Search for packages
| purl | pkg:maven/org.apache.tomcat/tomcat@4.0.1 |
| Tags | Ghost |
| Next non-vulnerable version | None. |
| Latest non-vulnerable version | None. |
| Risk | 10.0 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-1bxb-dc7f-aaad
Aliases: CVE-2007-1355 GHSA-4c6x-gfc8-c26r |
CVE-2007-1355 tomcat XSS in samples |
Affected by 4 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-5p51-8u8j-aaaj
Aliases: CVE-2007-2450 GHSA-5c5p-jxvx-x7j2 |
CVE-2007-2450 tomcat host manager XSS |
Affected by 4 other vulnerabilities. Affected by 4 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 2 other vulnerabilities. |
|
VCID-9nv6-j6xm-aaaj
Aliases: CVE-2002-2009 GHSA-r6cf-cr44-m8rr |
Apache Tomcat 4.0.1 allows remote attackers to obtain the web root path via HTTP requests for JSP files preceded by (1) +/, (2) >/, (3) </, and (4) %20/, which leaks the pathname in an error message. |
Affected by 1 other vulnerability. |
|
VCID-p28h-7k6p-aaae
Aliases: CVE-2001-0917 GHSA-2w2w-cv3h-rr38 |
Jakarta Tomcat 4.0.1 allows remote attackers to reveal physical path information by requesting a long URL with a .JSP extension. |
Affected by 1 other vulnerability. |
|
VCID-vyaw-vkvq-aaas
Aliases: CVE-2005-3164 GHSA-qhqv-q4xg-f6g7 |
The AJP connector in Apache Tomcat 4.0.1 through 4.0.6 and 4.1.0 through 4.1.36, as used in Hitachi Cosminexus Application Server and standalone, does not properly handle when a connection is broken before request body data is sent in a POST request, which can lead to an information leak when "unsuitable request body data" is used for a different request, possibly related to Java Servlet pages. |
Affected by 4 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2025-04-04T16:10:41.782872+00:00 | GitLab Importer | Affected by | VCID-9nv6-j6xm-aaaj | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.tomcat/tomcat/CVE-2002-2009.yml | 36.0.0 |
| 2025-04-03T23:33:27.591965+00:00 | GHSA Importer | Affected by | VCID-9nv6-j6xm-aaaj | https://github.com/advisories/GHSA-r6cf-cr44-m8rr | 36.0.0 |
| 2025-04-03T23:33:27.533106+00:00 | GHSA Importer | Affected by | VCID-p28h-7k6p-aaae | https://github.com/advisories/GHSA-2w2w-cv3h-rr38 | 36.0.0 |
| 2025-03-28T13:19:40.959743+00:00 | Apache Tomcat Importer | Affected by | VCID-p28h-7k6p-aaae | https://tomcat.apache.org/security-4.html | 36.0.0 |
| 2025-03-28T13:19:40.909648+00:00 | Apache Tomcat Importer | Affected by | VCID-9nv6-j6xm-aaaj | https://tomcat.apache.org/security-4.html | 36.0.0 |
| 2025-03-28T13:19:39.454236+00:00 | Apache Tomcat Importer | Affected by | VCID-5p51-8u8j-aaaj | https://tomcat.apache.org/security-4.html | 36.0.0 |
| 2025-03-28T13:19:39.313218+00:00 | Apache Tomcat Importer | Affected by | VCID-1bxb-dc7f-aaad | https://tomcat.apache.org/security-4.html | 36.0.0 |
| 2025-03-28T13:19:39.241494+00:00 | Apache Tomcat Importer | Affected by | VCID-vyaw-vkvq-aaas | https://tomcat.apache.org/security-4.html | 36.0.0 |
| 2024-09-18T08:17:50.831321+00:00 | Apache Tomcat Importer | Affected by | VCID-p28h-7k6p-aaae | https://tomcat.apache.org/security-4.html | 34.0.1 |
| 2024-09-18T08:17:50.783535+00:00 | Apache Tomcat Importer | Affected by | VCID-9nv6-j6xm-aaaj | https://tomcat.apache.org/security-4.html | 34.0.1 |
| 2024-09-18T08:17:49.325075+00:00 | Apache Tomcat Importer | Affected by | VCID-5p51-8u8j-aaaj | https://tomcat.apache.org/security-4.html | 34.0.1 |
| 2024-09-18T08:17:49.189252+00:00 | Apache Tomcat Importer | Affected by | VCID-1bxb-dc7f-aaad | https://tomcat.apache.org/security-4.html | 34.0.1 |
| 2024-09-18T08:17:49.120534+00:00 | Apache Tomcat Importer | Affected by | VCID-vyaw-vkvq-aaas | https://tomcat.apache.org/security-4.html | 34.0.1 |
| 2024-09-17T22:36:41.542427+00:00 | GitLab Importer | Affected by | VCID-vyaw-vkvq-aaas | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.tomcat/tomcat/CVE-2005-3164.yml | 34.0.1 |
| 2024-09-17T22:02:54.465674+00:00 | GHSA Importer | Affected by | VCID-vyaw-vkvq-aaas | https://github.com/advisories/GHSA-qhqv-q4xg-f6g7 | 34.0.1 |
| 2024-01-04T02:15:53.873613+00:00 | Apache Tomcat Importer | Affected by | VCID-p28h-7k6p-aaae | https://tomcat.apache.org/security-4.html | 34.0.0rc1 |
| 2024-01-04T02:15:53.827253+00:00 | Apache Tomcat Importer | Affected by | VCID-9nv6-j6xm-aaaj | https://tomcat.apache.org/security-4.html | 34.0.0rc1 |
| 2024-01-04T02:15:52.420798+00:00 | Apache Tomcat Importer | Affected by | VCID-5p51-8u8j-aaaj | https://tomcat.apache.org/security-4.html | 34.0.0rc1 |
| 2024-01-04T02:15:52.284547+00:00 | Apache Tomcat Importer | Affected by | VCID-1bxb-dc7f-aaad | https://tomcat.apache.org/security-4.html | 34.0.0rc1 |
| 2024-01-04T02:15:52.218077+00:00 | Apache Tomcat Importer | Affected by | VCID-vyaw-vkvq-aaas | https://tomcat.apache.org/security-4.html | 34.0.0rc1 |
| 2024-01-03T17:59:45.365014+00:00 | GitLab Importer | Affected by | VCID-vyaw-vkvq-aaas | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.tomcat/tomcat/CVE-2005-3164.yml | 34.0.0rc1 |
| 2024-01-03T17:37:42.811455+00:00 | GHSA Importer | Affected by | VCID-vyaw-vkvq-aaas | https://github.com/advisories/GHSA-qhqv-q4xg-f6g7 | 34.0.0rc1 |