Search for packages
Package details: pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@6.0.0
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@6.0.0
Tags Ghost
Next non-vulnerable version 8.5.99
Latest non-vulnerable version 11.0.8
Risk 4.5
Vulnerabilities affecting this package (3)
Vulnerability Summary Fixed by
VCID-21fj-g9yj-aaaa
Aliases:
CVE-2020-1745
GHSA-gv2w-88hx-8m9r
Information Exposure A remote, unauthenticated attacker could exploit this vulnerability to read web application files from a vulnerable server. In instances where the vulnerable server allows file uploads, an attacker could upload malicious JavaServer Pages (JSP) code within a variety of file types and trigger this vulnerability to gain remote code execution.
7.0.100
Affected by 5 other vulnerabilities.
8.5.51
Affected by 22 other vulnerabilities.
9.0.31
Affected by 23 other vulnerabilities.
VCID-3spb-m822-aaab
Aliases:
CVE-2016-6794
GHSA-2rvf-329f-p99g
System Property Disclosure in Apache Tomcat
7.0.72
Affected by 24 other vulnerabilities.
8.0.37
Affected by 20 other vulnerabilities.
8.5.5
Affected by 44 other vulnerabilities.
9.0.1
Affected by 39 other vulnerabilities.
VCID-nwsx-6pj2-aaap
Aliases:
CVE-2008-1947
GHSA-f98p-9pp6-7q6c
CVE-2008-1947 Tomcat host manager xss - name field
6.0.18
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2025-04-10T16:18:33.731589+00:00 GitLab Importer Affected by VCID-nwsx-6pj2-aaap https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.tomcat.embed/tomcat-embed-core/CVE-2008-1947.yml 36.0.0
2025-04-09T21:35:04.710360+00:00 GHSA Importer Affected by VCID-nwsx-6pj2-aaap https://github.com/advisories/GHSA-f98p-9pp6-7q6c 36.0.0
2024-09-17T22:40:50.352810+00:00 GitLab Importer Affected by VCID-nwsx-6pj2-aaap https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.tomcat.embed/tomcat-embed-core/CVE-2008-1947.yml 34.0.1
2024-09-17T22:40:46.718439+00:00 GitLab Importer Affected by VCID-3spb-m822-aaab https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.tomcat.embed/tomcat-embed-core/CVE-2016-6794.yml 34.0.1
2024-09-17T22:40:42.225379+00:00 GitLab Importer Affected by VCID-21fj-g9yj-aaaa https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.tomcat.embed/tomcat-embed-core/CVE-2020-1745.yml 34.0.1
2024-09-17T22:01:23.445677+00:00 GHSA Importer Affected by VCID-nwsx-6pj2-aaap https://github.com/advisories/GHSA-f98p-9pp6-7q6c 34.0.1
2024-04-23T17:40:10.848861+00:00 GHSA Importer Affected by VCID-nwsx-6pj2-aaap https://github.com/advisories/GHSA-f98p-9pp6-7q6c 34.0.0rc4
2024-01-09T15:41:58.269047+00:00 GitLab Importer Affected by VCID-nwsx-6pj2-aaap https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.tomcat.embed/tomcat-embed-core/CVE-2008-1947.yml 34.0.0rc1
2024-01-08T23:56:54.423871+00:00 GHSA Importer Affected by VCID-nwsx-6pj2-aaap https://github.com/advisories/GHSA-f98p-9pp6-7q6c 34.0.0rc1
2024-01-03T18:03:10.485524+00:00 GitLab Importer Affected by VCID-3spb-m822-aaab https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.tomcat.embed/tomcat-embed-core/CVE-2016-6794.yml 34.0.0rc1
2024-01-03T18:03:05.639065+00:00 GitLab Importer Affected by VCID-21fj-g9yj-aaaa https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.tomcat.embed/tomcat-embed-core/CVE-2020-1745.yml 34.0.0rc1