Search for packages
| purl | pkg:maven/tomcat/jasper-runtime@0 |
| Tags | Ghost |
| Next non-vulnerable version | None. |
| Latest non-vulnerable version | None. |
| Risk | 4.5 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-szah-tgau-aaad
Aliases: CVE-2016-5018 GHSA-4v3g-g84w-hv7r |
Improper Access Control In Apache Tomcat, a malicious web application was able to bypass a configured `SecurityManager` via a Tomcat utility method that was accessible to web applications. | There are no reported fixed by versions. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2024-09-17T22:38:38.650168+00:00 | GitLab Importer | Affected by | VCID-szah-tgau-aaad | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/tomcat/jasper-runtime/CVE-2016-5018.yml | 34.0.1 |
| 2024-01-03T18:01:21.876336+00:00 | GitLab Importer | Affected by | VCID-szah-tgau-aaad | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/tomcat/jasper-runtime/CVE-2016-5018.yml | 34.0.0rc1 |