Search for packages
| purl | pkg:maven/org.apache.tomcat/tomcat@8.0.0-RC9 |
| Tags | Ghost |
| Next non-vulnerable version | None. |
| Latest non-vulnerable version | None. |
| Risk | 4.0 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-3k3s-uk1p-aaag
Aliases: CVE-2013-4590 GHSA-87w9-x2c3-hrjj |
Apache Tomcat before 6.0.39, 7.x before 7.0.50, and 8.x before 8.0.0-RC10 allows attackers to obtain "Tomcat internals" information by leveraging the presence of an untrusted web application with a context.xml, web.xml, *.jspx, *.tagx, or *.tld XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue. |
Affected by 18 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2025-01-17T02:29:15.626544+00:00 | GHSA Importer | Affected by | VCID-3k3s-uk1p-aaag | None | 35.1.0 |
| 2024-09-17T22:36:43.515221+00:00 | GitLab Importer | Affected by | VCID-3k3s-uk1p-aaag | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.tomcat/tomcat/CVE-2013-4590.yml | 34.0.1 |
| 2024-09-17T22:00:59.841696+00:00 | GHSA Importer | Affected by | VCID-3k3s-uk1p-aaag | https://github.com/advisories/GHSA-87w9-x2c3-hrjj | 34.0.1 |
| 2024-04-23T17:40:03.440054+00:00 | GHSA Importer | Affected by | VCID-3k3s-uk1p-aaag | https://github.com/advisories/GHSA-87w9-x2c3-hrjj | 34.0.0rc4 |
| 2024-01-03T17:59:47.331076+00:00 | GitLab Importer | Affected by | VCID-3k3s-uk1p-aaag | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.tomcat/tomcat/CVE-2013-4590.yml | 34.0.0rc1 |
| 2024-01-03T17:39:10.357979+00:00 | GHSA Importer | Affected by | VCID-3k3s-uk1p-aaag | https://github.com/advisories/GHSA-87w9-x2c3-hrjj | 34.0.0rc1 |