Search for packages
| purl | pkg:maven/org.apache.tomcat/tomcat@7.0.0 |
| Tags | Ghost |
| Next non-vulnerable version | None. |
| Latest non-vulnerable version | None. |
| Risk | 10.0 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-11gb-2qp7-aaaj
Aliases: CVE-2017-5648 GHSA-3vx3-xf6q-r5xp |
Exposure of Resource to Wrong Sphere Some calls to application listeners in Apache Tomcat did not use the appropriate facade object. When running an untrusted application under a SecurityManager, it was therefore possible for that untrusted application to retain a reference to the request or response object and thereby access and/or modify information associated with another web application. |
Affected by 28 other vulnerabilities. Affected by 16 other vulnerabilities. Affected by 53 other vulnerabilities. Affected by 49 other vulnerabilities. Affected by 52 other vulnerabilities. |
|
VCID-21dz-gxvm-aaam
Aliases: CVE-2011-3375 GHSA-rp8h-vr48-4j8p |
Apache Tomcat 6.0.30 through 6.0.33 and 7.x before 7.0.22 does not properly perform certain caching and recycling operations involving request objects, which allows remote attackers to obtain unintended read access to IP address and HTTP header information in opportunistic circumstances by reading TCP data. |
Affected by 1 other vulnerability. |
|
VCID-21fj-g9yj-aaaa
Aliases: CVE-2020-1745 GHSA-gv2w-88hx-8m9r |
Information Exposure A remote, unauthenticated attacker could exploit this vulnerability to read web application files from a vulnerable server. In instances where the vulnerable server allows file uploads, an attacker could upload malicious JavaServer Pages (JSP) code within a variety of file types and trigger this vulnerability to gain remote code execution. |
Affected by 10 other vulnerabilities. Affected by 33 other vulnerabilities. Affected by 36 other vulnerabilities. |
|
VCID-259r-tjud-aaad
Aliases: CVE-2020-1935 GHSA-qxf4-chvg-4r8r |
Potential HTTP request smuggling in Apache Tomcat |
Affected by 10 other vulnerabilities. Affected by 33 other vulnerabilities. Affected by 36 other vulnerabilities. |
|
VCID-2nrx-8urf-aaaf
Aliases: CVE-2019-0221 GHSA-jjpq-gp5q-8q6w |
Cross-site scripting in Apache Tomcat |
Affected by 15 other vulnerabilities. Affected by 38 other vulnerabilities. Affected by 42 other vulnerabilities. |
|
VCID-2uwh-1pm5-aaad
Aliases: CVE-2015-5346 GHSA-jrcp-c39h-r29x |
Session fixation vulnerability in Apache Tomcat 7.x before 7.0.66, 8.x before 8.0.30, and 9.x before 9.0.0.M2, when different session settings are used for deployments of multiple versions of the same web application, might allow remote attackers to hijack web sessions by leveraging use of a requestedSessionSSL field for an unintended request, related to CoyoteAdapter.java and Request.java. |
Affected by 0 other vulnerabilities. Affected by 43 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 26 other vulnerabilities. Affected by 1 other vulnerability. Affected by 61 other vulnerabilities. |
|
VCID-2vk8-jkgn-aaap
Aliases: CVE-2019-0232 GHSA-8vmx-qmch-mpqg |
High severity vulnerability that affects org.apache.tomcat.embed:tomcat-embed-core |
Affected by 15 other vulnerabilities. Affected by 38 other vulnerabilities. Affected by 42 other vulnerabilities. |
|
VCID-2xpy-bz6f-aaak
Aliases: CVE-2020-1938 GHSA-c9hw-wf7x-jp9j |
Improper Privilege Management in Tomcat |
Affected by 10 other vulnerabilities. Affected by 33 other vulnerabilities. Affected by 36 other vulnerabilities. |
|
VCID-3k3s-uk1p-aaag
Aliases: CVE-2013-4590 GHSA-87w9-x2c3-hrjj |
Apache Tomcat before 6.0.39, 7.x before 7.0.50, and 8.x before 8.0.0-RC10 allows attackers to obtain "Tomcat internals" information by leveraging the presence of an untrusted web application with a context.xml, web.xml, *.jspx, *.tagx, or *.tld XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue. |
Affected by 53 other vulnerabilities. Affected by 18 other vulnerabilities. |
|
VCID-3kmg-uhrj-aaaq
Aliases: CVE-2016-6797 GHSA-q6x7-f33r-3wxx |
The ResourceLinkFactory implementation in Apache Tomcat 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 and 6.0.0 to 6.0.45 did not limit web application access to global JNDI resources to those resources explicitly linked to the web application. Therefore, it was possible for a web application to access any global JNDI resource whether an explicit ResourceLink had been configured or not. |
Affected by 32 other vulnerabilities. Affected by 20 other vulnerabilities. Affected by 56 other vulnerabilities. Affected by 57 other vulnerabilities. |
|
VCID-3mpp-yjss-aaad
Aliases: CVE-2012-5886 GHSA-9xrj-439h-62hg |
The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.36, 6.x before 6.0.36, and 7.x before 7.0.30 caches information about the authenticated user within the session state, which makes it easier for remote attackers to bypass authentication via vectors related to the session ID. |
Affected by 0 other vulnerabilities. |
|
VCID-3spb-m822-aaab
Aliases: CVE-2016-6794 GHSA-2rvf-329f-p99g |
System Property Disclosure in Apache Tomcat |
Affected by 32 other vulnerabilities. Affected by 20 other vulnerabilities. Affected by 56 other vulnerabilities. Affected by 57 other vulnerabilities. |
|
VCID-3vzq-2cx8-aaab
Aliases: CVE-2014-0099 GHSA-xh5x-j8jf-pcpx |
Integer overflow in java/org/apache/tomcat/util/buf/Ascii.java in Apache Tomcat before 6.0.40, 7.x before 7.0.53, and 8.x before 8.0.4, when operated behind a reverse proxy, allows remote attackers to conduct HTTP request smuggling attacks via a crafted Content-Length HTTP header. |
Affected by 51 other vulnerabilities. Affected by 48 other vulnerabilities. Affected by 39 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 36 other vulnerabilities. |
|
VCID-48zq-qere-aaas
Aliases: CVE-2011-3376 |
org/apache/catalina/core/DefaultInstanceManager.java in Apache Tomcat 7.x before 7.0.22 does not properly restrict ContainerServlets in the Manager application, which allows local users to gain privileges by using an untrusted web application to access the Manager application's functionality. |
Affected by 1 other vulnerability. |
|
VCID-49pd-2mxh-aaaq
Aliases: CVE-2011-3190 GHSA-c38m-v4m2-524v |
Certain AJP protocol connector implementations in Apache Tomcat 7.0.0 through 7.0.20, 6.0.0 through 6.0.33, 5.5.0 through 5.5.33, and possibly other versions allow remote attackers to spoof AJP requests, bypass authentication, and obtain sensitive information by causing the connector to interpret a request body as a new request. |
Affected by 2 other vulnerabilities. |
|
VCID-4qt5-mdpt-aaas
Aliases: CVE-2017-12615 GHSA-pjfr-qf3p-3q25 |
When running Apache Tomcat on Windows with HTTP PUTs enabled it was possible to upload a JSP file to the server |
Affected by 24 other vulnerabilities. |
|
VCID-55ga-282t-aaah
Aliases: CVE-2009-3555 GHSA-f7w7-6pjc-wwm6 VC-OPENSSL-20091105-CVE-2009-3555 VU#120541 |
The renegotiation vulnerability in SSL protocol |
Affected by 1 other vulnerability. |
|
VCID-5j2e-wm7n-aaah
Aliases: CVE-2013-2067 GHSA-6m48-jxwx-76q7 |
java/org/apache/catalina/authenticator/FormAuthenticator.java in the form authentication feature in Apache Tomcat 6.0.21 through 6.0.36 and 7.x before 7.0.33 does not properly handle the relationships between authentication requirements and sessions, which allows remote attackers to inject a request into a session by sending this request during completion of the login form, a variant of a session fixation attack. |
Affected by 0 other vulnerabilities. |
|
VCID-5wj3-qn6v-aaab
Aliases: CVE-2014-0230 GHSA-pxcx-cxq8-4mmw |
Apache Tomcat 6.x before 6.0.44, 7.x before 7.0.55, and 8.x before 8.0.9 does not properly handle cases where an HTTP response occurs before finishing the reading of an entire request body, which allows remote attackers to cause a denial of service (thread consumption) via a series of aborted upload attempts. |
Affected by 46 other vulnerabilities. Affected by 34 other vulnerabilities. |
|
VCID-691b-gvyr-aaaj
Aliases: CVE-2014-0096 GHSA-qprx-q2r7-3rx6 |
java/org/apache/catalina/servlets/DefaultServlet.java in the default servlet in Apache Tomcat before 6.0.40, 7.x before 7.0.53, and 8.x before 8.0.4 does not properly restrict XSLT stylesheets, which allows remote attackers to bypass security-manager restrictions and read arbitrary files via a crafted web application that provides an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue. |
Affected by 51 other vulnerabilities. Affected by 48 other vulnerabilities. Affected by 39 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 36 other vulnerabilities. |
|
VCID-6zmg-trun-aaac
Aliases: CVE-2021-30640 GHSA-36qh-35cm-5w2w |
Authentication Bypass by Alternate Name in Apache Tomcat |
Affected by 5 other vulnerabilities. Affected by 22 other vulnerabilities. Affected by 21 other vulnerabilities. Affected by 25 other vulnerabilities. Affected by 24 other vulnerabilities. Affected by 12 other vulnerabilities. Affected by 11 other vulnerabilities. |
|
VCID-7jzs-4ayu-aaar
Aliases: CVE-2016-0763 GHSA-9hjv-9h75-xmpp |
The setGlobalContext method in org/apache/naming/factory/ResourceLinkFactory.java in Apache Tomcat 7.x before 7.0.68, 8.x before 8.0.31, and 9.x before 9.0.0.M3 does not consider whether ResourceLinkFactory.setGlobalContext callers are authorized, which allows remote authenticated users to bypass intended SecurityManager restrictions and read or write to arbitrary application data, or cause a denial of service (application disruption), via a web application that sets a crafted global context. |
Affected by 39 other vulnerabilities. Affected by 26 other vulnerabilities. Affected by 61 other vulnerabilities. |
|
VCID-7r1z-a7qf-aaas
Aliases: CVE-2011-0534 GHSA-43v2-6grp-9pp9 |
CVE-2011-0534 tomcat: remote DoS via NIO connector |
Affected by 0 other vulnerabilities. |
|
VCID-8dap-q8t4-aaar
Aliases: CVE-2011-2204 GHSA-c57p-3v2g-w9rg |
Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.17, when the MemoryUserDatabase is used, creates log entries containing passwords upon encountering errors in JMX user creation, which allows local users to obtain sensitive information by reading a log file. |
Affected by 1 other vulnerability. |
|
VCID-8ff2-1h4t-aaaa
Aliases: CVE-2016-0706 GHSA-6vx3-hr43-cfrh |
Apache Tomcat 6.x before 6.0.45, 7.x before 7.0.68, 8.x before 8.0.31, and 9.x before 9.0.0.M2 does not place org.apache.catalina.manager.StatusManagerServlet on the org/apache/catalina/core/RestrictedServlets.properties list, which allows remote authenticated users to bypass intended SecurityManager restrictions and read arbitrary HTTP requests, and consequently discover session ID values, via a crafted web application. |
Affected by 39 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 26 other vulnerabilities. Affected by 1 other vulnerability. Affected by 61 other vulnerabilities. |
|
VCID-8q8z-vr8j-aaar
Aliases: CVE-2010-4476 GHSA-gvgc-rxmh-5hvw |
CVE-2010-4476 JDK Double.parseDouble Denial-Of-Service |
Affected by 0 other vulnerabilities. |
|
VCID-8qf1-1syh-aaap
Aliases: CVE-2019-12418 GHSA-hh3j-x4mc-g48r |
Insufficiently Protected Credentials in Apache Tomcat |
Affected by 14 other vulnerabilities. Affected by 37 other vulnerabilities. Affected by 40 other vulnerabilities. |
|
VCID-8v49-a9mz-aaap
Aliases: CVE-2012-5887 GHSA-28cq-6rmx-pjq4 |
The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.36, 6.x before 6.0.36, and 7.x before 7.0.30 does not properly check for stale nonce values in conjunction with enforcement of proper credentials, which makes it easier for remote attackers to bypass intended access restrictions by sniffing the network for valid requests. |
Affected by 0 other vulnerabilities. |
|
VCID-9pu2-we8w-aaar
Aliases: CVE-2018-1305 GHSA-jx6h-3fjx-cgv5 |
Moderate severity vulnerability that affects org.apache.tomcat.embed:tomcat-embed-core |
Affected by 21 other vulnerabilities. Affected by 12 other vulnerabilities. Affected by 45 other vulnerabilities. Affected by 48 other vulnerabilities. |
|
VCID-a8pg-33b2-aaap
Aliases: CVE-2011-1475 GHSA-h6c8-rg87-f3pc |
CVE-2011-1475 tomcat: Information disclosure due improper handling of HTTP pipelining |
Affected by 1 other vulnerability. |
|
VCID-ag6j-eqm7-aaam
Aliases: CVE-2010-2227 GHSA-cxg2-49rq-8gcr |
CVE-2010-2227 tomcat: information leak vulnerability in the handling of 'Transfer-Encoding' header |
Affected by 0 other vulnerabilities. |
|
VCID-ah95-hj74-aaaq
Aliases: CVE-2017-12617 GHSA-xjgh-84hx-56c5 |
Unrestricted Upload of File with Dangerous Type When running Apache Tomcat with HTTP PUTs enabled it was possible to upload a JSP file to the server via a specially crafted request. This JSP could then be requested and any code it contained would be executed by the server. |
Affected by 23 other vulnerabilities. Affected by 13 other vulnerabilities. Affected by 46 other vulnerabilities. Affected by 50 other vulnerabilities. |
|
VCID-akem-ybu8-aaab
Aliases: CVE-2021-25329 GHSA-jgwr-3qm3-26f3 |
Potential remote code execution in Apache Tomcat |
Affected by 6 other vulnerabilities. Affected by 25 other vulnerabilities. Affected by 28 other vulnerabilities. Affected by 13 other vulnerabilities. |
|
VCID-bwx4-6bsd-aaaf
Aliases: CVE-2016-0762 GHSA-wxcp-f2c8-x6xv |
Information Exposure Through Timing Discrepancy The Realm implementations in Apache Tomcat does not process the supplied password if the supplied user name did not exist which makes it possible to use a timing attack to determine valid user names. |
Affected by 32 other vulnerabilities. Affected by 20 other vulnerabilities. Affected by 56 other vulnerabilities. Affected by 57 other vulnerabilities. |
|
VCID-c5ge-w5qj-aaam
Aliases: CVE-2015-5174 GHSA-6qr6-x7jm-x2q6 |
Directory traversal vulnerability in RequestUtil.java in Apache Tomcat 6.x before 6.0.45, 7.x before 7.0.65, and 8.x before 8.0.27 allows remote authenticated users to bypass intended SecurityManager restrictions and list a parent directory via a /.. (slash dot dot) in a pathname used by a web application in a getResource, getResourceAsStream, or getResourcePaths call, as demonstrated by the $CATALINA_BASE/webapps directory. |
Affected by 44 other vulnerabilities. Affected by 32 other vulnerabilities. |
|
VCID-cnyr-2n1f-aaar
Aliases: CVE-2014-0119 GHSA-prc3-7f44-w48j |
Apache Tomcat before 6.0.40, 7.x before 7.0.54, and 8.x before 8.0.6 does not properly constrain the class loader that accesses the XML parser used with an XSLT stylesheet, which allows remote attackers to (1) read arbitrary files via a crafted web application that provides an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue, or (2) read files associated with different web applications on a single Tomcat instance via a crafted web application. |
Affected by 48 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 36 other vulnerabilities. |
|
VCID-cqws-wvr3-aaaf
Aliases: CVE-2011-1088 GHSA-mg4v-rf8p-ghqq |
CVE-2011-1088 CVE-2011-1183 CVE-2011-1419 CVE-2011-1582 tomcat: various flaws due not following ServletSecurity annotations |
Affected by 3 other vulnerabilities. |
|
VCID-cxzy-t2vt-aaar
Aliases: CVE-2014-7810 GHSA-4c43-cwvx-9crh |
The Expression Language (EL) implementation in Apache Tomcat 6.x before 6.0.44, 7.x before 7.0.58, and 8.x before 8.0.16 does not properly consider the possibility of an accessible interface implemented by an inaccessible class, which allows attackers to bypass a SecurityManager protection mechanism via a web application that leverages use of incorrect privileges during EL evaluation. |
Affected by 0 other vulnerabilities. Affected by 45 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 33 other vulnerabilities. |
|
VCID-d82s-fpes-aaar
Aliases: CVE-2018-1304 GHSA-6rxj-58jh-436r |
Moderate severity vulnerability that affects org.apache.tomcat.embed:tomcat-embed-core |
Affected by 21 other vulnerabilities. Affected by 12 other vulnerabilities. Affected by 45 other vulnerabilities. Affected by 48 other vulnerabilities. |
|
VCID-dchn-3cf1-aaag
Aliases: CVE-2011-5062 GHSA-4f7h-9j2x-cmr4 |
The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.12 does not check qop values, which might allow remote attackers to bypass intended integrity-protection requirements via a qop=auth value, a different vulnerability than CVE-2011-1184. |
Affected by 1 other vulnerability. |
|
VCID-en12-rf3h-aaah
Aliases: CVE-2015-5345 GHSA-rh8q-vjgf-gf74 |
The Mapper component in Apache Tomcat 6.x before 6.0.45, 7.x before 7.0.68, 8.x before 8.0.30, and 9.x before 9.0.0.M2 processes redirects before considering security constraints and Filters, which allows remote attackers to determine the existence of a directory via a URL that lacks a trailing / (slash) character. |
Affected by 39 other vulnerabilities. Affected by 31 other vulnerabilities. Affected by 1 other vulnerability. Affected by 61 other vulnerabilities. |
|
VCID-fabx-arrc-aaac
Aliases: CVE-2011-5064 GHSA-6cr4-7c7p-p3xv |
DigestAuthenticator.java in the HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.12 uses Catalina as the hard-coded server secret (aka private key), which makes it easier for remote attackers to bypass cryptographic protection mechanisms by leveraging knowledge of this string, a different vulnerability than CVE-2011-1184. |
Affected by 1 other vulnerability. |
|
VCID-frgh-n7zt-aaar
Aliases: CVE-2013-4322 GHSA-wq2p-q66w-q8gp |
Apache Tomcat before 6.0.39, 7.x before 7.0.50, and 8.x before 8.0.0-RC10 processes chunked transfer coding without properly handling (1) a large total amount of chunked data or (2) whitespace characters in an HTTP header value within a trailer field, which allows remote attackers to cause a denial of service by streaming data. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-3544. |
Affected by 53 other vulnerabilities. Affected by 18 other vulnerabilities. |
|
VCID-fydf-hed2-aaas
Aliases: CVE-2011-1184 GHSA-q9xf-jwr4-v445 |
The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.12 does not have the expected countermeasures against replay attacks, which makes it easier for remote attackers to bypass intended access restrictions by sniffing the network for valid requests, related to lack of checking of nonce (aka server nonce) and nc (aka nonce-count or client nonce count) values. |
Affected by 1 other vulnerability. |
|
VCID-g536-cvsh-aaam
Aliases: CVE-2011-2526 GHSA-9ggm-7897-x4mg |
Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.19, when sendfile is enabled for the HTTP APR or HTTP NIO connector, does not validate certain request attributes, which allows local users to bypass intended file access restrictions or cause a denial of service (infinite loop or JVM crash) by leveraging an untrusted web application. |
Affected by 1 other vulnerability. |
|
VCID-gyt6-3ggt-aaaj
Aliases: CVE-2010-3718 GHSA-fj6c-prgj-gr3r |
CVE-2010-3718 tomcat: file permission bypass flaw |
Affected by 1 other vulnerability. |
|
VCID-h293-dh24-aaar
Aliases: CVE-2013-2071 GHSA-3p5r-7cw3-2m67 |
java/org/apache/catalina/core/AsyncContextImpl.java in Apache Tomcat 7.x before 7.0.40 does not properly handle the throwing of a RuntimeException in an AsyncListener in an application, which allows context-dependent attackers to obtain sensitive request information intended for other applications in opportunistic circumstances via an application that records the requests that it processes. |
Affected by 54 other vulnerabilities. |
|
VCID-h97e-vw19-aaap
Aliases: CVE-2012-2733 |
java/org/apache/coyote/http11/InternalNioInputBuffer.java in the HTTP NIO connector in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.28 does not properly restrict the request-header size, which allows remote attackers to cause a denial of service (memory consumption) via a large amount of header data. |
Affected by 1 other vulnerability. |
|
VCID-hfvf-t5zf-aaaf
Aliases: CVE-2012-0022 GHSA-8h2q-qm9x-55jc |
Apache Tomcat 5.5.x before 5.5.35, 6.x before 6.0.34, and 7.x before 7.0.23 uses an inefficient approach for handling parameters, which allows remote attackers to cause a denial of service (CPU consumption) via a request that contains many parameters and parameter values, a different vulnerability than CVE-2011-4858. |
Affected by 1 other vulnerability. |
|
VCID-hkqr-snht-aaan
Aliases: CVE-2010-4172 GHSA-c78g-qwpw-2jgv |
CVE-2010-4172 tomcat: cross-site-scripting vulnerability in the manager application |
Affected by 2 other vulnerabilities. |
|
VCID-jqdk-mw8x-aaae
Aliases: CVE-2019-17563 GHSA-9xcj-c8cr-8c3c |
In Apache Tomcat, when using FORM authentication there was a narrow window where an attacker could perform a session fixation attack |
Affected by 14 other vulnerabilities. Affected by 37 other vulnerabilities. Affected by 40 other vulnerabilities. |
|
VCID-kcaf-94vh-aaag
Aliases: CVE-2012-5885 GHSA-99rf-92v6-cwx4 |
The replay-countermeasure functionality in the HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.36, 6.x before 6.0.36, and 7.x before 7.0.30 tracks cnonce (aka client nonce) values instead of nonce (aka server nonce) and nc (aka nonce-count) values, which makes it easier for remote attackers to bypass intended access restrictions by sniffing the network for valid requests, a different vulnerability than CVE-2011-1184. |
Affected by 0 other vulnerabilities. |
|
VCID-m8ve-za8b-aaap
Aliases: CVE-2017-12616 GHSA-8qq4-8jvq-mfw4 |
Information Exposure When using a `VirtualDirContext` with Apache Tomcat it is possible to bypass security constraints and/or view the source code of JSPs for resources served by the `VirtualDirContext` using a specially crafted request. |
Affected by 24 other vulnerabilities. |
|
VCID-me4d-ruah-aaam
Aliases: CVE-2011-2481 GHSA-r7c8-hghc-2mp8 |
Apache Tomcat 7.0.x before 7.0.17 permits web applications to replace an XML parser used for other web applications, which allows local users to read or modify the (1) web.xml, (2) context.xml, or (3) tld files of arbitrary web applications via a crafted application that is loaded earlier than the target application. NOTE: this vulnerability exists because of a CVE-2009-0783 regression. |
Affected by 0 other vulnerabilities. Affected by 1 other vulnerability. |
|
VCID-mmcg-y2kn-aaab
Aliases: CVE-2013-4286 GHSA-j448-j653-r3vj |
Apache Tomcat before 6.0.39, 7.x before 7.0.47, and 8.x before 8.0.0-RC3, when an HTTP connector or AJP connector is used, does not properly handle certain inconsistent HTTP request headers, which allows remote attackers to trigger incorrect identification of a request's length and conduct request-smuggling attacks via (1) multiple Content-Length headers or (2) a Content-Length header and a "Transfer-Encoding: chunked" header. NOTE: this vulnerability exists because of an incomplete fix for CVE-2005-2090. |
Affected by 55 other vulnerabilities. Affected by 20 other vulnerabilities. |
|
VCID-msaf-115m-aaaq
Aliases: CVE-2016-6796 GHSA-3mjp-p938-4329 |
A malicious web application running on Apache Tomcat 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 and 6.0.0 to 6.0.45 was able to bypass a configured SecurityManager via manipulation of the configuration parameters for the JSP Servlet. |
Affected by 0 other vulnerabilities. Affected by 32 other vulnerabilities. Affected by 20 other vulnerabilities. Affected by 56 other vulnerabilities. Affected by 57 other vulnerabilities. |
|
VCID-nm9b-h95h-aaaa
Aliases: CVE-2020-9484 GHSA-344f-f5vg-2jfj |
Potential remote code execution in Apache Tomcat |
Affected by 10 other vulnerabilities. Affected by 6 other vulnerabilities. Affected by 33 other vulnerabilities. Affected by 25 other vulnerabilities. Affected by 35 other vulnerabilities. Affected by 28 other vulnerabilities. Affected by 21 other vulnerabilities. Affected by 13 other vulnerabilities. |
|
VCID-ntxm-uwj5-aaae
Aliases: CVE-2012-4431 GHSA-76vr-72mv-mf3q |
org/apache/catalina/filters/CsrfPreventionFilter.java in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.32 allows remote attackers to bypass the cross-site request forgery (CSRF) protection mechanism via a request that lacks a session identifier. |
Affected by 1 other vulnerability. |
|
VCID-nzw2-xx64-aaaq
Aliases: CVE-2011-5063 GHSA-hffm-fqv4-w27r |
The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.12 does not check realm values, which might allow remote attackers to bypass intended access restrictions by leveraging the availability of a protection space with weaker authentication or authorization requirements, a different vulnerability than CVE-2011-1184. |
Affected by 1 other vulnerability. |
|
VCID-p378-4jg4-aaam
Aliases: CVE-2016-8745 GHSA-w3j5-q8f2-3cqq |
Information Exposure A bug in the error handling of the NIO HTTP connector in Apache Tomcat resulted in the current Processor object being added to the Processor cache multiple times. This in turn meant that the same Processor could be used for concurrent requests. Sharing a Processor can result in information leakage. |
Affected by 29 other vulnerabilities. Affected by 17 other vulnerabilities. Affected by 54 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 54 other vulnerabilities. |
|
VCID-q1t4-rzf5-aaac
Aliases: CVE-2016-6816 GHSA-jc7p-5r39-9477 |
The code in Apache Tomcat 9.0.0.M1 to 9.0.0.M11, 8.5.0 to 8.5.6, 8.0.0.RC1 to 8.0.38, 7.0.0 to 7.0.72, and 6.0.0 to 6.0.47 that parsed the HTTP request line permitted invalid characters. This could be exploited, in conjunction with a proxy that also permitted the invalid characters but with a different interpretation, to inject data into the HTTP response. By manipulating the HTTP response the attacker could poison a web-cache, perform an XSS attack and/or obtain sensitive information from requests other then their own. |
Affected by 30 other vulnerabilities. Affected by 18 other vulnerabilities. Affected by 55 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 55 other vulnerabilities. |
|
VCID-qcms-zybq-aaap
Aliases: CVE-2014-0050 GHSA-xx68-jfcg-xmmf |
High severity vulnerability that affects commons-fileupload:commons-fileupload |
Affected by 52 other vulnerabilities. Affected by 41 other vulnerabilities. |
|
VCID-qmjs-369r-aaar
Aliases: CVE-2016-3092 GHSA-fvm3-cfvj-gxqq |
High severity vulnerability that affects commons-fileupload:commons-fileupload |
Affected by 37 other vulnerabilities. Affected by 25 other vulnerabilities. Affected by 60 other vulnerabilities. Affected by 61 other vulnerabilities. |
|
VCID-rd75-u224-aaaj
Aliases: CVE-2012-3546 GHSA-jgm2-m5cg-f66g |
org/apache/catalina/realm/RealmBase.java in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.30, when FORM authentication is used, allows remote attackers to bypass security-constraint checks by leveraging a previous setUserPrincipal call and then placing /j_security_check at the end of a URI. |
Affected by 0 other vulnerabilities. |
|
VCID-rhcq-wuxw-aaad
Aliases: CVE-2011-4858 GHSA-wr3m-gw98-mc3j |
Apache Tomcat before 5.5.35, 6.x before 6.0.35, and 7.x before 7.0.23 computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters. |
Affected by 1 other vulnerability. |
|
VCID-sc5t-244h-aaas
Aliases: CVE-2016-8735 GHSA-cw54-59pw-4g8c |
Remote code execution is possible with Apache Tomcat before 6.0.48, 7.x before 7.0.73, 8.x before 8.0.39, 8.5.x before 8.5.7, and 9.x before 9.0.0.M12 if JmxRemoteLifecycleListener is used and an attacker can reach JMX ports. The issue exists because this listener wasn't updated for consistency with the CVE-2016-3427 Oracle patch that affected credential types. |
Affected by 30 other vulnerabilities. Affected by 18 other vulnerabilities. Affected by 2 other vulnerabilities. Affected by 55 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 55 other vulnerabilities. |
|
VCID-se2g-2qje-aaab
Aliases: CVE-2012-4534 |
org/apache/tomcat/util/net/NioEndpoint.java in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.28, when the NIO connector is used in conjunction with sendfile and HTTPS, allows remote attackers to cause a denial of service (infinite loop) by terminating the connection during the reading of a response. |
Affected by 1 other vulnerability. |
|
VCID-szah-tgau-aaad
Aliases: CVE-2016-5018 GHSA-4v3g-g84w-hv7r |
Improper Access Control In Apache Tomcat, a malicious web application was able to bypass a configured `SecurityManager` via a Tomcat utility method that was accessible to web applications. |
Affected by 32 other vulnerabilities. Affected by 20 other vulnerabilities. Affected by 56 other vulnerabilities. Affected by 57 other vulnerabilities. |
|
VCID-tyd3-vqd2-aaap
Aliases: CVE-2013-4444 GHSA-h6c8-x5r3-pm88 |
Unrestricted file upload vulnerability in Apache Tomcat 7.x before 7.0.40, in certain situations involving outdated java.io.File code and a custom JMX configuration, allows remote attackers to execute arbitrary code by uploading and accessing a JSP file. |
Affected by 54 other vulnerabilities. |
|
VCID-u3ks-rt2w-aaaf
Aliases: CVE-2014-0075 GHSA-475f-74wp-pqv5 |
Integer overflow in the parseChunkHeader function in java/org/apache/coyote/http11/filters/ChunkedInputFilter.java in Apache Tomcat before 6.0.40, 7.x before 7.0.53, and 8.x before 8.0.4 allows remote attackers to cause a denial of service (resource consumption) via a malformed chunk size in chunked transfer coding of a request during the streaming of data. |
Affected by 51 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 39 other vulnerabilities. |
|
VCID-ua97-8gn8-aaaq
Aliases: CVE-2012-3439 |
CVE-2012-3439 Rejected: CVE-2012-3439 |
Affected by 0 other vulnerabilities. |
|
VCID-uuww-g5z6-aaad
Aliases: CVE-2011-2729 |
native/unix/native/jsvc-unix.c in jsvc in the Daemon component 1.0.3 through 1.0.6 in Apache Commons, as used in Apache Tomcat 5.5.32 through 5.5.33, 6.0.30 through 6.0.32, and 7.0.x before 7.0.20 on Linux, does not drop capabilities, which allows remote attackers to bypass read permissions for files via a request to an application. |
Affected by 1 other vulnerability. |
|
VCID-vpst-xrsb-aaab
Aliases: CVE-2012-3544 GHSA-qfxv-3ppc-7qg5 |
Apache Tomcat 6.x before 6.0.37 and 7.x before 7.0.30 does not properly handle chunk extensions in chunked transfer coding, which allows remote attackers to cause a denial of service by streaming data. |
Affected by 0 other vulnerabilities. |
|
VCID-w4d3-t13k-aaab
Aliases: CVE-2021-24122 GHSA-2rvv-w9r2-rg7m |
Information Disclosure in Apache Tomcat |
Affected by 8 other vulnerabilities. Affected by 28 other vulnerabilities. Affected by 31 other vulnerabilities. Affected by 15 other vulnerabilities. |
|
VCID-w4q7-4d2t-aaan
Aliases: CVE-2017-5647 GHSA-3gv7-3h64-78cm |
Information Exposure When "send file" is used, results in the pipelined request being lost when send file processing of the previous request completed. This could result in responses appearing to be sent for the wrong request. For example, a user agent that sent requests A, B and C could see the correct response for request A, the response for request C for request B and no response for request C. |
Affected by 27 other vulnerabilities. Affected by 16 other vulnerabilities. Affected by 15 other vulnerabilities. Affected by 49 other vulnerabilities. Affected by 49 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-w4v5-xn5g-aaag
Aliases: CVE-2011-0013 GHSA-3p86-xgrq-m6p6 |
CVE-2011-0013 tomcat: XSS vulnerability in HTML Manager interface |
Affected by 1 other vulnerability. |
|
VCID-y7g9-rfw9-aaaa
Aliases: CVE-2014-0227 GHSA-42j3-498q-m6vp |
java/org/apache/coyote/http11/filters/ChunkedInputFilter.java in Apache Tomcat 6.x before 6.0.42, 7.x before 7.0.55, and 8.x before 8.0.9 does not properly handle attempts to continue reading data after an error has occurred, which allows remote attackers to conduct HTTP request smuggling attacks or cause a denial of service (resource consumption) by streaming data with malformed chunked transfer coding. |
Affected by 46 other vulnerabilities. Affected by 34 other vulnerabilities. |
|
VCID-yv8m-r56n-aaan
Aliases: CVE-2017-5664 GHSA-jmvv-524f-hj5j |
Improper Handling of Exceptional Conditions The error page mechanism of the Java Servlet Specification requires that, when an error occurs and an error page is configured for the error that occurred, the original request and response are forwarded to the error page. The Default Servlet in Apache Tomcat does not do this. Depending on the original request this could lead to unexpected and undesirable results for static error pages including, if the DefaultServlet is configured to permit writes, the replacement or removal of the custom error page. Notes for other user provided error pages: (1) Unless explicitly coded otherwise, JSPs ignore the HTTP method. JSPs used as error pages must ensure that they handle any error dispatch as a GET request, regardless of the actual method. (2) By default, the response generated by a Servlet does depend on the HTTP method. Custom Servlets used as error pages must ensure that they handle any error dispatch as a GET request, regardless of the actual method. |
Affected by 26 other vulnerabilities. Affected by 14 other vulnerabilities. Affected by 48 other vulnerabilities. Affected by 48 other vulnerabilities. |
|
VCID-zwru-xv8h-aaae
Aliases: CVE-2016-0714 GHSA-mv42-px54-87jw |
The session-persistence implementation in Apache Tomcat 6.x before 6.0.45, 7.x before 7.0.68, 8.x before 8.0.31, and 9.x before 9.0.0.M2 mishandles session attributes, which allows remote authenticated users to bypass intended SecurityManager restrictions and execute arbitrary code in a privileged context via a web application that places a crafted object in a session. |
Affected by 39 other vulnerabilities. Affected by 37 other vulnerabilities. Affected by 26 other vulnerabilities. Affected by 1 other vulnerability. Affected by 61 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||