Search for packages
Package details: pkg:maven/org.apache.tomcat/tomcat@8.0.0-RC1
purl pkg:maven/org.apache.tomcat/tomcat@8.0.0-RC1
Next non-vulnerable version 9.0.83
Latest non-vulnerable version 11.0.10
Risk 10.0
Vulnerabilities affecting this package (15)
Vulnerability Summary Fixed by
VCID-4zq3-fzqy-7uae
Aliases:
CVE-2013-4322
GHSA-wq2p-q66w-q8gp
8.0.0-RC10
Affected by 3 other vulnerabilities.
VCID-97sa-54jq-a3fc
Aliases:
CVE-2014-0075
GHSA-475f-74wp-pqv5
8.0.4
Affected by 0 other vulnerabilities.
8.0.5
Affected by 30 other vulnerabilities.
VCID-d2t2-fsbm-n3hw
Aliases:
CVE-2014-0227
GHSA-42j3-498q-m6vp
8.0.9
Affected by 25 other vulnerabilities.
VCID-fm4m-zurr-hyht
Aliases:
CVE-2014-7810
GHSA-4c43-cwvx-9crh
8.0.16
Affected by 0 other vulnerabilities.
8.0.17
Affected by 24 other vulnerabilities.
VCID-gb8p-hr5j-yqav
Aliases:
CVE-2014-0050
GHSA-xx68-jfcg-xmmf
8.0.3
Affected by 32 other vulnerabilities.
VCID-j52h-jxrq-43g1
Aliases:
CVE-2016-6816
GHSA-jc7p-5r39-9477
8.0.39
Affected by 12 other vulnerabilities.
8.5.8
Affected by 36 other vulnerabilities.
9.0.0.M12
Affected by 0 other vulnerabilities.
9.0.0.M13
Affected by 14 other vulnerabilities.
VCID-jqmj-axjq-w7hh
Aliases:
CVE-2013-4590
GHSA-87w9-x2c3-hrjj
8.0.0-RC10
Affected by 3 other vulnerabilities.
VCID-kcvp-2brm-p7f2
Aliases:
CVE-2015-5174
GHSA-6qr6-x7jm-x2q6
8.0.27
Affected by 23 other vulnerabilities.
VCID-pfpw-9ha8-j7b6
Aliases:
CVE-2014-0096
GHSA-qprx-q2r7-3rx6
8.0.5
Affected by 30 other vulnerabilities.
8.0.6
Affected by 0 other vulnerabilities.
8.0.8
Affected by 27 other vulnerabilities.
VCID-ps1f-p4ds-zbgc
Aliases:
CVE-2020-8022
GHSA-gc58-v8h3-x2gr
Incorrect Default Permissions in Apache Tomcat ### Withdrawn As per https://lists.apache.org/thread/0z644xfjo49pn2oxcp9qslkvhhw4tb7q this issue only affects the SUSE built artifacts of tomcat and is not relevant for the artifacts on maven central. ### Original Advisory A Incorrect Default Permissions vulnerability in the packaging of tomcat on SUSE Enterprise Storage 5, SUSE Linux Enterprise Server 12-SP2-BCL, SUSE Linux Enterprise Server 12-SP2-LTSS, SUSE Linux Enterprise Server 12-SP3-BCL, SUSE Linux Enterprise Server 12-SP3-LTSS, SUSE Linux Enterprise Server 12-SP4, SUSE Linux Enterprise Server 12-SP5, SUSE Linux Enterprise Server 15-LTSS, SUSE Linux Enterprise Server for SAP 12-SP2, SUSE Linux Enterprise Server for SAP 12-SP3, SUSE Linux Enterprise Server for SAP 15, SUSE OpenStack Cloud 7, SUSE OpenStack Cloud 8, SUSE OpenStack Cloud Crowbar 8 allows local attackers to escalate from group tomcat to root. This issue affects: SUSE Enterprise Storage 5 tomcat versions prior to 80.0.53-29.32.1. SUSE Linux Enterprise Server 12-SP2-BCL tomcat versions prior to 8.0.53-29.32.1. SUSE Linux Enterprise Server 12-SP2-LTSS tomcat versions prior to 8.0.53-29.32.1. SUSE Linux Enterprise Server 12-SP3-BCL tomcat versions prior to 8.0.53-29.32.1. SUSE Linux Enterprise Server 12-SP3-LTSS tomcat versions prior to 8.0.53-29.32.1. SUSE Linux Enterprise Server 12-SP4 tomcat versions prior to 9.0.35-3.39.1. SUSE Linux Enterprise Server 12-SP5 tomcat versions prior to 9.0.35-3.39.1. SUSE Linux Enterprise Server 15-LTSS tomcat versions prior to 9.0.35-3.57.3. SUSE Linux Enterprise Server for SAP 12-SP2 tomcat versions prior to 8.0.53-29.32.1. SUSE Linux Enterprise Server for SAP 12-SP3 tomcat versions prior to 8.0.53-29.32.1. SUSE Linux Enterprise Server for SAP 15 tomcat versions prior to 9.0.35-3.57.3. SUSE OpenStack Cloud 7 tomcat versions prior to 8.0.53-29.32.1. SUSE OpenStack Cloud 8 tomcat versions prior to 8.0.53-29.32.1. SUSE OpenStack Cloud Crowbar 8 tomcat versions prior to 8.0.53-29.32.1.
8.0.53
Affected by 2 other vulnerabilities.
9.0.35
Affected by 13 other vulnerabilities.
VCID-psd6-q4ht-bub7
Aliases:
CVE-2014-0119
GHSA-prc3-7f44-w48j
8.0.6
Affected by 0 other vulnerabilities.
8.0.8
Affected by 27 other vulnerabilities.
VCID-rr6w-9ux1-yba6
Aliases:
CVE-2014-0099
GHSA-xh5x-j8jf-pcpx
8.0.5
Affected by 30 other vulnerabilities.
8.0.6
Affected by 0 other vulnerabilities.
8.0.8
Affected by 27 other vulnerabilities.
VCID-s4za-285p-5ufj
Aliases:
CVE-2014-0230
GHSA-pxcx-cxq8-4mmw
8.0.9
Affected by 25 other vulnerabilities.
VCID-u7rw-x7gm-buad
Aliases:
CVE-2013-4286
GHSA-j448-j653-r3vj
8.0.0-RC3
Affected by 5 other vulnerabilities.
VCID-ytwn-k91p-y7ht
Aliases:
CVE-2015-5345
GHSA-rh8q-vjgf-gf74
8.0.30
Affected by 22 other vulnerabilities.
9.0.0.M2
Affected by 1 other vulnerability.
9.0.0.M3
Affected by 18 other vulnerabilities.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2025-09-09T19:34:02.200469+00:00 GHSA Importer Affected by VCID-ytwn-k91p-y7ht https://github.com/advisories/GHSA-rh8q-vjgf-gf74 37.0.0
2025-09-09T19:34:02.055773+00:00 GHSA Importer Affected by VCID-kcvp-2brm-p7f2 https://github.com/advisories/GHSA-6qr6-x7jm-x2q6 37.0.0
2025-08-02T12:41:31.812018+00:00 GHSA Importer Affected by VCID-u7rw-x7gm-buad https://github.com/advisories/GHSA-j448-j653-r3vj 37.0.0
2025-08-02T12:41:31.211845+00:00 GHSA Importer Affected by VCID-4zq3-fzqy-7uae https://github.com/advisories/GHSA-wq2p-q66w-q8gp 37.0.0
2025-08-02T12:41:30.701501+00:00 GHSA Importer Affected by VCID-jqmj-axjq-w7hh https://github.com/advisories/GHSA-87w9-x2c3-hrjj 37.0.0
2025-08-01T10:24:26.297635+00:00 GitLab Importer Affected by VCID-j52h-jxrq-43g1 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.tomcat/tomcat/CVE-2016-6816.yml 37.0.0
2025-08-01T10:12:04.447984+00:00 GitLab Importer Affected by VCID-ps1f-p4ds-zbgc https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.tomcat/tomcat/CVE-2020-8022.yml 37.0.0
2025-07-31T12:28:04.016955+00:00 GHSA Importer Affected by VCID-gb8p-hr5j-yqav https://github.com/advisories/GHSA-xx68-jfcg-xmmf 37.0.0
2025-07-31T09:27:59.642665+00:00 GitLab Importer Affected by VCID-jqmj-axjq-w7hh https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.tomcat/tomcat/CVE-2013-4590.yml 37.0.0
2025-07-31T09:27:58.829502+00:00 GitLab Importer Affected by VCID-u7rw-x7gm-buad https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.tomcat/tomcat/CVE-2013-4286.yml 37.0.0
2025-07-31T09:27:40.515427+00:00 GitLab Importer Affected by VCID-4zq3-fzqy-7uae https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.tomcat/tomcat/CVE-2013-4322.yml 37.0.0
2025-07-31T09:23:40.928745+00:00 GitLab Importer Affected by VCID-gb8p-hr5j-yqav https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.tomcat/tomcat/CVE-2014-0050.yml 37.0.0
2025-07-31T08:03:24.466754+00:00 Apache Tomcat Importer Affected by VCID-jqmj-axjq-w7hh https://tomcat.apache.org/security-8.html 37.0.0
2025-07-31T08:03:24.433349+00:00 Apache Tomcat Importer Affected by VCID-4zq3-fzqy-7uae https://tomcat.apache.org/security-8.html 37.0.0
2025-07-31T08:03:24.401103+00:00 Apache Tomcat Importer Affected by VCID-gb8p-hr5j-yqav https://tomcat.apache.org/security-8.html 37.0.0
2025-07-31T08:03:24.372469+00:00 Apache Tomcat Importer Affected by VCID-rr6w-9ux1-yba6 https://tomcat.apache.org/security-8.html 37.0.0
2025-07-31T08:03:24.342851+00:00 Apache Tomcat Importer Affected by VCID-pfpw-9ha8-j7b6 https://tomcat.apache.org/security-8.html 37.0.0
2025-07-31T08:03:24.279895+00:00 Apache Tomcat Importer Affected by VCID-97sa-54jq-a3fc https://tomcat.apache.org/security-8.html 37.0.0
2025-07-31T08:03:24.251004+00:00 Apache Tomcat Importer Affected by VCID-psd6-q4ht-bub7 https://tomcat.apache.org/security-8.html 37.0.0
2025-07-31T08:03:24.207522+00:00 Apache Tomcat Importer Affected by VCID-s4za-285p-5ufj https://tomcat.apache.org/security-8.html 37.0.0
2025-07-31T08:03:24.165532+00:00 Apache Tomcat Importer Affected by VCID-d2t2-fsbm-n3hw https://tomcat.apache.org/security-8.html 37.0.0
2025-07-31T08:03:24.126926+00:00 Apache Tomcat Importer Affected by VCID-fm4m-zurr-hyht https://tomcat.apache.org/security-8.html 37.0.0
2025-07-31T08:03:24.095000+00:00 Apache Tomcat Importer Affected by VCID-kcvp-2brm-p7f2 https://tomcat.apache.org/security-8.html 37.0.0