VulnerableCode Package Details - pkg:apache/tomcat@4.1.32

Search for packages

Vulnerability	Summary	Fixed by
VCID-yjr6-wr65-aaab Aliases: CVE-2008-4308 GHSA-7g59-hm8v-cwmc	CVE-2008-4308 tomcat information disclosure vulnerability	4.1.35 Affected by 0 other vulnerabilities. 5.5.21 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}

Vulnerability

Summary

Fixed by

VCID-yjr6-wr65-aaab
Aliases:
CVE-2008-4308
GHSA-7g59-hm8v-cwmc

CVE-2008-4308 tomcat information disclosure vulnerability

4.1.35
Affected by 0 other vulnerabilities.

5.5.21
Affected by 1 other vulnerability.

Vulnerability	Summary	Aliases
VCID-31ma-z76n-aaaa	CVE-2007-1858 tomcat anonymous cipher issue	CVE-2007-1858
VCID-3cn3-wbw7-aaaf	Multiple cross-site scripting (XSS) vulnerabilities in the example web applications for Jakarta Tomcat 5.5.6 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) el/functions.jsp, (2) el/implicit-objects.jsp, and (3) jspx/textRotate.jspx in examples/jsp2/, as demonstrated via script in a request to snp/snoop.jsp. NOTE: other XSS issues in the manager were simultaneously reported, but these require admin access and do not cross privilege boundaries.	CVE-2005-4838
VCID-gte7-xda1-aaas	Apache Tomcat 5.5.0 to 5.5.11 allows remote attackers to cause a denial of service (CPU consumption) via a large number of simultaneous requests to list a web directory that has a large number of files.	CVE-2005-3510 GHSA-8f4w-jwqv-5cxc
VCID-mtv2-58p5-aaag	CVE-2008-3271 tomcat RemoteFilterValve Information disclosure	CVE-2008-3271
VCID-ugfm-9gaz-aaab	CVE-2006-3835 tomcat directory listing issue	CVE-2006-3835 GHSA-wfj7-mhr5-pcwq
VCID-zpve-n9ex-aaak	CVE-2006-7196 tomcat XSS in example webapps	CVE-2006-7196 GHSA-pm78-wxxf-fw98

Vulnerability

Summary

Aliases

VCID-31ma-z76n-aaaa

CVE-2007-1858 tomcat anonymous cipher issue

CVE-2007-1858

VCID-3cn3-wbw7-aaaf

Multiple cross-site scripting (XSS) vulnerabilities in the example web applications for Jakarta Tomcat 5.5.6 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) el/functions.jsp, (2) el/implicit-objects.jsp, and (3) jspx/textRotate.jspx in examples/jsp2/, as demonstrated via script in a request to snp/snoop.jsp. NOTE: other XSS issues in the manager were simultaneously reported, but these require admin access and do not cross privilege boundaries.

CVE-2005-4838

VCID-gte7-xda1-aaas

Apache Tomcat 5.5.0 to 5.5.11 allows remote attackers to cause a denial of service (CPU consumption) via a large number of simultaneous requests to list a web directory that has a large number of files.

CVE-2005-3510
GHSA-8f4w-jwqv-5cxc

VCID-mtv2-58p5-aaag

CVE-2008-3271 tomcat RemoteFilterValve Information disclosure

CVE-2008-3271

VCID-ugfm-9gaz-aaab

CVE-2006-3835 tomcat directory listing issue

CVE-2006-3835
GHSA-wfj7-mhr5-pcwq

VCID-zpve-n9ex-aaak

CVE-2006-7196 tomcat XSS in example webapps

CVE-2006-7196
GHSA-pm78-wxxf-fw98

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-03-28T13:19:40.364995+00:00	Apache Tomcat Importer	Fixing	VCID-gte7-xda1-aaas	https://tomcat.apache.org/security-4.html	36.0.0
2025-03-28T13:19:40.297105+00:00	Apache Tomcat Importer	Fixing	VCID-3cn3-wbw7-aaaf	https://tomcat.apache.org/security-4.html	36.0.0
2025-03-28T13:19:40.229262+00:00	Apache Tomcat Importer	Fixing	VCID-ugfm-9gaz-aaab	https://tomcat.apache.org/security-4.html	36.0.0
2025-03-28T13:19:40.156135+00:00	Apache Tomcat Importer	Fixing	VCID-zpve-n9ex-aaak	https://tomcat.apache.org/security-4.html	36.0.0
2025-03-28T13:19:40.096083+00:00	Apache Tomcat Importer	Fixing	VCID-31ma-z76n-aaaa	https://tomcat.apache.org/security-4.html	36.0.0
2025-03-28T13:19:40.042817+00:00	Apache Tomcat Importer	Fixing	VCID-mtv2-58p5-aaag	https://tomcat.apache.org/security-4.html	36.0.0
2025-03-28T13:19:39.985940+00:00	Apache Tomcat Importer	Affected by	VCID-yjr6-wr65-aaab	https://tomcat.apache.org/security-4.html	36.0.0
2024-09-18T08:17:50.242230+00:00	Apache Tomcat Importer	Fixing	VCID-gte7-xda1-aaas	https://tomcat.apache.org/security-4.html	34.0.1
2024-09-18T08:17:50.175580+00:00	Apache Tomcat Importer	Fixing	VCID-3cn3-wbw7-aaaf	https://tomcat.apache.org/security-4.html	34.0.1
2024-09-18T08:17:50.106805+00:00	Apache Tomcat Importer	Fixing	VCID-ugfm-9gaz-aaab	https://tomcat.apache.org/security-4.html	34.0.1
2024-09-18T08:17:50.040803+00:00	Apache Tomcat Importer	Fixing	VCID-zpve-n9ex-aaak	https://tomcat.apache.org/security-4.html	34.0.1
2024-09-18T08:17:49.981439+00:00	Apache Tomcat Importer	Fixing	VCID-31ma-z76n-aaaa	https://tomcat.apache.org/security-4.html	34.0.1
2024-09-18T08:17:49.919779+00:00	Apache Tomcat Importer	Fixing	VCID-mtv2-58p5-aaag	https://tomcat.apache.org/security-4.html	34.0.1
2024-09-18T08:17:49.856014+00:00	Apache Tomcat Importer	Affected by	VCID-yjr6-wr65-aaab	https://tomcat.apache.org/security-4.html	34.0.1
2024-01-04T02:15:53.310015+00:00	Apache Tomcat Importer	Fixing	VCID-gte7-xda1-aaas	https://tomcat.apache.org/security-4.html	34.0.0rc1
2024-01-04T02:15:53.241364+00:00	Apache Tomcat Importer	Fixing	VCID-3cn3-wbw7-aaaf	https://tomcat.apache.org/security-4.html	34.0.0rc1
2024-01-04T02:15:53.174307+00:00	Apache Tomcat Importer	Fixing	VCID-ugfm-9gaz-aaab	https://tomcat.apache.org/security-4.html	34.0.0rc1
2024-01-04T02:15:53.106067+00:00	Apache Tomcat Importer	Fixing	VCID-zpve-n9ex-aaak	https://tomcat.apache.org/security-4.html	34.0.0rc1
2024-01-04T02:15:53.048618+00:00	Apache Tomcat Importer	Fixing	VCID-31ma-z76n-aaaa	https://tomcat.apache.org/security-4.html	34.0.0rc1
2024-01-04T02:15:53.001474+00:00	Apache Tomcat Importer	Fixing	VCID-mtv2-58p5-aaag	https://tomcat.apache.org/security-4.html	34.0.0rc1
2024-01-04T02:15:52.947671+00:00	Apache Tomcat Importer	Affected by	VCID-yjr6-wr65-aaab	https://tomcat.apache.org/security-4.html	34.0.0rc1