4.5
Vulnerabilities affecting this package (5)
Vulnerability Summary Fixed by
VCID-3kmg-uhrj-aaaq
Aliases:
CVE-2016-6797
GHSA-q6x7-f33r-3wxx
The ResourceLinkFactory implementation in Apache Tomcat 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 and 6.0.0 to 6.0.45 did not limit web application access to global JNDI resources to those resources explicitly linked to the web application. Therefore, it was possible for a web application to access any global JNDI resource whether an explicit ResourceLink had been configured or not.
6.0.47
Affected by 2 other vulnerabilities.
7.0.72
Affected by 32 other vulnerabilities.
8.0.37
Affected by 20 other vulnerabilities.
8.5.5
Affected by 56 other vulnerabilities.
9.0.0.M10
Affected by 57 other vulnerabilities.
VCID-3spb-m822-aaab
Aliases:
CVE-2016-6794
GHSA-2rvf-329f-p99g
System Property Disclosure in Apache Tomcat
6.0.47
Affected by 2 other vulnerabilities.
7.0.72
Affected by 32 other vulnerabilities.
8.0.37
Affected by 20 other vulnerabilities.
8.5.5
Affected by 56 other vulnerabilities.
9.0.0.M10
Affected by 57 other vulnerabilities.
VCID-bwx4-6bsd-aaaf
Aliases:
CVE-2016-0762
GHSA-wxcp-f2c8-x6xv
Information Exposure Through Timing Discrepancy The Realm implementations in Apache Tomcat does not process the supplied password if the supplied user name did not exist which makes it possible to use a timing attack to determine valid user names.
6.0.46
Affected by 0 other vulnerabilities.
6.0.47
Affected by 2 other vulnerabilities.
7.0.72
Affected by 32 other vulnerabilities.
8.0.37
Affected by 20 other vulnerabilities.
8.5.5
Affected by 56 other vulnerabilities.
9.0.0.M10
Affected by 57 other vulnerabilities.
VCID-msaf-115m-aaaq
Aliases:
CVE-2016-6796
GHSA-3mjp-p938-4329
A malicious web application running on Apache Tomcat 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 and 6.0.0 to 6.0.45 was able to bypass a configured SecurityManager via manipulation of the configuration parameters for the JSP Servlet.
6.0.46
Affected by 0 other vulnerabilities.
6.0.47
Affected by 2 other vulnerabilities.
7.0.71
Affected by 0 other vulnerabilities.
7.0.72
Affected by 32 other vulnerabilities.
8.0.37
Affected by 20 other vulnerabilities.
8.5.5
Affected by 56 other vulnerabilities.
9.0.0.M10
Affected by 57 other vulnerabilities.
VCID-szah-tgau-aaad
Aliases:
CVE-2016-5018
GHSA-4v3g-g84w-hv7r
Improper Access Control In Apache Tomcat, a malicious web application was able to bypass a configured `SecurityManager` via a Tomcat utility method that was accessible to web applications.
6.0.47
Affected by 2 other vulnerabilities.
7.0.72
Affected by 32 other vulnerabilities.
8.0.37
Affected by 20 other vulnerabilities.
8.5.5
Affected by 56 other vulnerabilities.
9.0.0.M10
Affected by 57 other vulnerabilities.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2025-03-28T13:19:32.908339+00:00 Apache Tomcat Importer Fixing VCID-zwru-xv8h-aaae https://tomcat.apache.org/security-6.html 36.0.0
2025-03-28T13:19:32.851148+00:00 Apache Tomcat Importer Fixing VCID-8ff2-1h4t-aaaa https://tomcat.apache.org/security-6.html 36.0.0
2025-03-28T13:19:32.797428+00:00 Apache Tomcat Importer Fixing VCID-en12-rf3h-aaah https://tomcat.apache.org/security-6.html 36.0.0
2025-03-28T13:19:32.740076+00:00 Apache Tomcat Importer Fixing VCID-c5ge-w5qj-aaam https://tomcat.apache.org/security-6.html 36.0.0
2025-03-28T13:19:32.680756+00:00 Apache Tomcat Importer Affected by VCID-bwx4-6bsd-aaaf https://tomcat.apache.org/security-6.html 36.0.0
2025-03-28T13:19:32.629376+00:00 Apache Tomcat Importer Affected by VCID-szah-tgau-aaad https://tomcat.apache.org/security-6.html 36.0.0
2025-03-28T13:19:32.575271+00:00 Apache Tomcat Importer Affected by VCID-3spb-m822-aaab https://tomcat.apache.org/security-6.html 36.0.0
2025-03-28T13:19:32.524626+00:00 Apache Tomcat Importer Affected by VCID-msaf-115m-aaaq https://tomcat.apache.org/security-6.html 36.0.0
2025-03-28T13:19:32.466823+00:00 Apache Tomcat Importer Affected by VCID-3kmg-uhrj-aaaq https://tomcat.apache.org/security-6.html 36.0.0
2025-01-17T02:29:53.950729+00:00 GHSA Importer Affected by VCID-bwx4-6bsd-aaaf None 35.1.0
2025-01-17T02:29:51.640155+00:00 GHSA Importer Fixing VCID-8ff2-1h4t-aaaa None 35.1.0
2025-01-17T02:29:44.950698+00:00 GHSA Importer Fixing VCID-en12-rf3h-aaah None 35.1.0
2025-01-17T02:29:42.499008+00:00 GHSA Importer Fixing VCID-c5ge-w5qj-aaam None 35.1.0
2024-10-15T18:09:54.628158+00:00 GithubOSV Importer Fixing VCID-c5ge-w5qj-aaam https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-6qr6-x7jm-x2q6/GHSA-6qr6-x7jm-x2q6.json 34.0.2
2024-09-18T09:14:04.519718+00:00 GithubOSV Importer Fixing VCID-en12-rf3h-aaah https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-rh8q-vjgf-gf74/GHSA-rh8q-vjgf-gf74.json 34.0.1
2024-09-18T09:12:49.518324+00:00 GithubOSV Importer Fixing VCID-c5ge-w5qj-aaam https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-6qr6-x7jm-x2q6/GHSA-6qr6-x7jm-x2q6.json 34.0.1
2024-09-18T09:11:19.442064+00:00 GithubOSV Importer Fixing VCID-8ff2-1h4t-aaaa https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-6vx3-hr43-cfrh/GHSA-6vx3-hr43-cfrh.json 34.0.1
2024-09-18T08:17:43.019700+00:00 Apache Tomcat Importer Fixing VCID-zwru-xv8h-aaae https://tomcat.apache.org/security-6.html 34.0.1
2024-09-18T08:17:42.964875+00:00 Apache Tomcat Importer Fixing VCID-8ff2-1h4t-aaaa https://tomcat.apache.org/security-6.html 34.0.1
2024-09-18T08:17:42.916142+00:00 Apache Tomcat Importer Fixing VCID-en12-rf3h-aaah https://tomcat.apache.org/security-6.html 34.0.1
2024-09-18T08:17:42.864379+00:00 Apache Tomcat Importer Fixing VCID-c5ge-w5qj-aaam https://tomcat.apache.org/security-6.html 34.0.1
2024-09-18T08:17:42.807605+00:00 Apache Tomcat Importer Affected by VCID-bwx4-6bsd-aaaf https://tomcat.apache.org/security-6.html 34.0.1
2024-09-18T08:17:42.757007+00:00 Apache Tomcat Importer Affected by VCID-szah-tgau-aaad https://tomcat.apache.org/security-6.html 34.0.1
2024-09-18T08:17:42.702153+00:00 Apache Tomcat Importer Affected by VCID-3spb-m822-aaab https://tomcat.apache.org/security-6.html 34.0.1
2024-09-18T08:17:42.652455+00:00 Apache Tomcat Importer Affected by VCID-msaf-115m-aaaq https://tomcat.apache.org/security-6.html 34.0.1
2024-09-18T08:17:42.594197+00:00 Apache Tomcat Importer Affected by VCID-3kmg-uhrj-aaaq https://tomcat.apache.org/security-6.html 34.0.1
2024-09-17T22:36:48.334147+00:00 GitLab Importer Affected by VCID-bwx4-6bsd-aaaf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.tomcat/tomcat/CVE-2016-0762.yml 34.0.1
2024-09-17T22:36:44.134664+00:00 GitLab Importer Fixing VCID-8ff2-1h4t-aaaa https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.tomcat/tomcat/CVE-2016-0706.yml 34.0.1
2024-09-17T22:36:42.995509+00:00 GitLab Importer Fixing VCID-c5ge-w5qj-aaam https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.tomcat/tomcat/CVE-2015-5174.yml 34.0.1
2024-09-17T22:36:41.592291+00:00 GitLab Importer Affected by VCID-msaf-115m-aaaq https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.tomcat/tomcat/CVE-2016-6796.yml 34.0.1
2024-09-17T22:36:35.955885+00:00 GitLab Importer Fixing VCID-en12-rf3h-aaah https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.tomcat/tomcat/CVE-2015-5345.yml 34.0.1
2024-09-17T22:04:27.370805+00:00 GHSA Importer Fixing VCID-c5ge-w5qj-aaam https://github.com/advisories/GHSA-6qr6-x7jm-x2q6 34.0.1
2024-09-17T22:02:07.302902+00:00 GHSA Importer Fixing VCID-en12-rf3h-aaah https://github.com/advisories/GHSA-rh8q-vjgf-gf74 34.0.1
2024-09-17T22:02:06.881956+00:00 GHSA Importer Fixing VCID-8ff2-1h4t-aaaa https://github.com/advisories/GHSA-6vx3-hr43-cfrh 34.0.1
2024-09-17T22:02:04.811280+00:00 GHSA Importer Affected by VCID-msaf-115m-aaaq https://github.com/advisories/GHSA-3mjp-p938-4329 34.0.1
2024-09-17T22:00:57.981188+00:00 GHSA Importer Affected by VCID-bwx4-6bsd-aaaf https://github.com/advisories/GHSA-wxcp-f2c8-x6xv 34.0.1
2024-04-23T23:08:58.595415+00:00 GithubOSV Importer Fixing VCID-en12-rf3h-aaah https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-rh8q-vjgf-gf74/GHSA-rh8q-vjgf-gf74.json 34.0.0rc4
2024-04-23T23:08:00.491420+00:00 GithubOSV Importer Fixing VCID-c5ge-w5qj-aaam https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-6qr6-x7jm-x2q6/GHSA-6qr6-x7jm-x2q6.json 34.0.0rc4
2024-04-23T23:06:49.898378+00:00 GithubOSV Importer Fixing VCID-8ff2-1h4t-aaaa https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-6vx3-hr43-cfrh/GHSA-6vx3-hr43-cfrh.json 34.0.0rc4
2024-04-23T17:40:25.549526+00:00 GHSA Importer Fixing VCID-en12-rf3h-aaah https://github.com/advisories/GHSA-rh8q-vjgf-gf74 34.0.0rc4
2024-04-23T17:40:23.478705+00:00 GHSA Importer Affected by VCID-msaf-115m-aaaq https://github.com/advisories/GHSA-3mjp-p938-4329 34.0.0rc4
2024-04-23T17:40:01.380212+00:00 GHSA Importer Affected by VCID-bwx4-6bsd-aaaf https://github.com/advisories/GHSA-wxcp-f2c8-x6xv 34.0.0rc4
2024-01-04T02:15:46.111096+00:00 Apache Tomcat Importer Fixing VCID-zwru-xv8h-aaae https://tomcat.apache.org/security-6.html 34.0.0rc1
2024-01-04T02:15:46.056887+00:00 Apache Tomcat Importer Fixing VCID-8ff2-1h4t-aaaa https://tomcat.apache.org/security-6.html 34.0.0rc1
2024-01-04T02:15:46.010990+00:00 Apache Tomcat Importer Fixing VCID-en12-rf3h-aaah https://tomcat.apache.org/security-6.html 34.0.0rc1
2024-01-04T02:15:45.962468+00:00 Apache Tomcat Importer Fixing VCID-c5ge-w5qj-aaam https://tomcat.apache.org/security-6.html 34.0.0rc1
2024-01-04T02:15:45.914493+00:00 Apache Tomcat Importer Affected by VCID-bwx4-6bsd-aaaf https://tomcat.apache.org/security-6.html 34.0.0rc1
2024-01-04T02:15:45.867892+00:00 Apache Tomcat Importer Affected by VCID-szah-tgau-aaad https://tomcat.apache.org/security-6.html 34.0.0rc1
2024-01-04T02:15:45.813775+00:00 Apache Tomcat Importer Affected by VCID-3spb-m822-aaab https://tomcat.apache.org/security-6.html 34.0.0rc1
2024-01-04T02:15:45.769558+00:00 Apache Tomcat Importer Affected by VCID-msaf-115m-aaaq https://tomcat.apache.org/security-6.html 34.0.0rc1
2024-01-04T02:15:45.713429+00:00 Apache Tomcat Importer Affected by VCID-3kmg-uhrj-aaaq https://tomcat.apache.org/security-6.html 34.0.0rc1
2024-01-03T17:59:52.218385+00:00 GitLab Importer Affected by VCID-bwx4-6bsd-aaaf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.tomcat/tomcat/CVE-2016-0762.yml 34.0.0rc1
2024-01-03T17:59:48.150760+00:00 GitLab Importer Fixing VCID-8ff2-1h4t-aaaa https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.tomcat/tomcat/CVE-2016-0706.yml 34.0.0rc1
2024-01-03T17:59:46.704809+00:00 GitLab Importer Fixing VCID-c5ge-w5qj-aaam https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.tomcat/tomcat/CVE-2015-5174.yml 34.0.0rc1
2024-01-03T17:59:45.406981+00:00 GitLab Importer Affected by VCID-msaf-115m-aaaq https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.tomcat/tomcat/CVE-2016-6796.yml 34.0.0rc1
2024-01-03T17:59:40.738334+00:00 GitLab Importer Fixing VCID-en12-rf3h-aaah https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.tomcat/tomcat/CVE-2015-5345.yml 34.0.0rc1
2024-01-03T17:39:16.605401+00:00 GHSA Importer Affected by VCID-bwx4-6bsd-aaaf https://github.com/advisories/GHSA-wxcp-f2c8-x6xv 34.0.0rc1
2024-01-03T17:39:16.113992+00:00 GHSA Importer Fixing VCID-c5ge-w5qj-aaam https://github.com/advisories/GHSA-6qr6-x7jm-x2q6 34.0.0rc1
2024-01-03T17:36:59.791358+00:00 GHSA Importer Fixing VCID-en12-rf3h-aaah https://github.com/advisories/GHSA-rh8q-vjgf-gf74 34.0.0rc1
2024-01-03T17:36:59.354174+00:00 GHSA Importer Fixing VCID-8ff2-1h4t-aaaa https://github.com/advisories/GHSA-6vx3-hr43-cfrh 34.0.0rc1
2024-01-03T17:36:57.517089+00:00 GHSA Importer Affected by VCID-szah-tgau-aaad https://github.com/advisories/GHSA-4v3g-g84w-hv7r 34.0.0rc1
2024-01-03T17:36:55.740050+00:00 GHSA Importer Affected by VCID-msaf-115m-aaaq https://github.com/advisories/GHSA-3mjp-p938-4329 34.0.0rc1