Search for packages
Package details: pkg:maven/org.apache.tomcat/tomcat-catalina-jmx-remote@7.0.70
purl pkg:maven/org.apache.tomcat/tomcat-catalina-jmx-remote@7.0.70
Next non-vulnerable version 7.0.73
Latest non-vulnerable version 9.0.0.M13
Risk 10.0
Vulnerabilities affecting this package (1)
Vulnerability Summary Fixed by
VCID-sc5t-244h-aaas
Aliases:
CVE-2016-8735
GHSA-cw54-59pw-4g8c
Remote code execution is possible with Apache Tomcat before 6.0.48, 7.x before 7.0.73, 8.x before 8.0.39, 8.5.x before 8.5.7, and 9.x before 9.0.0.M12 if JmxRemoteLifecycleListener is used and an attacker can reach JMX ports. The issue exists because this listener wasn't updated for consistency with the CVE-2016-3427 Oracle patch that affected credential types.
7.0.73
Affected by 0 other vulnerabilities.
8.0.39
Affected by 0 other vulnerabilities.
8.5.7
Affected by 0 other vulnerabilities.
8.5.8
Affected by 0 other vulnerabilities.
9.0.0.M12
Affected by 0 other vulnerabilities.
9.0.0.M13
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2025-06-20T15:40:38.711293+00:00 GitLab Importer Affected by VCID-sc5t-244h-aaas https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.tomcat/tomcat-catalina-jmx-remote/CVE-2016-8735.yml 36.1.3
2025-06-03T22:20:55.436111+00:00 GitLab Importer Affected by VCID-sc5t-244h-aaas https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.tomcat/tomcat-catalina-jmx-remote/CVE-2016-8735.yml 36.1.0
2025-06-02T22:09:45.644908+00:00 GitLab Importer Affected by VCID-sc5t-244h-aaas https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.tomcat/tomcat-catalina-jmx-remote/CVE-2016-8735.yml 36.1.2
2025-04-03T19:37:54.148737+00:00 GitLab Importer Affected by VCID-sc5t-244h-aaas https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.tomcat/tomcat-catalina-jmx-remote/CVE-2016-8735.yml 36.0.0
2025-02-18T01:37:58.450735+00:00 GitLab Importer Affected by VCID-sc5t-244h-aaas https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.tomcat/tomcat-catalina-jmx-remote/CVE-2016-8735.yml 35.1.0
2024-11-20T23:53:36.744709+00:00 GitLab Importer Affected by VCID-sc5t-244h-aaas https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.tomcat/tomcat-catalina-jmx-remote/CVE-2016-8735.yml 35.0.0
2024-11-18T23:42:09.294745+00:00 GitLab Importer Affected by VCID-sc5t-244h-aaas https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.tomcat/tomcat-catalina-jmx-remote/CVE-2016-8735.yml 34.3.2
2024-10-17T04:08:04.523675+00:00 GitLab Importer Affected by VCID-sc5t-244h-aaas https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.tomcat/tomcat-catalina-jmx-remote/CVE-2016-8735.yml 34.0.2
2024-10-07T17:11:23.915449+00:00 GHSA Importer Affected by VCID-sc5t-244h-aaas https://github.com/advisories/GHSA-cw54-59pw-4g8c 34.0.2
2024-09-22T17:35:19.837284+00:00 GHSA Importer Affected by VCID-sc5t-244h-aaas https://github.com/advisories/GHSA-cw54-59pw-4g8c 34.0.1
2024-05-17T14:00:41.612782+00:00 GHSA Importer Affected by VCID-sc5t-244h-aaas https://github.com/advisories/GHSA-cw54-59pw-4g8c 34.0.0rc4