Search for packages
Package details: pkg:maven/org.apache.tomcat/tomcat@4.0.5
purl pkg:maven/org.apache.tomcat/tomcat@4.0.5
Tags Ghost
Next non-vulnerable version None.
Latest non-vulnerable version None.
Risk 10.0
Vulnerabilities affecting this package (2)
Vulnerability Summary Fixed by
VCID-29jw-3gsy-aaad
Aliases:
CVE-2002-0682
Cross-site scripting vulnerability in Apache Tomcat 4.0.3 allows remote attackers to execute script as other web users via script in a URL with the /servlet/ mapping, which does not filter the script when an exception is thrown by the servlet.
4.1.13,
Affected by 0 other vulnerabilities.
VCID-3wz7-8vt8-aaam
Aliases:
CVE-2002-1394
GHSA-8v5p-2cpv-c2x6
Apache Tomcat 4.0.5 and earlier, when using both the invoker servlet and the default servlet, allows remote attackers to read source code for server files or bypass certain protections, a variant of CAN-2002-1148.
4.0.6
Affected by 16 other vulnerabilities.
4.1.13,
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2025-03-28T13:19:40.569687+00:00 Apache Tomcat Importer Affected by VCID-29jw-3gsy-aaad https://tomcat.apache.org/security-4.html 36.0.0
2025-03-28T13:19:40.498664+00:00 Apache Tomcat Importer Affected by VCID-3wz7-8vt8-aaam https://tomcat.apache.org/security-4.html 36.0.0
2024-10-15T18:00:11.762813+00:00 GithubOSV Importer Fixing VCID-ncxu-ua7h-aaab https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/04/GHSA-jxcv-v856-j5vg/GHSA-jxcv-v856-j5vg.json 34.0.2
2024-09-18T09:06:19.004460+00:00 GithubOSV Importer Fixing VCID-ncxu-ua7h-aaab https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/04/GHSA-jxcv-v856-j5vg/GHSA-jxcv-v856-j5vg.json 34.0.1
2024-09-18T08:17:50.444875+00:00 Apache Tomcat Importer Affected by VCID-29jw-3gsy-aaad https://tomcat.apache.org/security-4.html 34.0.1
2024-09-18T08:17:50.376261+00:00 Apache Tomcat Importer Affected by VCID-3wz7-8vt8-aaam https://tomcat.apache.org/security-4.html 34.0.1
2024-09-17T22:36:47.837385+00:00 GitLab Importer Affected by VCID-3wz7-8vt8-aaam https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.tomcat/tomcat/CVE-2002-1394.yml 34.0.1
2024-09-17T22:36:30.638796+00:00 GitLab Importer Fixing VCID-ncxu-ua7h-aaab https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.tomcat/tomcat/CVE-2002-1148.yml 34.0.1
2024-09-17T22:01:07.917527+00:00 GHSA Importer Fixing VCID-ncxu-ua7h-aaab https://github.com/advisories/GHSA-jxcv-v856-j5vg 34.0.1
2024-09-17T22:01:07.809417+00:00 GHSA Importer Affected by VCID-3wz7-8vt8-aaam https://github.com/advisories/GHSA-8v5p-2cpv-c2x6 34.0.1
2024-04-23T23:02:32.354561+00:00 GithubOSV Importer Fixing VCID-ncxu-ua7h-aaab https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/04/GHSA-jxcv-v856-j5vg/GHSA-jxcv-v856-j5vg.json 34.0.0rc4
2024-02-14T15:18:38.724450+00:00 GitLab Importer Affected by VCID-3wz7-8vt8-aaam https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.tomcat/tomcat/CVE-2002-1394.yml 34.0.0rc2
2024-02-14T15:18:38.363329+00:00 GitLab Importer Fixing VCID-ncxu-ua7h-aaab https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.tomcat/tomcat/CVE-2002-1148.yml 34.0.0rc2
2024-02-12T20:16:44.580197+00:00 GHSA Importer Fixing VCID-ncxu-ua7h-aaab https://github.com/advisories/GHSA-jxcv-v856-j5vg 34.0.0rc2
2024-02-12T20:16:44.457496+00:00 GHSA Importer Affected by VCID-3wz7-8vt8-aaam https://github.com/advisories/GHSA-8v5p-2cpv-c2x6 34.0.0rc2
2024-01-04T02:15:53.505640+00:00 Apache Tomcat Importer Affected by VCID-29jw-3gsy-aaad https://tomcat.apache.org/security-4.html 34.0.0rc1
2024-01-04T02:15:53.437520+00:00 Apache Tomcat Importer Affected by VCID-3wz7-8vt8-aaam https://tomcat.apache.org/security-4.html 34.0.0rc1