Search for packages
| purl | pkg:maven/org.apache.tomcat/tomcat@4.1.31 |
| Tags | Ghost |
| Next non-vulnerable version | None. |
| Latest non-vulnerable version | None. |
| Risk | 10.0 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-31ma-z76n-aaaa
Aliases: CVE-2007-1858 |
CVE-2007-1858 tomcat anonymous cipher issue |
Affected by 1 other vulnerability. Affected by 0 other vulnerabilities. |
|
VCID-3cn3-wbw7-aaaf
Aliases: CVE-2005-4838 |
Multiple cross-site scripting (XSS) vulnerabilities in the example web applications for Jakarta Tomcat 5.5.6 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) el/functions.jsp, (2) el/implicit-objects.jsp, and (3) jspx/textRotate.jspx in examples/jsp2/, as demonstrated via script in a request to snp/snoop.jsp. NOTE: other XSS issues in the manager were simultaneously reported, but these require admin access and do not cross privilege boundaries. |
Affected by 1 other vulnerability. Affected by 0 other vulnerabilities. |
|
VCID-gte7-xda1-aaas
Aliases: CVE-2005-3510 GHSA-8f4w-jwqv-5cxc |
Apache Tomcat 5.5.0 to 5.5.11 allows remote attackers to cause a denial of service (CPU consumption) via a large number of simultaneous requests to list a web directory that has a large number of files. |
Affected by 1 other vulnerability. Affected by 2 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-mtv2-58p5-aaag
Aliases: CVE-2008-3271 |
CVE-2008-3271 tomcat RemoteFilterValve Information disclosure |
Affected by 1 other vulnerability. Affected by 0 other vulnerabilities. |
|
VCID-ugfm-9gaz-aaab
Aliases: CVE-2006-3835 GHSA-wfj7-mhr5-pcwq |
CVE-2006-3835 tomcat directory listing issue |
Affected by 1 other vulnerability. Affected by 0 other vulnerabilities. Affected by 1 other vulnerability. |
|
VCID-yp2p-geue-aaae
Aliases: CVE-2007-4724 GHSA-g77g-vjjm-x83j |
Cross-site request forgery (CSRF) vulnerability in cal2.jsp in the calendar examples application in Apache Tomcat 4.1.31 allows remote attackers to add events as arbitrary users via the time and description parameters. | There are no reported fixed by versions. |
|
VCID-zpve-n9ex-aaak
Aliases: CVE-2006-7196 GHSA-pm78-wxxf-fw98 |
CVE-2006-7196 tomcat XSS in example webapps |
Affected by 1 other vulnerability. Affected by 0 other vulnerabilities. Affected by 1 other vulnerability. Affected by 0 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2025-03-28T13:19:40.391431+00:00 | Apache Tomcat Importer | Affected by | VCID-gte7-xda1-aaas | https://tomcat.apache.org/security-4.html | 36.0.0 |
| 2025-03-28T13:19:40.323317+00:00 | Apache Tomcat Importer | Affected by | VCID-3cn3-wbw7-aaaf | https://tomcat.apache.org/security-4.html | 36.0.0 |
| 2025-03-28T13:19:40.255502+00:00 | Apache Tomcat Importer | Affected by | VCID-ugfm-9gaz-aaab | https://tomcat.apache.org/security-4.html | 36.0.0 |
| 2025-03-28T13:19:40.182382+00:00 | Apache Tomcat Importer | Affected by | VCID-zpve-n9ex-aaak | https://tomcat.apache.org/security-4.html | 36.0.0 |
| 2025-03-28T13:19:40.112159+00:00 | Apache Tomcat Importer | Affected by | VCID-31ma-z76n-aaaa | https://tomcat.apache.org/security-4.html | 36.0.0 |
| 2025-03-28T13:19:40.059159+00:00 | Apache Tomcat Importer | Affected by | VCID-mtv2-58p5-aaag | https://tomcat.apache.org/security-4.html | 36.0.0 |
| 2024-09-18T08:17:50.267986+00:00 | Apache Tomcat Importer | Affected by | VCID-gte7-xda1-aaas | https://tomcat.apache.org/security-4.html | 34.0.1 |
| 2024-09-18T08:17:50.201500+00:00 | Apache Tomcat Importer | Affected by | VCID-3cn3-wbw7-aaaf | https://tomcat.apache.org/security-4.html | 34.0.1 |
| 2024-09-18T08:17:50.134917+00:00 | Apache Tomcat Importer | Affected by | VCID-ugfm-9gaz-aaab | https://tomcat.apache.org/security-4.html | 34.0.1 |
| 2024-09-18T08:17:50.066392+00:00 | Apache Tomcat Importer | Affected by | VCID-zpve-n9ex-aaak | https://tomcat.apache.org/security-4.html | 34.0.1 |
| 2024-09-18T08:17:49.996844+00:00 | Apache Tomcat Importer | Affected by | VCID-31ma-z76n-aaaa | https://tomcat.apache.org/security-4.html | 34.0.1 |
| 2024-09-18T08:17:49.935232+00:00 | Apache Tomcat Importer | Affected by | VCID-mtv2-58p5-aaag | https://tomcat.apache.org/security-4.html | 34.0.1 |
| 2024-09-17T22:36:33.577597+00:00 | GitLab Importer | Affected by | VCID-yp2p-geue-aaae | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.tomcat/tomcat/CVE-2007-4724.yml | 34.0.1 |
| 2024-09-17T22:02:50.509267+00:00 | GHSA Importer | Affected by | VCID-yp2p-geue-aaae | https://github.com/advisories/GHSA-g77g-vjjm-x83j | 34.0.1 |
| 2024-01-04T02:15:53.334797+00:00 | Apache Tomcat Importer | Affected by | VCID-gte7-xda1-aaas | https://tomcat.apache.org/security-4.html | 34.0.0rc1 |
| 2024-01-04T02:15:53.266124+00:00 | Apache Tomcat Importer | Affected by | VCID-3cn3-wbw7-aaaf | https://tomcat.apache.org/security-4.html | 34.0.0rc1 |
| 2024-01-04T02:15:53.199048+00:00 | Apache Tomcat Importer | Affected by | VCID-ugfm-9gaz-aaab | https://tomcat.apache.org/security-4.html | 34.0.0rc1 |
| 2024-01-04T02:15:53.130888+00:00 | Apache Tomcat Importer | Affected by | VCID-zpve-n9ex-aaak | https://tomcat.apache.org/security-4.html | 34.0.0rc1 |
| 2024-01-04T02:15:53.063735+00:00 | Apache Tomcat Importer | Affected by | VCID-31ma-z76n-aaaa | https://tomcat.apache.org/security-4.html | 34.0.0rc1 |
| 2024-01-04T02:15:53.016691+00:00 | Apache Tomcat Importer | Affected by | VCID-mtv2-58p5-aaag | https://tomcat.apache.org/security-4.html | 34.0.0rc1 |
| 2024-01-03T17:59:38.272394+00:00 | GitLab Importer | Affected by | VCID-yp2p-geue-aaae | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.tomcat/tomcat/CVE-2007-4724.yml | 34.0.0rc1 |
| 2024-01-03T17:37:38.727177+00:00 | GHSA Importer | Affected by | VCID-yp2p-geue-aaae | https://github.com/advisories/GHSA-g77g-vjjm-x83j | 34.0.0rc1 |