VulnerableCode Package Details - pkg:apache/tomcat@4.1.12

Search for packages

Vulnerability	Summary	Fixed by
VCID-29jw-3gsy-aaad Aliases: CVE-2002-0682	Cross-site scripting vulnerability in Apache Tomcat 4.0.3 allows remote attackers to execute script as other web users via script in a URL with the /servlet/ mapping, which does not filter the script when an exception is thrown by the servlet.	4.1.13 Affected by 0 other vulnerabilities.
VCID-3wz7-8vt8-aaam Aliases: CVE-2002-1394 GHSA-8v5p-2cpv-c2x6	Apache Tomcat 4.0.5 and earlier, when using both the invoker servlet and the default servlet, allows remote attackers to read source code for server files or bypass certain protections, a variant of CAN-2002-1148.	4.1.13 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-29jw-3gsy-aaad
Aliases:
CVE-2002-0682

Cross-site scripting vulnerability in Apache Tomcat 4.0.3 allows remote attackers to execute script as other web users via script in a URL with the /servlet/ mapping, which does not filter the script when an exception is thrown by the servlet.

4.1.13
Affected by 0 other vulnerabilities.

VCID-3wz7-8vt8-aaam
Aliases:
CVE-2002-1394
GHSA-8v5p-2cpv-c2x6

Apache Tomcat 4.0.5 and earlier, when using both the invoker servlet and the default servlet, allows remote attackers to read source code for server files or bypass certain protections, a variant of CAN-2002-1148.

4.1.13
Affected by 0 other vulnerabilities.

Vulnerability	Summary	Aliases
VCID-ncxu-ua7h-aaab	The default servlet (org.apache.catalina.servlets.DefaultServlet) in Tomcat 4.0.4 and 4.1.10 and earlier allows remote attackers to read source code for server files via a direct request to the servlet.	CVE-2002-1148 GHSA-jxcv-v856-j5vg

Vulnerability

Summary

Aliases

VCID-ncxu-ua7h-aaab

The default servlet (org.apache.catalina.servlets.DefaultServlet) in Tomcat 4.0.4 and 4.1.10 and earlier allows remote attackers to read source code for server files via a direct request to the servlet.

CVE-2002-1148
GHSA-jxcv-v856-j5vg

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-03-28T13:19:40.626631+00:00	Apache Tomcat Importer	Fixing	VCID-ncxu-ua7h-aaab	https://tomcat.apache.org/security-4.html	36.0.0
2025-03-28T13:19:40.548395+00:00	Apache Tomcat Importer	Affected by	VCID-29jw-3gsy-aaad	https://tomcat.apache.org/security-4.html	36.0.0
2025-03-28T13:19:40.477274+00:00	Apache Tomcat Importer	Affected by	VCID-3wz7-8vt8-aaam	https://tomcat.apache.org/security-4.html	36.0.0
2024-09-18T08:17:50.500620+00:00	Apache Tomcat Importer	Fixing	VCID-ncxu-ua7h-aaab	https://tomcat.apache.org/security-4.html	34.0.1
2024-09-18T08:17:50.424294+00:00	Apache Tomcat Importer	Affected by	VCID-29jw-3gsy-aaad	https://tomcat.apache.org/security-4.html	34.0.1
2024-09-18T08:17:50.355229+00:00	Apache Tomcat Importer	Affected by	VCID-3wz7-8vt8-aaam	https://tomcat.apache.org/security-4.html	34.0.1
2024-01-04T02:15:53.559045+00:00	Apache Tomcat Importer	Fixing	VCID-ncxu-ua7h-aaab	https://tomcat.apache.org/security-4.html	34.0.0rc1
2024-01-04T02:15:53.485450+00:00	Apache Tomcat Importer	Affected by	VCID-29jw-3gsy-aaad	https://tomcat.apache.org/security-4.html	34.0.0rc1
2024-01-04T02:15:53.417439+00:00	Apache Tomcat Importer	Affected by	VCID-3wz7-8vt8-aaam	https://tomcat.apache.org/security-4.html	34.0.0rc1