Search for packages
| purl | pkg:maven/org.apache.tomcat/tomcat@8.0 |
| Tags | Ghost |
| Next non-vulnerable version | None. |
| Latest non-vulnerable version | None. |
| Risk | 4.5 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-jtsq-4sgf-aaag
Aliases: CVE-2017-7674 GHSA-73rx-3f9r-x949 |
Insufficient Verification of Data Authenticity The CORS Filter in Apache Tomcat does not add an HTTP Vary header indicating that the response varies depending on Origin. This permitted client and server side cache poisoning in some circumstances. |
Affected by 14 other vulnerabilities. Affected by 47 other vulnerabilities. Affected by 47 other vulnerabilities. Affected by 50 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2024-09-17T22:36:53.631044+00:00 | GitLab Importer | Affected by | VCID-jtsq-4sgf-aaag | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.tomcat/tomcat/CVE-2017-7674.yml | 34.0.1 |
| 2024-01-03T17:59:57.387860+00:00 | GitLab Importer | Affected by | VCID-jtsq-4sgf-aaag | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.tomcat/tomcat/CVE-2017-7674.yml | 34.0.0rc1 |