VulnerableCode Package Details - pkg:apache/tomcat@5.0.0

Search for packages

Package details: pkg:apache/tomcat@5.0.0

Essentials
History (45)

purl	pkg:apache/tomcat@5.0.0

Next non-vulnerable version	5.5.1
Latest non-vulnerable version	11.0.8
Risk	10.0

Vulnerabilities affecting this package (15)

Vulnerability	Summary	Fixed by
VCID-17mt-cmdb-aaar Aliases: CVE-2006-7195 GHSA-p57v-p3fx-qgwm	CVE-2006-7195 tomcat XSS in example webapps	5.5.18 Affected by 0 other vulnerabilities.
VCID-1bxb-dc7f-aaad Aliases: CVE-2007-1355 GHSA-4c6x-gfc8-c26r	CVE-2007-1355 tomcat XSS in samples	5.5.24 Affected by 5 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 6.0.11 Affected by 0 other vulnerabilities.
VCID-31ma-z76n-aaaa Aliases: CVE-2007-1858	CVE-2007-1858 tomcat anonymous cipher issue	5.5.17 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-3cn3-wbw7-aaaf Aliases: CVE-2005-4838	Multiple cross-site scripting (XSS) vulnerabilities in the example web applications for Jakarta Tomcat 5.5.6 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) el/functions.jsp, (2) el/implicit-objects.jsp, and (3) jspx/textRotate.jspx in examples/jsp2/, as demonstrated via script in a request to snp/snoop.jsp. NOTE: other XSS issues in the manager were simultaneously reported, but these require admin access and do not cross privilege boundaries.	5.5.7 Affected by 0 other vulnerabilities.
VCID-5p51-8u8j-aaaj Aliases: CVE-2007-2450 GHSA-5c5p-jxvx-x7j2	CVE-2007-2450 tomcat host manager XSS	5.5.25 Affected by 4 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 6.0.14 Affected by 2 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-8ev5-nn75-aaap Aliases: CVE-2007-0450 GHSA-4prh-gqw8-rgh5	CVE-2007-0450 tomcat directory traversal	5.5.22 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} 6.0.10 Affected by 2 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-8mnn-61dd-aaaj Aliases: CVE-2007-1358 GHSA-xmc9-6p56-3c4v	CVE-2007-1358 tomcat accept-language xss flaw	5.5.21 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} 6.0.6 Affected by 0 other vulnerabilities.
VCID-8tsz-hrqv-aaar Aliases: CVE-2007-3385 GHSA-6j8f-66vh-39mj	CVE-2007-3385 tomcat handling of cookie values	5.5.25 Affected by 4 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 6.0.14 Affected by 2 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-chsg-486g-aaac Aliases: CVE-2005-2090 GHSA-f2gq-p6qv-ccw4	Jakarta Tomcat 5.0.19 (Coyote/1.1) and Tomcat 4.1.24 (Coyote/1.0) allows remote attackers to poison the web cache, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with both a "Transfer-Encoding: chunked" header and a Content-Length header, which causes Tomcat to incorrectly handle and forward the body of the request in a way that causes the receiving server to process it as a separate HTTP request, aka "HTTP Request Smuggling."	5.5.23 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} 6.0.11 Affected by 0 other vulnerabilities.
VCID-gte7-xda1-aaas Aliases: CVE-2005-3510 GHSA-8f4w-jwqv-5cxc	Apache Tomcat 5.5.0 to 5.5.11 allows remote attackers to cause a denial of service (CPU consumption) via a large number of simultaneous requests to list a web directory that has a large number of files.	5.5.13 Affected by 0 other vulnerabilities.
VCID-jts3-sumc-aaaq Aliases: CVE-2008-0128	CVE-2008-0128 tomcat5 SSO cookie login information disclosure	5.5.21 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} 6.0.9 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-npzp-axqb-aaaa Aliases: CVE-2007-2449 GHSA-hc39-rjwp-qffq	CVE-2007-2449 tomcat examples jsp XSS	5.5.25 Affected by 4 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 6.0.14 Affected by 2 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-qdyv-j5zf-aaaq Aliases: CVE-2007-3382 GHSA-qff8-g48j-pwpw	CVE-2007-3382 tomcat handling of cookies	5.5.25 Affected by 4 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 6.0.14 Affected by 2 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-ugfm-9gaz-aaab Aliases: CVE-2006-3835 GHSA-wfj7-mhr5-pcwq	CVE-2006-3835 tomcat directory listing issue	5.5.13 Affected by 0 other vulnerabilities.
VCID-zpve-n9ex-aaak Aliases: CVE-2006-7196 GHSA-pm78-wxxf-fw98	CVE-2006-7196 tomcat XSS in example webapps	5.5.16 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-03-28T13:19:38.624872+00:00	Apache Tomcat Importer	Affected by	VCID-3cn3-wbw7-aaaf	https://tomcat.apache.org/security-5.html	36.0.0
2025-03-28T13:19:38.555330+00:00	Apache Tomcat Importer	Affected by	VCID-gte7-xda1-aaas	https://tomcat.apache.org/security-5.html	36.0.0
2025-03-28T13:19:38.487386+00:00	Apache Tomcat Importer	Affected by	VCID-ugfm-9gaz-aaab	https://tomcat.apache.org/security-5.html	36.0.0
2025-03-28T13:19:38.416494+00:00	Apache Tomcat Importer	Affected by	VCID-zpve-n9ex-aaak	https://tomcat.apache.org/security-5.html	36.0.0
2025-03-28T13:19:38.343046+00:00	Apache Tomcat Importer	Affected by	VCID-31ma-z76n-aaaa	https://tomcat.apache.org/security-5.html	36.0.0
2025-03-28T13:19:38.271950+00:00	Apache Tomcat Importer	Affected by	VCID-17mt-cmdb-aaar	https://tomcat.apache.org/security-5.html	36.0.0
2025-03-28T13:19:38.149904+00:00	Apache Tomcat Importer	Affected by	VCID-jts3-sumc-aaaq	https://tomcat.apache.org/security-5.html	36.0.0
2025-03-28T13:19:38.079155+00:00	Apache Tomcat Importer	Affected by	VCID-8mnn-61dd-aaaj	https://tomcat.apache.org/security-5.html	36.0.0
2025-03-28T13:19:38.009836+00:00	Apache Tomcat Importer	Affected by	VCID-8ev5-nn75-aaap	https://tomcat.apache.org/security-5.html	36.0.0
2025-03-28T13:19:37.936661+00:00	Apache Tomcat Importer	Affected by	VCID-chsg-486g-aaac	https://tomcat.apache.org/security-5.html	36.0.0
2025-03-28T13:19:37.865149+00:00	Apache Tomcat Importer	Affected by	VCID-1bxb-dc7f-aaad	https://tomcat.apache.org/security-5.html	36.0.0
2025-03-28T13:19:37.743348+00:00	Apache Tomcat Importer	Affected by	VCID-8tsz-hrqv-aaar	https://tomcat.apache.org/security-5.html	36.0.0
2025-03-28T13:19:37.675255+00:00	Apache Tomcat Importer	Affected by	VCID-qdyv-j5zf-aaaq	https://tomcat.apache.org/security-5.html	36.0.0
2025-03-28T13:19:37.607021+00:00	Apache Tomcat Importer	Affected by	VCID-5p51-8u8j-aaaj	https://tomcat.apache.org/security-5.html	36.0.0
2025-03-28T13:19:37.537018+00:00	Apache Tomcat Importer	Affected by	VCID-npzp-axqb-aaaa	https://tomcat.apache.org/security-5.html	36.0.0
2024-09-18T08:17:48.524442+00:00	Apache Tomcat Importer	Affected by	VCID-3cn3-wbw7-aaaf	https://tomcat.apache.org/security-5.html	34.0.1
2024-09-18T08:17:48.449968+00:00	Apache Tomcat Importer	Affected by	VCID-gte7-xda1-aaas	https://tomcat.apache.org/security-5.html	34.0.1
2024-09-18T08:17:48.378509+00:00	Apache Tomcat Importer	Affected by	VCID-ugfm-9gaz-aaab	https://tomcat.apache.org/security-5.html	34.0.1
2024-09-18T08:17:48.307250+00:00	Apache Tomcat Importer	Affected by	VCID-zpve-n9ex-aaak	https://tomcat.apache.org/security-5.html	34.0.1
2024-09-18T08:17:48.238449+00:00	Apache Tomcat Importer	Affected by	VCID-31ma-z76n-aaaa	https://tomcat.apache.org/security-5.html	34.0.1
2024-09-18T08:17:48.166528+00:00	Apache Tomcat Importer	Affected by	VCID-17mt-cmdb-aaar	https://tomcat.apache.org/security-5.html	34.0.1
2024-09-18T08:17:48.047472+00:00	Apache Tomcat Importer	Affected by	VCID-jts3-sumc-aaaq	https://tomcat.apache.org/security-5.html	34.0.1
2024-09-18T08:17:47.977857+00:00	Apache Tomcat Importer	Affected by	VCID-8mnn-61dd-aaaj	https://tomcat.apache.org/security-5.html	34.0.1
2024-09-18T08:17:47.907881+00:00	Apache Tomcat Importer	Affected by	VCID-8ev5-nn75-aaap	https://tomcat.apache.org/security-5.html	34.0.1
2024-09-18T08:17:47.843401+00:00	Apache Tomcat Importer	Affected by	VCID-chsg-486g-aaac	https://tomcat.apache.org/security-5.html	34.0.1
2024-09-18T08:17:47.779156+00:00	Apache Tomcat Importer	Affected by	VCID-1bxb-dc7f-aaad	https://tomcat.apache.org/security-5.html	34.0.1
2024-09-18T08:17:47.668656+00:00	Apache Tomcat Importer	Affected by	VCID-8tsz-hrqv-aaar	https://tomcat.apache.org/security-5.html	34.0.1
2024-09-18T08:17:47.602623+00:00	Apache Tomcat Importer	Affected by	VCID-qdyv-j5zf-aaaq	https://tomcat.apache.org/security-5.html	34.0.1
2024-09-18T08:17:47.537584+00:00	Apache Tomcat Importer	Affected by	VCID-5p51-8u8j-aaaj	https://tomcat.apache.org/security-5.html	34.0.1
2024-09-18T08:17:47.468170+00:00	Apache Tomcat Importer	Affected by	VCID-npzp-axqb-aaaa	https://tomcat.apache.org/security-5.html	34.0.1
2024-01-04T02:15:51.622158+00:00	Apache Tomcat Importer	Affected by	VCID-3cn3-wbw7-aaaf	https://tomcat.apache.org/security-5.html	34.0.0rc1
2024-01-04T02:15:51.548380+00:00	Apache Tomcat Importer	Affected by	VCID-gte7-xda1-aaas	https://tomcat.apache.org/security-5.html	34.0.0rc1
2024-01-04T02:15:51.478144+00:00	Apache Tomcat Importer	Affected by	VCID-ugfm-9gaz-aaab	https://tomcat.apache.org/security-5.html	34.0.0rc1
2024-01-04T02:15:51.408487+00:00	Apache Tomcat Importer	Affected by	VCID-zpve-n9ex-aaak	https://tomcat.apache.org/security-5.html	34.0.0rc1
2024-01-04T02:15:51.339248+00:00	Apache Tomcat Importer	Affected by	VCID-31ma-z76n-aaaa	https://tomcat.apache.org/security-5.html	34.0.0rc1
2024-01-04T02:15:51.272114+00:00	Apache Tomcat Importer	Affected by	VCID-17mt-cmdb-aaar	https://tomcat.apache.org/security-5.html	34.0.0rc1
2024-01-04T02:15:51.156713+00:00	Apache Tomcat Importer	Affected by	VCID-jts3-sumc-aaaq	https://tomcat.apache.org/security-5.html	34.0.0rc1
2024-01-04T02:15:51.088593+00:00	Apache Tomcat Importer	Affected by	VCID-8mnn-61dd-aaaj	https://tomcat.apache.org/security-5.html	34.0.0rc1
2024-01-04T02:15:51.020673+00:00	Apache Tomcat Importer	Affected by	VCID-8ev5-nn75-aaap	https://tomcat.apache.org/security-5.html	34.0.0rc1
2024-01-04T02:15:50.955327+00:00	Apache Tomcat Importer	Affected by	VCID-chsg-486g-aaac	https://tomcat.apache.org/security-5.html	34.0.0rc1
2024-01-04T02:15:50.888449+00:00	Apache Tomcat Importer	Affected by	VCID-1bxb-dc7f-aaad	https://tomcat.apache.org/security-5.html	34.0.0rc1
2024-01-04T02:15:50.779016+00:00	Apache Tomcat Importer	Affected by	VCID-8tsz-hrqv-aaar	https://tomcat.apache.org/security-5.html	34.0.0rc1
2024-01-04T02:15:50.712453+00:00	Apache Tomcat Importer	Affected by	VCID-qdyv-j5zf-aaaq	https://tomcat.apache.org/security-5.html	34.0.0rc1
2024-01-04T02:15:50.640007+00:00	Apache Tomcat Importer	Affected by	VCID-5p51-8u8j-aaaj	https://tomcat.apache.org/security-5.html	34.0.0rc1
2024-01-04T02:15:50.571027+00:00	Apache Tomcat Importer	Affected by	VCID-npzp-axqb-aaaa	https://tomcat.apache.org/security-5.html	34.0.0rc1