VulnerableCode Package Details - pkg:maven/org.apache.tomcat/tomcat@4.1.34

Search for packages

Package details: pkg:maven/org.apache.tomcat/tomcat@4.1.34

Essentials
History (16)

purl	pkg:maven/org.apache.tomcat/tomcat@4.1.34
Tags	Ghost

Next non-vulnerable version	None.
Latest non-vulnerable version	None.
Risk	10.0

Vulnerabilities affecting this package (4)

Vulnerability	Summary	Fixed by
VCID-8ev5-nn75-aaap Aliases: CVE-2007-0450 GHSA-4prh-gqw8-rgh5	CVE-2007-0450 tomcat directory traversal	4.1.36 Affected by 9 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 5.5.22 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} 5.5.22, Affected by 0 other vulnerabilities. 6.0.10 Affected by 2 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-8mnn-61dd-aaaj Aliases: CVE-2007-1358 GHSA-xmc9-6p56-3c4v	CVE-2007-1358 tomcat accept-language xss flaw	4.1.36 Affected by 9 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 5.5.21, Affected by 0 other vulnerabilities. 6.0.6 Affected by 0 other vulnerabilities.
VCID-chsg-486g-aaac Aliases: CVE-2005-2090 GHSA-f2gq-p6qv-ccw4	Jakarta Tomcat 5.0.19 (Coyote/1.1) and Tomcat 4.1.24 (Coyote/1.0) allows remote attackers to poison the web cache, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with both a "Transfer-Encoding: chunked" header and a Content-Length header, which causes Tomcat to incorrectly handle and forward the body of the request in a way that causes the receiving server to process it as a separate HTTP request, aka "HTTP Request Smuggling."	4.1.36 Affected by 9 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 5.5.23, Affected by 0 other vulnerabilities. 6.0.11 Affected by 0 other vulnerabilities.
VCID-yjr6-wr65-aaab Aliases: CVE-2008-4308 GHSA-7g59-hm8v-cwmc	CVE-2008-4308 tomcat information disclosure vulnerability	4.1.35 Affected by 0 other vulnerabilities. 5.5.21 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-03-28T13:19:40.011797+00:00	Apache Tomcat Importer	Affected by	VCID-yjr6-wr65-aaab	https://tomcat.apache.org/security-4.html	36.0.0
2025-03-28T13:19:39.964043+00:00	Apache Tomcat Importer	Affected by	VCID-8mnn-61dd-aaaj	https://tomcat.apache.org/security-4.html	36.0.0
2025-03-28T13:19:39.896046+00:00	Apache Tomcat Importer	Affected by	VCID-8ev5-nn75-aaap	https://tomcat.apache.org/security-4.html	36.0.0
2025-03-28T13:19:39.827047+00:00	Apache Tomcat Importer	Affected by	VCID-chsg-486g-aaac	https://tomcat.apache.org/security-4.html	36.0.0
2024-09-18T08:17:49.882526+00:00	Apache Tomcat Importer	Affected by	VCID-yjr6-wr65-aaab	https://tomcat.apache.org/security-4.html	34.0.1
2024-09-18T08:17:49.822213+00:00	Apache Tomcat Importer	Affected by	VCID-8mnn-61dd-aaaj	https://tomcat.apache.org/security-4.html	34.0.1
2024-09-18T08:17:49.754217+00:00	Apache Tomcat Importer	Affected by	VCID-8ev5-nn75-aaap	https://tomcat.apache.org/security-4.html	34.0.1
2024-09-18T08:17:49.685177+00:00	Apache Tomcat Importer	Affected by	VCID-chsg-486g-aaac	https://tomcat.apache.org/security-4.html	34.0.1
2024-09-17T22:36:39.033554+00:00	GitLab Importer	Affected by	VCID-8mnn-61dd-aaaj	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.tomcat/tomcat/CVE-2007-1358.yml	34.0.1
2024-09-17T22:02:50.558331+00:00	GHSA Importer	Affected by	VCID-8mnn-61dd-aaaj	https://github.com/advisories/GHSA-xmc9-6p56-3c4v	34.0.1
2024-01-04T02:15:52.971312+00:00	Apache Tomcat Importer	Affected by	VCID-yjr6-wr65-aaab	https://tomcat.apache.org/security-4.html	34.0.0rc1
2024-01-04T02:15:52.922794+00:00	Apache Tomcat Importer	Affected by	VCID-8mnn-61dd-aaaj	https://tomcat.apache.org/security-4.html	34.0.0rc1
2024-01-04T02:15:52.854443+00:00	Apache Tomcat Importer	Affected by	VCID-8ev5-nn75-aaap	https://tomcat.apache.org/security-4.html	34.0.0rc1
2024-01-04T02:15:52.782194+00:00	Apache Tomcat Importer	Affected by	VCID-chsg-486g-aaac	https://tomcat.apache.org/security-4.html	34.0.0rc1
2024-01-03T17:59:43.044437+00:00	GitLab Importer	Affected by	VCID-8mnn-61dd-aaaj	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.tomcat/tomcat/CVE-2007-1358.yml	34.0.0rc1
2024-01-03T17:37:38.770105+00:00	GHSA Importer	Affected by	VCID-8mnn-61dd-aaaj	https://github.com/advisories/GHSA-xmc9-6p56-3c4v	34.0.0rc1