Search for packages
| purl | pkg:apache/tomcat@4.0.4 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-av1e-fm3v-aaag
Aliases: CVE-2002-0935 GHSA-xmf4-j3j7-xj7q |
Apache Tomcat 4.0.3, and possibly other versions before 4.1.3 beta, allows remote attackers to cause a denial of service (resource exhaustion) via a large number of requests to the server with null characters, which causes the working threads to hang. |
Affected by 0 other vulnerabilities. |
|
VCID-ncxu-ua7h-aaab
Aliases: CVE-2002-1148 GHSA-jxcv-v856-j5vg |
The default servlet (org.apache.catalina.servlets.DefaultServlet) in Tomcat 4.0.4 and 4.1.10 and earlier allows remote attackers to read source code for server files via a direct request to the servlet. |
Affected by 2 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2025-03-28T13:19:40.693360+00:00 | Apache Tomcat Importer | Affected by | VCID-av1e-fm3v-aaag | https://tomcat.apache.org/security-4.html | 36.0.0 |
| 2025-03-28T13:19:40.612074+00:00 | Apache Tomcat Importer | Affected by | VCID-ncxu-ua7h-aaab | https://tomcat.apache.org/security-4.html | 36.0.0 |
| 2024-09-18T08:17:50.570143+00:00 | Apache Tomcat Importer | Affected by | VCID-av1e-fm3v-aaag | https://tomcat.apache.org/security-4.html | 34.0.1 |
| 2024-09-18T08:17:50.485289+00:00 | Apache Tomcat Importer | Affected by | VCID-ncxu-ua7h-aaab | https://tomcat.apache.org/security-4.html | 34.0.1 |
| 2024-01-04T02:15:53.623501+00:00 | Apache Tomcat Importer | Affected by | VCID-av1e-fm3v-aaag | https://tomcat.apache.org/security-4.html | 34.0.0rc1 |
| 2024-01-04T02:15:53.545061+00:00 | Apache Tomcat Importer | Affected by | VCID-ncxu-ua7h-aaab | https://tomcat.apache.org/security-4.html | 34.0.0rc1 |