VulnerableCode Package Details - pkg:apache/tomcat@6.0.24

Search for packages

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerability

Summary

Fixed by

This package is not known to be affected by vulnerabilities.

Vulnerability	Summary	Aliases
VCID-9hhz-11ph-aaan	The Windows installer for Apache Tomcat 6.0.0 through 6.0.20, 5.5.0 through 5.5.28, and possibly earlier versions uses a blank default password for the administrative user, which allows remote attackers to gain privileges.	CVE-2009-3548
VCID-kg1r-u6pn-aaak	CVE-2009-2902 tomcat: unexpected file deletion in work directory	CVE-2009-2902 GHSA-8wch-9gcg-v2pr
VCID-x2d7-89h7-aaac	Directory traversal vulnerability in Apache Tomcat 5.5.0 through 5.5.28 and 6.0.0 through 6.0.20 allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) in an entry in a WAR file, as demonstrated by a ../../bin/catalina.bat entry.	CVE-2009-2693 GHSA-ggx9-4728-588r
VCID-z4zw-kc9e-aaas	CVE-2009-2901 tomcat: insecure partial deploy after failed undeploy	CVE-2009-2901 GHSA-hjfh-7c4v-7q8h

Vulnerability

Summary

Aliases

VCID-9hhz-11ph-aaan

The Windows installer for Apache Tomcat 6.0.0 through 6.0.20, 5.5.0 through 5.5.28, and possibly earlier versions uses a blank default password for the administrative user, which allows remote attackers to gain privileges.

CVE-2009-3548

VCID-kg1r-u6pn-aaak

CVE-2009-2902 tomcat: unexpected file deletion in work directory

CVE-2009-2902
GHSA-8wch-9gcg-v2pr

VCID-x2d7-89h7-aaac

Directory traversal vulnerability in Apache Tomcat 5.5.0 through 5.5.28 and 6.0.0 through 6.0.20 allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) in an entry in a WAR file, as demonstrated by a ../../bin/catalina.bat entry.

CVE-2009-2693
GHSA-ggx9-4728-588r

VCID-z4zw-kc9e-aaas

CVE-2009-2901 tomcat: insecure partial deploy after failed undeploy

CVE-2009-2901
GHSA-hjfh-7c4v-7q8h

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-03-28T13:19:34.845566+00:00	Apache Tomcat Importer	Fixing	VCID-9hhz-11ph-aaan	https://tomcat.apache.org/security-6.html	36.0.0
2025-03-28T13:19:34.791107+00:00	Apache Tomcat Importer	Fixing	VCID-kg1r-u6pn-aaak	https://tomcat.apache.org/security-6.html	36.0.0
2025-03-28T13:19:34.736431+00:00	Apache Tomcat Importer	Fixing	VCID-z4zw-kc9e-aaas	https://tomcat.apache.org/security-6.html	36.0.0
2025-03-28T13:19:34.679890+00:00	Apache Tomcat Importer	Fixing	VCID-x2d7-89h7-aaac	https://tomcat.apache.org/security-6.html	36.0.0
2024-09-18T08:17:44.842995+00:00	Apache Tomcat Importer	Fixing	VCID-9hhz-11ph-aaan	https://tomcat.apache.org/security-6.html	34.0.1
2024-09-18T08:17:44.793693+00:00	Apache Tomcat Importer	Fixing	VCID-kg1r-u6pn-aaak	https://tomcat.apache.org/security-6.html	34.0.1
2024-09-18T08:17:44.740687+00:00	Apache Tomcat Importer	Fixing	VCID-z4zw-kc9e-aaas	https://tomcat.apache.org/security-6.html	34.0.1
2024-09-18T08:17:44.683911+00:00	Apache Tomcat Importer	Fixing	VCID-x2d7-89h7-aaac	https://tomcat.apache.org/security-6.html	34.0.1
2024-01-04T02:15:47.942342+00:00	Apache Tomcat Importer	Fixing	VCID-9hhz-11ph-aaan	https://tomcat.apache.org/security-6.html	34.0.0rc1
2024-01-04T02:15:47.887803+00:00	Apache Tomcat Importer	Fixing	VCID-kg1r-u6pn-aaak	https://tomcat.apache.org/security-6.html	34.0.0rc1
2024-01-04T02:15:47.831979+00:00	Apache Tomcat Importer	Fixing	VCID-z4zw-kc9e-aaas	https://tomcat.apache.org/security-6.html	34.0.0rc1
2024-01-04T02:15:47.776665+00:00	Apache Tomcat Importer	Fixing	VCID-x2d7-89h7-aaac	https://tomcat.apache.org/security-6.html	34.0.0rc1