Search for packages
| purl | pkg:maven/org.apache.tomcat/tomcat@8.0.0.RC1 |
| Tags | Ghost |
| Next non-vulnerable version | None. |
| Latest non-vulnerable version | None. |
| Risk | 10.0 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-11gb-2qp7-aaaj
Aliases: CVE-2017-5648 GHSA-3vx3-xf6q-r5xp |
Exposure of Resource to Wrong Sphere Some calls to application listeners in Apache Tomcat did not use the appropriate facade object. When running an untrusted application under a SecurityManager, it was therefore possible for that untrusted application to retain a reference to the request or response object and thereby access and/or modify information associated with another web application. |
Affected by 16 other vulnerabilities. Affected by 53 other vulnerabilities. Affected by 49 other vulnerabilities. Affected by 52 other vulnerabilities. |
|
VCID-2uwh-1pm5-aaad
Aliases: CVE-2015-5346 GHSA-jrcp-c39h-r29x |
Session fixation vulnerability in Apache Tomcat 7.x before 7.0.66, 8.x before 8.0.30, and 9.x before 9.0.0.M2, when different session settings are used for deployments of multiple versions of the same web application, might allow remote attackers to hijack web sessions by leveraging use of a requestedSessionSSL field for an unintended request, related to CoyoteAdapter.java and Request.java. |
Affected by 0 other vulnerabilities. Affected by 26 other vulnerabilities. Affected by 1 other vulnerability. Affected by 61 other vulnerabilities. |
|
VCID-3kmg-uhrj-aaaq
Aliases: CVE-2016-6797 GHSA-q6x7-f33r-3wxx |
The ResourceLinkFactory implementation in Apache Tomcat 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 and 6.0.0 to 6.0.45 did not limit web application access to global JNDI resources to those resources explicitly linked to the web application. Therefore, it was possible for a web application to access any global JNDI resource whether an explicit ResourceLink had been configured or not. |
Affected by 20 other vulnerabilities. Affected by 56 other vulnerabilities. Affected by 57 other vulnerabilities. |
|
VCID-3spb-m822-aaab
Aliases: CVE-2016-6794 GHSA-2rvf-329f-p99g |
System Property Disclosure in Apache Tomcat |
Affected by 20 other vulnerabilities. Affected by 56 other vulnerabilities. Affected by 57 other vulnerabilities. |
|
VCID-7c2n-n9ga-aaar
Aliases: CVE-2018-8034 GHSA-46j3-r4pj-4835 |
The host name verification missing in Apache Tomcat |
Affected by 8 other vulnerabilities. Affected by 41 other vulnerabilities. Affected by 44 other vulnerabilities. |
|
VCID-7jzs-4ayu-aaar
Aliases: CVE-2016-0763 GHSA-9hjv-9h75-xmpp |
The setGlobalContext method in org/apache/naming/factory/ResourceLinkFactory.java in Apache Tomcat 7.x before 7.0.68, 8.x before 8.0.31, and 9.x before 9.0.0.M3 does not consider whether ResourceLinkFactory.setGlobalContext callers are authorized, which allows remote authenticated users to bypass intended SecurityManager restrictions and read or write to arbitrary application data, or cause a denial of service (application disruption), via a web application that sets a crafted global context. |
Affected by 26 other vulnerabilities. Affected by 61 other vulnerabilities. |
|
VCID-8ff2-1h4t-aaaa
Aliases: CVE-2016-0706 GHSA-6vx3-hr43-cfrh |
Apache Tomcat 6.x before 6.0.45, 7.x before 7.0.68, 8.x before 8.0.31, and 9.x before 9.0.0.M2 does not place org.apache.catalina.manager.StatusManagerServlet on the org/apache/catalina/core/RestrictedServlets.properties list, which allows remote authenticated users to bypass intended SecurityManager restrictions and read arbitrary HTTP requests, and consequently discover session ID values, via a crafted web application. |
Affected by 0 other vulnerabilities. Affected by 26 other vulnerabilities. Affected by 1 other vulnerability. Affected by 61 other vulnerabilities. |
|
VCID-9pu2-we8w-aaar
Aliases: CVE-2018-1305 GHSA-jx6h-3fjx-cgv5 |
Moderate severity vulnerability that affects org.apache.tomcat.embed:tomcat-embed-core |
Affected by 12 other vulnerabilities. Affected by 45 other vulnerabilities. Affected by 48 other vulnerabilities. |
|
VCID-ah95-hj74-aaaq
Aliases: CVE-2017-12617 GHSA-xjgh-84hx-56c5 |
Unrestricted Upload of File with Dangerous Type When running Apache Tomcat with HTTP PUTs enabled it was possible to upload a JSP file to the server via a specially crafted request. This JSP could then be requested and any code it contained would be executed by the server. |
Affected by 13 other vulnerabilities. Affected by 46 other vulnerabilities. Affected by 50 other vulnerabilities. |
|
VCID-b2z1-15m4-aaac
Aliases: CVE-2018-1336 GHSA-m59c-jpc8-m2x4 |
In Apache Tomcat there is an improper handing of overflow in the UTF-8 decoder |
Affected by 11 other vulnerabilities. Affected by 44 other vulnerabilities. Affected by 47 other vulnerabilities. |
|
VCID-bhm9-2v2g-aaaq
Aliases: CVE-2015-5351 GHSA-w7cg-5969-678w |
The (1) Manager and (2) Host Manager applications in Apache Tomcat 7.x before 7.0.68, 8.x before 8.0.31, and 9.x before 9.0.0.M2 establish sessions and send CSRF tokens for arbitrary new requests, which allows remote attackers to bypass a CSRF protection mechanism by using a token. |
Affected by 0 other vulnerabilities. Affected by 26 other vulnerabilities. Affected by 1 other vulnerability. Affected by 61 other vulnerabilities. |
|
VCID-bwx4-6bsd-aaaf
Aliases: CVE-2016-0762 GHSA-wxcp-f2c8-x6xv |
Information Exposure Through Timing Discrepancy The Realm implementations in Apache Tomcat does not process the supplied password if the supplied user name did not exist which makes it possible to use a timing attack to determine valid user names. |
Affected by 20 other vulnerabilities. Affected by 56 other vulnerabilities. Affected by 57 other vulnerabilities. |
|
VCID-c5ge-w5qj-aaam
Aliases: CVE-2015-5174 GHSA-6qr6-x7jm-x2q6 |
Directory traversal vulnerability in RequestUtil.java in Apache Tomcat 6.x before 6.0.45, 7.x before 7.0.65, and 8.x before 8.0.27 allows remote authenticated users to bypass intended SecurityManager restrictions and list a parent directory via a /.. (slash dot dot) in a pathname used by a web application in a getResource, getResourceAsStream, or getResourcePaths call, as demonstrated by the $CATALINA_BASE/webapps directory. |
Affected by 32 other vulnerabilities. |
|
VCID-cp4z-y57s-aaah
Aliases: CVE-2018-8014 GHSA-r4x2-3cq5-hqvp |
The defaults settings for the CORS filter provided in Apache Tomcat are insecure and enable 'supportsCredentials' for all origins |
Affected by 8 other vulnerabilities. Affected by 41 other vulnerabilities. Affected by 2 other vulnerabilities. Affected by 44 other vulnerabilities. |
|
VCID-d82s-fpes-aaar
Aliases: CVE-2018-1304 GHSA-6rxj-58jh-436r |
Moderate severity vulnerability that affects org.apache.tomcat.embed:tomcat-embed-core |
Affected by 12 other vulnerabilities. Affected by 45 other vulnerabilities. Affected by 48 other vulnerabilities. |
|
VCID-en12-rf3h-aaah
Aliases: CVE-2015-5345 GHSA-rh8q-vjgf-gf74 |
The Mapper component in Apache Tomcat 6.x before 6.0.45, 7.x before 7.0.68, 8.x before 8.0.30, and 9.x before 9.0.0.M2 processes redirects before considering security constraints and Filters, which allows remote attackers to determine the existence of a directory via a URL that lacks a trailing / (slash) character. |
Affected by 31 other vulnerabilities. Affected by 1 other vulnerability. Affected by 61 other vulnerabilities. |
|
VCID-jtsq-4sgf-aaag
Aliases: CVE-2017-7674 GHSA-73rx-3f9r-x949 |
Insufficient Verification of Data Authenticity The CORS Filter in Apache Tomcat does not add an HTTP Vary header indicating that the response varies depending on Origin. This permitted client and server side cache poisoning in some circumstances. |
Affected by 14 other vulnerabilities. Affected by 47 other vulnerabilities. Affected by 47 other vulnerabilities. Affected by 50 other vulnerabilities. |
|
VCID-msaf-115m-aaaq
Aliases: CVE-2016-6796 GHSA-3mjp-p938-4329 |
A malicious web application running on Apache Tomcat 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 and 6.0.0 to 6.0.45 was able to bypass a configured SecurityManager via manipulation of the configuration parameters for the JSP Servlet. |
Affected by 20 other vulnerabilities. Affected by 56 other vulnerabilities. Affected by 57 other vulnerabilities. |
|
VCID-p378-4jg4-aaam
Aliases: CVE-2016-8745 GHSA-w3j5-q8f2-3cqq |
Information Exposure A bug in the error handling of the NIO HTTP connector in Apache Tomcat resulted in the current Processor object being added to the Processor cache multiple times. This in turn meant that the same Processor could be used for concurrent requests. Sharing a Processor can result in information leakage. |
Affected by 17 other vulnerabilities. Affected by 54 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 54 other vulnerabilities. |
|
VCID-q1t4-rzf5-aaac
Aliases: CVE-2016-6816 GHSA-jc7p-5r39-9477 |
The code in Apache Tomcat 9.0.0.M1 to 9.0.0.M11, 8.5.0 to 8.5.6, 8.0.0.RC1 to 8.0.38, 7.0.0 to 7.0.72, and 6.0.0 to 6.0.47 that parsed the HTTP request line permitted invalid characters. This could be exploited, in conjunction with a proxy that also permitted the invalid characters but with a different interpretation, to inject data into the HTTP response. By manipulating the HTTP response the attacker could poison a web-cache, perform an XSS attack and/or obtain sensitive information from requests other then their own. |
Affected by 18 other vulnerabilities. Affected by 55 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 55 other vulnerabilities. |
|
VCID-qmjs-369r-aaar
Aliases: CVE-2016-3092 GHSA-fvm3-cfvj-gxqq |
High severity vulnerability that affects commons-fileupload:commons-fileupload |
Affected by 25 other vulnerabilities. Affected by 60 other vulnerabilities. Affected by 61 other vulnerabilities. |
|
VCID-sc5t-244h-aaas
Aliases: CVE-2016-8735 GHSA-cw54-59pw-4g8c |
Remote code execution is possible with Apache Tomcat before 6.0.48, 7.x before 7.0.73, 8.x before 8.0.39, 8.5.x before 8.5.7, and 9.x before 9.0.0.M12 if JmxRemoteLifecycleListener is used and an attacker can reach JMX ports. The issue exists because this listener wasn't updated for consistency with the CVE-2016-3427 Oracle patch that affected credential types. |
Affected by 18 other vulnerabilities. Affected by 2 other vulnerabilities. Affected by 55 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 55 other vulnerabilities. |
|
VCID-szah-tgau-aaad
Aliases: CVE-2016-5018 GHSA-4v3g-g84w-hv7r |
Improper Access Control In Apache Tomcat, a malicious web application was able to bypass a configured `SecurityManager` via a Tomcat utility method that was accessible to web applications. |
Affected by 20 other vulnerabilities. Affected by 56 other vulnerabilities. Affected by 57 other vulnerabilities. |
|
VCID-w4q7-4d2t-aaan
Aliases: CVE-2017-5647 GHSA-3gv7-3h64-78cm |
Information Exposure When "send file" is used, results in the pipelined request being lost when send file processing of the previous request completed. This could result in responses appearing to be sent for the wrong request. For example, a user agent that sent requests A, B and C could see the correct response for request A, the response for request C for request B and no response for request C. |
Affected by 16 other vulnerabilities. Affected by 15 other vulnerabilities. Affected by 49 other vulnerabilities. Affected by 49 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-yv8m-r56n-aaan
Aliases: CVE-2017-5664 GHSA-jmvv-524f-hj5j |
Improper Handling of Exceptional Conditions The error page mechanism of the Java Servlet Specification requires that, when an error occurs and an error page is configured for the error that occurred, the original request and response are forwarded to the error page. The Default Servlet in Apache Tomcat does not do this. Depending on the original request this could lead to unexpected and undesirable results for static error pages including, if the DefaultServlet is configured to permit writes, the replacement or removal of the custom error page. Notes for other user provided error pages: (1) Unless explicitly coded otherwise, JSPs ignore the HTTP method. JSPs used as error pages must ensure that they handle any error dispatch as a GET request, regardless of the actual method. (2) By default, the response generated by a Servlet does depend on the HTTP method. Custom Servlets used as error pages must ensure that they handle any error dispatch as a GET request, regardless of the actual method. |
Affected by 14 other vulnerabilities. Affected by 48 other vulnerabilities. Affected by 48 other vulnerabilities. |
|
VCID-zwru-xv8h-aaae
Aliases: CVE-2016-0714 GHSA-mv42-px54-87jw |
The session-persistence implementation in Apache Tomcat 6.x before 6.0.45, 7.x before 7.0.68, 8.x before 8.0.31, and 9.x before 9.0.0.M2 mishandles session attributes, which allows remote authenticated users to bypass intended SecurityManager restrictions and execute arbitrary code in a privileged context via a web application that places a crafted object in a session. |
Affected by 26 other vulnerabilities. Affected by 1 other vulnerability. Affected by 61 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2025-03-28T13:19:26.781935+00:00 | Apache Tomcat Importer | Affected by | VCID-en12-rf3h-aaah | https://tomcat.apache.org/security-8.html | 36.0.0 |
| 2025-03-28T13:19:26.726615+00:00 | Apache Tomcat Importer | Affected by | VCID-7jzs-4ayu-aaar | https://tomcat.apache.org/security-8.html | 36.0.0 |
| 2025-03-28T13:19:26.674701+00:00 | Apache Tomcat Importer | Affected by | VCID-zwru-xv8h-aaae | https://tomcat.apache.org/security-8.html | 36.0.0 |
| 2025-03-28T13:19:26.619466+00:00 | Apache Tomcat Importer | Affected by | VCID-8ff2-1h4t-aaaa | https://tomcat.apache.org/security-8.html | 36.0.0 |
| 2025-03-28T13:19:26.563985+00:00 | Apache Tomcat Importer | Affected by | VCID-bhm9-2v2g-aaaq | https://tomcat.apache.org/security-8.html | 36.0.0 |
| 2025-03-28T13:19:26.498191+00:00 | Apache Tomcat Importer | Affected by | VCID-2uwh-1pm5-aaad | https://tomcat.apache.org/security-8.html | 36.0.0 |
| 2025-03-28T13:19:26.386905+00:00 | Apache Tomcat Importer | Affected by | VCID-qmjs-369r-aaar | https://tomcat.apache.org/security-8.html | 36.0.0 |
| 2025-03-28T13:19:26.256616+00:00 | Apache Tomcat Importer | Affected by | VCID-bwx4-6bsd-aaaf | https://tomcat.apache.org/security-8.html | 36.0.0 |
| 2025-03-28T13:19:26.115889+00:00 | Apache Tomcat Importer | Affected by | VCID-szah-tgau-aaad | https://tomcat.apache.org/security-8.html | 36.0.0 |
| 2025-03-28T13:19:25.959652+00:00 | Apache Tomcat Importer | Affected by | VCID-3spb-m822-aaab | https://tomcat.apache.org/security-8.html | 36.0.0 |
| 2025-03-28T13:19:25.811201+00:00 | Apache Tomcat Importer | Affected by | VCID-msaf-115m-aaaq | https://tomcat.apache.org/security-8.html | 36.0.0 |
| 2025-03-28T13:19:25.649692+00:00 | Apache Tomcat Importer | Affected by | VCID-3kmg-uhrj-aaaq | https://tomcat.apache.org/security-8.html | 36.0.0 |
| 2025-03-28T13:19:25.385405+00:00 | Apache Tomcat Importer | Affected by | VCID-q1t4-rzf5-aaac | https://tomcat.apache.org/security-8.html | 36.0.0 |
| 2025-03-28T13:19:25.332443+00:00 | Apache Tomcat Importer | Affected by | VCID-sc5t-244h-aaas | https://tomcat.apache.org/security-8.html | 36.0.0 |
| 2025-03-28T13:19:25.164131+00:00 | Apache Tomcat Importer | Affected by | VCID-p378-4jg4-aaam | https://tomcat.apache.org/security-8.html | 36.0.0 |
| 2025-03-28T13:19:25.051919+00:00 | Apache Tomcat Importer | Affected by | VCID-11gb-2qp7-aaaj | https://tomcat.apache.org/security-8.html | 36.0.0 |
| 2025-03-28T13:19:24.823881+00:00 | Apache Tomcat Importer | Affected by | VCID-w4q7-4d2t-aaan | https://tomcat.apache.org/security-8.html | 36.0.0 |
| 2025-03-28T13:19:24.707127+00:00 | Apache Tomcat Importer | Affected by | VCID-yv8m-r56n-aaan | https://tomcat.apache.org/security-8.html | 36.0.0 |
| 2025-03-28T13:19:24.521025+00:00 | Apache Tomcat Importer | Affected by | VCID-jtsq-4sgf-aaag | https://tomcat.apache.org/security-8.html | 36.0.0 |
| 2025-03-28T13:19:24.404165+00:00 | Apache Tomcat Importer | Affected by | VCID-ah95-hj74-aaaq | https://tomcat.apache.org/security-8.html | 36.0.0 |
| 2025-03-28T13:19:24.106102+00:00 | Apache Tomcat Importer | Affected by | VCID-d82s-fpes-aaar | https://tomcat.apache.org/security-8.html | 36.0.0 |
| 2025-03-28T13:19:24.046828+00:00 | Apache Tomcat Importer | Affected by | VCID-9pu2-we8w-aaar | https://tomcat.apache.org/security-8.html | 36.0.0 |
| 2025-03-28T13:19:23.937282+00:00 | Apache Tomcat Importer | Affected by | VCID-b2z1-15m4-aaac | https://tomcat.apache.org/security-8.html | 36.0.0 |
| 2025-03-28T13:19:23.691204+00:00 | Apache Tomcat Importer | Affected by | VCID-cp4z-y57s-aaah | https://tomcat.apache.org/security-8.html | 36.0.0 |
| 2025-03-28T13:19:23.633656+00:00 | Apache Tomcat Importer | Affected by | VCID-7c2n-n9ga-aaar | https://tomcat.apache.org/security-8.html | 36.0.0 |
| 2025-01-17T02:30:55.191496+00:00 | GHSA Importer | Affected by | VCID-jtsq-4sgf-aaag | None | 35.1.0 |
| 2025-01-17T02:29:53.875361+00:00 | GHSA Importer | Affected by | VCID-bwx4-6bsd-aaaf | None | 35.1.0 |
| 2025-01-17T02:29:52.212829+00:00 | GHSA Importer | Affected by | VCID-zwru-xv8h-aaae | None | 35.1.0 |
| 2025-01-17T02:29:51.731835+00:00 | GHSA Importer | Affected by | VCID-8ff2-1h4t-aaaa | None | 35.1.0 |
| 2025-01-17T02:29:45.123215+00:00 | GHSA Importer | Affected by | VCID-2uwh-1pm5-aaad | None | 35.1.0 |
| 2025-01-17T02:29:44.714098+00:00 | GHSA Importer | Affected by | VCID-en12-rf3h-aaah | None | 35.1.0 |
| 2025-01-17T02:29:42.232102+00:00 | GHSA Importer | Affected by | VCID-c5ge-w5qj-aaam | None | 35.1.0 |
| 2024-09-18T08:17:37.095973+00:00 | Apache Tomcat Importer | Affected by | VCID-en12-rf3h-aaah | https://tomcat.apache.org/security-8.html | 34.0.1 |
| 2024-09-18T08:17:37.038787+00:00 | Apache Tomcat Importer | Affected by | VCID-7jzs-4ayu-aaar | https://tomcat.apache.org/security-8.html | 34.0.1 |
| 2024-09-18T08:17:36.986083+00:00 | Apache Tomcat Importer | Affected by | VCID-zwru-xv8h-aaae | https://tomcat.apache.org/security-8.html | 34.0.1 |
| 2024-09-18T08:17:36.931697+00:00 | Apache Tomcat Importer | Affected by | VCID-8ff2-1h4t-aaaa | https://tomcat.apache.org/security-8.html | 34.0.1 |
| 2024-09-18T08:17:36.885977+00:00 | Apache Tomcat Importer | Affected by | VCID-bhm9-2v2g-aaaq | https://tomcat.apache.org/security-8.html | 34.0.1 |
| 2024-09-18T08:17:36.832746+00:00 | Apache Tomcat Importer | Affected by | VCID-2uwh-1pm5-aaad | https://tomcat.apache.org/security-8.html | 34.0.1 |
| 2024-09-18T08:17:36.737084+00:00 | Apache Tomcat Importer | Affected by | VCID-qmjs-369r-aaar | https://tomcat.apache.org/security-8.html | 34.0.1 |
| 2024-09-18T08:17:36.611229+00:00 | Apache Tomcat Importer | Affected by | VCID-bwx4-6bsd-aaaf | https://tomcat.apache.org/security-8.html | 34.0.1 |
| 2024-09-18T08:17:36.478515+00:00 | Apache Tomcat Importer | Affected by | VCID-szah-tgau-aaad | https://tomcat.apache.org/security-8.html | 34.0.1 |
| 2024-09-18T08:17:36.335430+00:00 | Apache Tomcat Importer | Affected by | VCID-3spb-m822-aaab | https://tomcat.apache.org/security-8.html | 34.0.1 |
| 2024-09-18T08:17:36.199645+00:00 | Apache Tomcat Importer | Affected by | VCID-msaf-115m-aaaq | https://tomcat.apache.org/security-8.html | 34.0.1 |
| 2024-09-18T08:17:36.046972+00:00 | Apache Tomcat Importer | Affected by | VCID-3kmg-uhrj-aaaq | https://tomcat.apache.org/security-8.html | 34.0.1 |
| 2024-09-18T08:17:35.799962+00:00 | Apache Tomcat Importer | Affected by | VCID-q1t4-rzf5-aaac | https://tomcat.apache.org/security-8.html | 34.0.1 |
| 2024-09-18T08:17:35.751378+00:00 | Apache Tomcat Importer | Affected by | VCID-sc5t-244h-aaas | https://tomcat.apache.org/security-8.html | 34.0.1 |
| 2024-09-18T08:17:35.585304+00:00 | Apache Tomcat Importer | Affected by | VCID-p378-4jg4-aaam | https://tomcat.apache.org/security-8.html | 34.0.1 |
| 2024-09-18T08:17:35.483133+00:00 | Apache Tomcat Importer | Affected by | VCID-11gb-2qp7-aaaj | https://tomcat.apache.org/security-8.html | 34.0.1 |
| 2024-09-18T08:17:35.263423+00:00 | Apache Tomcat Importer | Affected by | VCID-w4q7-4d2t-aaan | https://tomcat.apache.org/security-8.html | 34.0.1 |
| 2024-09-18T08:17:35.164914+00:00 | Apache Tomcat Importer | Affected by | VCID-yv8m-r56n-aaan | https://tomcat.apache.org/security-8.html | 34.0.1 |
| 2024-09-18T08:17:35.017233+00:00 | Apache Tomcat Importer | Affected by | VCID-jtsq-4sgf-aaag | https://tomcat.apache.org/security-8.html | 34.0.1 |
| 2024-09-18T08:17:34.910717+00:00 | Apache Tomcat Importer | Affected by | VCID-ah95-hj74-aaaq | https://tomcat.apache.org/security-8.html | 34.0.1 |
| 2024-09-18T08:17:34.532213+00:00 | Apache Tomcat Importer | Affected by | VCID-d82s-fpes-aaar | https://tomcat.apache.org/security-8.html | 34.0.1 |
| 2024-09-18T08:17:34.485094+00:00 | Apache Tomcat Importer | Affected by | VCID-9pu2-we8w-aaar | https://tomcat.apache.org/security-8.html | 34.0.1 |
| 2024-09-18T08:17:34.389063+00:00 | Apache Tomcat Importer | Affected by | VCID-b2z1-15m4-aaac | https://tomcat.apache.org/security-8.html | 34.0.1 |
| 2024-09-18T08:17:34.180051+00:00 | Apache Tomcat Importer | Affected by | VCID-cp4z-y57s-aaah | https://tomcat.apache.org/security-8.html | 34.0.1 |
| 2024-09-18T08:17:34.131638+00:00 | Apache Tomcat Importer | Affected by | VCID-7c2n-n9ga-aaar | https://tomcat.apache.org/security-8.html | 34.0.1 |
| 2024-09-17T22:36:55.345457+00:00 | GitLab Importer | Affected by | VCID-2uwh-1pm5-aaad | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.tomcat/tomcat/CVE-2015-5346.yml | 34.0.1 |
| 2024-09-17T22:36:48.344096+00:00 | GitLab Importer | Affected by | VCID-bwx4-6bsd-aaaf | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.tomcat/tomcat/CVE-2016-0762.yml | 34.0.1 |
| 2024-09-17T22:36:43.930565+00:00 | GitLab Importer | Affected by | VCID-8ff2-1h4t-aaaa | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.tomcat/tomcat/CVE-2016-0706.yml | 34.0.1 |
| 2024-09-17T22:36:42.764793+00:00 | GitLab Importer | Affected by | VCID-c5ge-w5qj-aaam | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.tomcat/tomcat/CVE-2015-5174.yml | 34.0.1 |
| 2024-09-17T22:36:41.608441+00:00 | GitLab Importer | Affected by | VCID-msaf-115m-aaaq | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.tomcat/tomcat/CVE-2016-6796.yml | 34.0.1 |
| 2024-09-17T22:36:35.714589+00:00 | GitLab Importer | Affected by | VCID-en12-rf3h-aaah | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.tomcat/tomcat/CVE-2015-5345.yml | 34.0.1 |
| 2024-09-17T22:36:29.062977+00:00 | GitLab Importer | Affected by | VCID-zwru-xv8h-aaae | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.tomcat/tomcat/CVE-2016-0714.yml | 34.0.1 |
| 2024-09-17T22:04:27.591950+00:00 | GHSA Importer | Affected by | VCID-c5ge-w5qj-aaam | https://github.com/advisories/GHSA-6qr6-x7jm-x2q6 | 34.0.1 |
| 2024-09-17T22:02:08.295835+00:00 | GHSA Importer | Affected by | VCID-zwru-xv8h-aaae | https://github.com/advisories/GHSA-mv42-px54-87jw | 34.0.1 |
| 2024-09-17T22:02:07.642325+00:00 | GHSA Importer | Affected by | VCID-en12-rf3h-aaah | https://github.com/advisories/GHSA-rh8q-vjgf-gf74 | 34.0.1 |
| 2024-09-17T22:02:07.003081+00:00 | GHSA Importer | Affected by | VCID-8ff2-1h4t-aaaa | https://github.com/advisories/GHSA-6vx3-hr43-cfrh | 34.0.1 |
| 2024-09-17T22:02:06.140274+00:00 | GHSA Importer | Affected by | VCID-2uwh-1pm5-aaad | https://github.com/advisories/GHSA-jrcp-c39h-r29x | 34.0.1 |
| 2024-09-17T22:02:05.057271+00:00 | GHSA Importer | Affected by | VCID-msaf-115m-aaaq | https://github.com/advisories/GHSA-3mjp-p938-4329 | 34.0.1 |
| 2024-09-17T22:02:02.649421+00:00 | GHSA Importer | Affected by | VCID-jtsq-4sgf-aaag | https://github.com/advisories/GHSA-73rx-3f9r-x949 | 34.0.1 |
| 2024-09-17T22:00:58.198451+00:00 | GHSA Importer | Affected by | VCID-bwx4-6bsd-aaaf | https://github.com/advisories/GHSA-wxcp-f2c8-x6xv | 34.0.1 |
| 2024-04-23T17:40:26.578935+00:00 | GHSA Importer | Affected by | VCID-zwru-xv8h-aaae | https://github.com/advisories/GHSA-mv42-px54-87jw | 34.0.0rc4 |
| 2024-04-23T17:40:25.897692+00:00 | GHSA Importer | Affected by | VCID-en12-rf3h-aaah | https://github.com/advisories/GHSA-rh8q-vjgf-gf74 | 34.0.0rc4 |
| 2024-04-23T17:40:24.916573+00:00 | GHSA Importer | Affected by | VCID-2uwh-1pm5-aaad | https://github.com/advisories/GHSA-jrcp-c39h-r29x | 34.0.0rc4 |
| 2024-04-23T17:40:23.745399+00:00 | GHSA Importer | Affected by | VCID-msaf-115m-aaaq | https://github.com/advisories/GHSA-3mjp-p938-4329 | 34.0.0rc4 |
| 2024-04-23T17:40:21.618310+00:00 | GHSA Importer | Affected by | VCID-jtsq-4sgf-aaag | https://github.com/advisories/GHSA-73rx-3f9r-x949 | 34.0.0rc4 |
| 2024-04-23T17:40:01.608005+00:00 | GHSA Importer | Affected by | VCID-bwx4-6bsd-aaaf | https://github.com/advisories/GHSA-wxcp-f2c8-x6xv | 34.0.0rc4 |
| 2024-01-04T02:15:40.502893+00:00 | Apache Tomcat Importer | Affected by | VCID-en12-rf3h-aaah | https://tomcat.apache.org/security-8.html | 34.0.0rc1 |
| 2024-01-04T02:15:40.447181+00:00 | Apache Tomcat Importer | Affected by | VCID-7jzs-4ayu-aaar | https://tomcat.apache.org/security-8.html | 34.0.0rc1 |
| 2024-01-04T02:15:40.401840+00:00 | Apache Tomcat Importer | Affected by | VCID-zwru-xv8h-aaae | https://tomcat.apache.org/security-8.html | 34.0.0rc1 |
| 2024-01-04T02:15:40.345931+00:00 | Apache Tomcat Importer | Affected by | VCID-8ff2-1h4t-aaaa | https://tomcat.apache.org/security-8.html | 34.0.0rc1 |
| 2024-01-04T02:15:40.301102+00:00 | Apache Tomcat Importer | Affected by | VCID-bhm9-2v2g-aaaq | https://tomcat.apache.org/security-8.html | 34.0.0rc1 |
| 2024-01-04T02:15:40.253122+00:00 | Apache Tomcat Importer | Affected by | VCID-2uwh-1pm5-aaad | https://tomcat.apache.org/security-8.html | 34.0.0rc1 |
| 2024-01-04T02:15:40.162239+00:00 | Apache Tomcat Importer | Affected by | VCID-qmjs-369r-aaar | https://tomcat.apache.org/security-8.html | 34.0.0rc1 |
| 2024-01-04T02:15:40.028839+00:00 | Apache Tomcat Importer | Affected by | VCID-bwx4-6bsd-aaaf | https://tomcat.apache.org/security-8.html | 34.0.0rc1 |
| 2024-01-04T02:15:39.894480+00:00 | Apache Tomcat Importer | Affected by | VCID-szah-tgau-aaad | https://tomcat.apache.org/security-8.html | 34.0.0rc1 |
| 2024-01-04T02:15:39.756662+00:00 | Apache Tomcat Importer | Affected by | VCID-3spb-m822-aaab | https://tomcat.apache.org/security-8.html | 34.0.0rc1 |
| 2024-01-04T02:15:39.622439+00:00 | Apache Tomcat Importer | Affected by | VCID-msaf-115m-aaaq | https://tomcat.apache.org/security-8.html | 34.0.0rc1 |
| 2024-01-04T02:15:39.488329+00:00 | Apache Tomcat Importer | Affected by | VCID-3kmg-uhrj-aaaq | https://tomcat.apache.org/security-8.html | 34.0.0rc1 |
| 2024-01-04T02:15:39.263613+00:00 | Apache Tomcat Importer | Affected by | VCID-q1t4-rzf5-aaac | https://tomcat.apache.org/security-8.html | 34.0.0rc1 |
| 2024-01-04T02:15:39.216922+00:00 | Apache Tomcat Importer | Affected by | VCID-sc5t-244h-aaas | https://tomcat.apache.org/security-8.html | 34.0.0rc1 |
| 2024-01-04T02:15:39.073890+00:00 | Apache Tomcat Importer | Affected by | VCID-p378-4jg4-aaam | https://tomcat.apache.org/security-8.html | 34.0.0rc1 |
| 2024-01-04T02:15:38.981986+00:00 | Apache Tomcat Importer | Affected by | VCID-11gb-2qp7-aaaj | https://tomcat.apache.org/security-8.html | 34.0.0rc1 |
| 2024-01-04T02:15:38.774892+00:00 | Apache Tomcat Importer | Affected by | VCID-w4q7-4d2t-aaan | https://tomcat.apache.org/security-8.html | 34.0.0rc1 |
| 2024-01-04T02:15:38.679585+00:00 | Apache Tomcat Importer | Affected by | VCID-yv8m-r56n-aaan | https://tomcat.apache.org/security-8.html | 34.0.0rc1 |
| 2024-01-04T02:15:38.533928+00:00 | Apache Tomcat Importer | Affected by | VCID-jtsq-4sgf-aaag | https://tomcat.apache.org/security-8.html | 34.0.0rc1 |
| 2024-01-04T02:15:38.422508+00:00 | Apache Tomcat Importer | Affected by | VCID-ah95-hj74-aaaq | https://tomcat.apache.org/security-8.html | 34.0.0rc1 |
| 2024-01-04T02:15:38.181087+00:00 | Apache Tomcat Importer | Affected by | VCID-d82s-fpes-aaar | https://tomcat.apache.org/security-8.html | 34.0.0rc1 |
| 2024-01-04T02:15:38.136447+00:00 | Apache Tomcat Importer | Affected by | VCID-9pu2-we8w-aaar | https://tomcat.apache.org/security-8.html | 34.0.0rc1 |
| 2024-01-04T02:15:38.037261+00:00 | Apache Tomcat Importer | Affected by | VCID-b2z1-15m4-aaac | https://tomcat.apache.org/security-8.html | 34.0.0rc1 |
| 2024-01-04T02:15:37.835232+00:00 | Apache Tomcat Importer | Affected by | VCID-cp4z-y57s-aaah | https://tomcat.apache.org/security-8.html | 34.0.0rc1 |
| 2024-01-04T02:15:37.787855+00:00 | Apache Tomcat Importer | Affected by | VCID-7c2n-n9ga-aaar | https://tomcat.apache.org/security-8.html | 34.0.0rc1 |
| 2024-01-03T17:59:59.140599+00:00 | GitLab Importer | Affected by | VCID-2uwh-1pm5-aaad | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.tomcat/tomcat/CVE-2015-5346.yml | 34.0.0rc1 |
| 2024-01-03T17:59:52.228038+00:00 | GitLab Importer | Affected by | VCID-bwx4-6bsd-aaaf | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.tomcat/tomcat/CVE-2016-0762.yml | 34.0.0rc1 |
| 2024-01-03T17:59:47.877077+00:00 | GitLab Importer | Affected by | VCID-8ff2-1h4t-aaaa | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.tomcat/tomcat/CVE-2016-0706.yml | 34.0.0rc1 |
| 2024-01-03T17:59:46.414175+00:00 | GitLab Importer | Affected by | VCID-c5ge-w5qj-aaam | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.tomcat/tomcat/CVE-2015-5174.yml | 34.0.0rc1 |
| 2024-01-03T17:59:45.420757+00:00 | GitLab Importer | Affected by | VCID-msaf-115m-aaaq | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.tomcat/tomcat/CVE-2016-6796.yml | 34.0.0rc1 |
| 2024-01-03T17:59:40.440779+00:00 | GitLab Importer | Affected by | VCID-en12-rf3h-aaah | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.tomcat/tomcat/CVE-2015-5345.yml | 34.0.0rc1 |
| 2024-01-03T17:59:34.318018+00:00 | GitLab Importer | Affected by | VCID-zwru-xv8h-aaae | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.tomcat/tomcat/CVE-2016-0714.yml | 34.0.0rc1 |
| 2024-01-03T17:39:16.814533+00:00 | GHSA Importer | Affected by | VCID-bwx4-6bsd-aaaf | https://github.com/advisories/GHSA-wxcp-f2c8-x6xv | 34.0.0rc1 |
| 2024-01-03T17:39:16.355666+00:00 | GHSA Importer | Affected by | VCID-c5ge-w5qj-aaam | https://github.com/advisories/GHSA-6qr6-x7jm-x2q6 | 34.0.0rc1 |
| 2024-01-03T17:37:00.697595+00:00 | GHSA Importer | Affected by | VCID-zwru-xv8h-aaae | https://github.com/advisories/GHSA-mv42-px54-87jw | 34.0.0rc1 |
| 2024-01-03T17:37:00.091240+00:00 | GHSA Importer | Affected by | VCID-en12-rf3h-aaah | https://github.com/advisories/GHSA-rh8q-vjgf-gf74 | 34.0.0rc1 |
| 2024-01-03T17:36:59.488928+00:00 | GHSA Importer | Affected by | VCID-8ff2-1h4t-aaaa | https://github.com/advisories/GHSA-6vx3-hr43-cfrh | 34.0.0rc1 |
| 2024-01-03T17:36:58.785205+00:00 | GHSA Importer | Affected by | VCID-2uwh-1pm5-aaad | https://github.com/advisories/GHSA-jrcp-c39h-r29x | 34.0.0rc1 |
| 2024-01-03T17:36:55.992646+00:00 | GHSA Importer | Affected by | VCID-msaf-115m-aaaq | https://github.com/advisories/GHSA-3mjp-p938-4329 | 34.0.0rc1 |
| 2024-01-03T17:36:53.371120+00:00 | GHSA Importer | Affected by | VCID-jtsq-4sgf-aaag | https://github.com/advisories/GHSA-73rx-3f9r-x949 | 34.0.0rc1 |