VulnerableCode Package Details - pkg:apache/tomcat@4.1.2

Search for packages

Package details: pkg:apache/tomcat@4.1.2

Essentials
History (3)

purl	pkg:apache/tomcat@4.1.2

Next non-vulnerable version	4.1.3
Latest non-vulnerable version	11.0.8
Risk	4.0

Vulnerabilities affecting this package (1)

Vulnerability	Summary	Fixed by
VCID-av1e-fm3v-aaag Aliases: CVE-2002-0935 GHSA-xmf4-j3j7-xj7q	Apache Tomcat 4.0.3, and possibly other versions before 4.1.3 beta, allows remote attackers to cause a denial of service (resource exhaustion) via a large number of requests to the server with null characters, which causes the working threads to hang.	4.1.3 Affected by 0 other vulnerabilities.

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-03-28T13:19:40.707965+00:00	Apache Tomcat Importer	Affected by	VCID-av1e-fm3v-aaag	https://tomcat.apache.org/security-4.html	36.0.0
2024-09-18T08:17:50.585773+00:00	Apache Tomcat Importer	Affected by	VCID-av1e-fm3v-aaag	https://tomcat.apache.org/security-4.html	34.0.1
2024-01-04T02:15:53.637728+00:00	Apache Tomcat Importer	Affected by	VCID-av1e-fm3v-aaag	https://tomcat.apache.org/security-4.html	34.0.0rc1