VulnerableCode Package Details - pkg:apache/tomcat@8.0.52

Search for packages

Vulnerability	Summary	Fixed by
VCID-7c2n-n9ga-aaar Aliases: CVE-2018-8034 GHSA-46j3-r4pj-4835	The host name verification missing in Apache Tomcat	8.0.53 Affected by 0 other vulnerabilities. 8.5.32 Affected by 32 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 9.0.10 Affected by 32 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-cp4z-y57s-aaah Aliases: CVE-2018-8014 GHSA-r4x2-3cq5-hqvp	The defaults settings for the CORS filter provided in Apache Tomcat are insecure and enable 'supportsCredentials' for all origins	8.0.53 Affected by 0 other vulnerabilities. 8.5.32 Affected by 32 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 9.0.9 Affected by 34 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}

Vulnerability

Summary

Fixed by

VCID-7c2n-n9ga-aaar
Aliases:
CVE-2018-8034
GHSA-46j3-r4pj-4835

The host name verification missing in Apache Tomcat

8.0.53
Affected by 0 other vulnerabilities.

8.5.32
Affected by 32 other vulnerabilities.

9.0.10
Affected by 32 other vulnerabilities.

VCID-cp4z-y57s-aaah
Aliases:
CVE-2018-8014
GHSA-r4x2-3cq5-hqvp

The defaults settings for the CORS filter provided in Apache Tomcat are insecure and enable 'supportsCredentials' for all origins

8.0.53
Affected by 0 other vulnerabilities.

8.5.32
Affected by 32 other vulnerabilities.

9.0.9
Affected by 34 other vulnerabilities.

Vulnerability	Summary	Aliases
VCID-b2z1-15m4-aaac	In Apache Tomcat there is an improper handing of overflow in the UTF-8 decoder	CVE-2018-1336 GHSA-m59c-jpc8-m2x4

Vulnerability

Summary

Aliases

VCID-b2z1-15m4-aaac

In Apache Tomcat there is an improper handing of overflow in the UTF-8 decoder

CVE-2018-1336
GHSA-m59c-jpc8-m2x4

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-03-28T13:19:23.924680+00:00	Apache Tomcat Importer	Fixing	VCID-b2z1-15m4-aaac	https://tomcat.apache.org/security-8.html	36.0.0
2025-03-28T13:19:23.673148+00:00	Apache Tomcat Importer	Affected by	VCID-cp4z-y57s-aaah	https://tomcat.apache.org/security-8.html	36.0.0
2025-03-28T13:19:23.613862+00:00	Apache Tomcat Importer	Affected by	VCID-7c2n-n9ga-aaar	https://tomcat.apache.org/security-8.html	36.0.0
2024-09-18T08:17:34.378800+00:00	Apache Tomcat Importer	Fixing	VCID-b2z1-15m4-aaac	https://tomcat.apache.org/security-8.html	34.0.1
2024-09-18T08:17:34.164591+00:00	Apache Tomcat Importer	Affected by	VCID-cp4z-y57s-aaah	https://tomcat.apache.org/security-8.html	34.0.1
2024-09-18T08:17:34.115310+00:00	Apache Tomcat Importer	Affected by	VCID-7c2n-n9ga-aaar	https://tomcat.apache.org/security-8.html	34.0.1
2024-01-04T02:15:38.026716+00:00	Apache Tomcat Importer	Fixing	VCID-b2z1-15m4-aaac	https://tomcat.apache.org/security-8.html	34.0.0rc1
2024-01-04T02:15:37.819856+00:00	Apache Tomcat Importer	Affected by	VCID-cp4z-y57s-aaah	https://tomcat.apache.org/security-8.html	34.0.0rc1
2024-01-04T02:15:37.772662+00:00	Apache Tomcat Importer	Affected by	VCID-7c2n-n9ga-aaar	https://tomcat.apache.org/security-8.html	34.0.0rc1