VulnerableCode Package Details - pkg:maven/org.apache.tomcat/tomcat@3.2.3

Search for packages

Package details: pkg:maven/org.apache.tomcat/tomcat@3.2.3

Essentials
History (6)

purl	pkg:maven/org.apache.tomcat/tomcat@3.2.3
Tags	Ghost

Next non-vulnerable version	None.
Latest non-vulnerable version	None.
Risk	10.0

Vulnerabilities affecting this package (2)

Vulnerability	Summary	Fixed by
VCID-8xq4-qp4b-aaah Aliases: CVE-2002-2007	The default installations of Apache Tomcat 3.2.3 and 3.2.4 allows remote attackers to obtain sensitive system information such as directory listings and web root path, via erroneous HTTP requests for Java Server Pages (JSP) in the (1) test/jsp, (2) samples/jsp and (3) examples/jsp directories, or the (4) test/realPath.jsp servlet, which leaks pathnames in error messages.	3.3a Affected by 5 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-pbjx-2a2r-aaak Aliases: CVE-2001-1563	Unknown vulnerability in Tomcat 3.2.1 running on HP Secure OS for Linux 1.0 allows attackers to access servlet resources. NOTE: due to the vagueness of the vendor advisory, it is not clear whether this issue is already covered by other CVE identifiers.	3.2.4 Affected by 8 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-03-28T13:19:41.857290+00:00	Apache Tomcat Importer	Affected by	VCID-pbjx-2a2r-aaak	https://tomcat.apache.org/security-3.html	36.0.0
2025-03-28T13:19:41.646961+00:00	Apache Tomcat Importer	Affected by	VCID-8xq4-qp4b-aaah	https://tomcat.apache.org/security-3.html	36.0.0
2024-09-18T08:17:51.703280+00:00	Apache Tomcat Importer	Affected by	VCID-pbjx-2a2r-aaak	https://tomcat.apache.org/security-3.html	34.0.1
2024-09-18T08:17:51.497880+00:00	Apache Tomcat Importer	Affected by	VCID-8xq4-qp4b-aaah	https://tomcat.apache.org/security-3.html	34.0.1
2024-01-04T02:15:54.719350+00:00	Apache Tomcat Importer	Affected by	VCID-pbjx-2a2r-aaak	https://tomcat.apache.org/security-3.html	34.0.0rc1
2024-01-04T02:15:54.514128+00:00	Apache Tomcat Importer	Affected by	VCID-8xq4-qp4b-aaah	https://tomcat.apache.org/security-3.html	34.0.0rc1