| CVE-2024-24549 |
Denial of Service due to improper input validation vulnerability for HTTP/2 requests in Apache Tomcat. When processing an HTTP/2 request, if the request exceeded any of the configured limits for headers, the associated HTTP/2 stream was not reset until after all of the headers had been processed.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M16, from 10.1.0-M1 through 10.1.18, from 9.0.0-M1 through 9.0.85, from 8.5.0 through 8.5.98.
Users are recommended to upgrade to version 11.0.0-M17, 10.1.19, 9.0.86 or 8.5.99 which fix the issue.
|
9.0.68,
11.0.0-M1,
11.0.0-M16,
9.0.64,
11.0.0-M13,
10.1.11,
11.0.0-M9,
11.0.0-M7
, 10.1.0-M17, 10.1.0-M8, 10.1.0-M11, 11.0.0-M10, 11.0.0-M4, 9.0.0.M1, 9.0.76, 9.0.83, 8.5.96, 9.0.62, 11.0.0-M12, 11.0.0-M11, 10.1.15, 10.1.14, 10.1.13, 10.1.12, 9.0.82, 9.0.80, 9.0.81, 9.0.79, 8.5.95, 8.5.94, 8.5.93, 8.5.92, 8.5.82, 8.5.78, 8.5.79, 8.5.76, 8.5.69, 8.5.66, 8.5.58, 8.5.54, 8.5.38, 8.5.30, 8.5.8, 8.5.24, 8.5.28, 8.5.5, 8.5.64, 8.5.11, 8.5.9, 8.5.4, 11.0.0-M3, 10.1.0-M2, 10.1.0-M12, 9.0.0.M26, 8.5.70, 10.1.0, 9.0.72, 9.0.60, 9.0.37, 9.0.30, 9.0.0.M27, 8.5.90, 8.5.45, 8.5.39, 8.5.21, 8.5.16, 8.5.2, 9.0.74, 9.0.58, 9.0.6, 8.5.87, 8.5.63, 8.5.51, 8.5.43, 8.5.19, 8.5.15, 8.5.14, 8.5.0, 9.0.20, 9.0.27, 9.0.75, 10.1.8, 11.0.0-M5, 11.0.0-M15, 10.1.18, 10.1.17, 9.0.85, 9.0.84, 8.5.98, 8.5.97, 11.0.0-M14, 10.1.16, 9.0.73, 9.0.59, 9.0.56, 9.0.54, 9.0.48, 9.0.41, 9.0.26, 9.0.21, 9.0.12, 9.0.5, 9.0.0.M22, 9.0.0.M20, 9.0.14, 8.5.86, 11.0.0-M6, 8.5.83, 10.1.6, 10.1.0-M16, 10.1.0-M5, 9.0.69, 9.0.53, 9.0.43, 9.0.13, 9.0.0.M8, 9.0.33, 9.0.35, 9.0.22, 9.0.16, 9.0.10, 9.0.8, 10.1.10, 9.0.78, 9.0.70, 9.0.29, 9.0.24, 9.0.17, 9.0.11, 9.0.1, 9.0.0.M17, 8.5.91, 8.5.85, 8.5.75, 8.5.72, 8.5.50, 8.5.23, 8.5.12, 8.5.6, 10.1.9, 8.5.89, 8.5.20, 8.5.27, 8.5.29, 8.5.31, 8.5.37, 8.5.47, 8.5.49, 8.5.53, 8.5.55, 8.5.65, 8.5.68, 9.0.55, 9.0.63, 9.0.65, 9.0.67, 9.0.71, 10.1.0-M7, 10.1.0-M14, 10.1.5, 10.1.7, 8.5.34, 8.5.35, 8.5.40, 8.5.46, 8.5.56, 8.5.57, 8.5.59, 8.5.60, 8.5.71, 8.5.73, 8.5.77, 8.5.84, 8.5.88, 9.0.0.M11, 9.0.0.M21, 9.0.0.M19, 9.0.34, 9.0.2, 9.0.4, 9.0.7, 9.0.40, 8.5.81, 9.0.0.M3, 9.0.0.M13, 9.0.0.M15, 9.0.0.M18, 9.0.31, 9.0.36, 9.0.38, 9.0.39, 9.0.44, 9.0.45, 9.0.46, 9.0.50, 9.0.52, 10.1.1, 10.1.2, 10.1.4, 10.1.0-M1, 8.5.13, 10.1.0-M10, 10.1.0-M15, 8.5.33, 8.5.42, 9.0.0.M4, 9.0.0.M10, 9.0.0.M6, 9.0.0.M9, 10.1.0-M4, 8.5.32, 8.5.41, 9.0.19, 8.5.3, 9.0.0.M25, 8.5.61, 10.1.0-M6
(Show all)
|
Patch → NO_SAFE_VERSION |
| CVE-2024-23672 |
Denial of Service via incomplete cleanup vulnerability in Apache Tomcat. It was possible for WebSocket clients to keep WebSocket connections open leading to increased resource consumption.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M16, from 10.1.0-M1 through 10.1.18, from 9.0.0-M1 through 9.0.85, from 8.5.0 through 8.5.98.
Users are recommended to upgrade to version 11.0.0-M17, 10.1.19, 9.0.86 or 8.5.99 which fix the issue.
|
9.0.68,
11.0.0-M1,
11.0.0-M16,
9.0.64,
11.0.0-M13,
10.1.11,
11.0.0-M9,
11.0.0-M7
, 10.1.0-M17, 10.1.0-M8, 10.1.0-M11, 11.0.0-M10, 11.0.0-M4, 9.0.0.M1, 9.0.76, 9.0.83, 8.5.96, 9.0.62, 11.0.0-M12, 11.0.0-M11, 10.1.15, 10.1.14, 10.1.13, 10.1.12, 9.0.82, 9.0.80, 9.0.81, 9.0.79, 8.5.95, 8.5.94, 8.5.93, 8.5.92, 8.5.82, 8.5.78, 8.5.79, 8.5.76, 8.5.69, 8.5.66, 8.5.58, 8.5.54, 8.5.38, 8.5.30, 8.5.8, 8.5.24, 8.5.28, 8.5.5, 8.5.64, 8.5.11, 8.5.9, 8.5.4, 11.0.0-M3, 10.1.0-M2, 10.1.0-M12, 9.0.0.M26, 8.5.70, 10.1.0, 9.0.72, 9.0.60, 9.0.37, 9.0.30, 9.0.0.M27, 8.5.90, 8.5.45, 8.5.39, 8.5.21, 8.5.16, 8.5.2, 9.0.74, 9.0.58, 9.0.6, 8.5.87, 8.5.63, 8.5.51, 8.5.43, 8.5.19, 8.5.15, 8.5.14, 8.5.0, 9.0.20, 9.0.27, 9.0.75, 10.1.8, 11.0.0-M5, 11.0.0-M15, 10.1.18, 10.1.17, 9.0.85, 9.0.84, 8.5.98, 8.5.97, 11.0.0-M14, 10.1.16, 9.0.73, 9.0.59, 9.0.56, 9.0.54, 9.0.48, 9.0.41, 9.0.26, 9.0.21, 9.0.12, 9.0.5, 9.0.0.M22, 9.0.0.M20, 9.0.14, 8.5.86, 11.0.0-M6, 8.5.83, 10.1.6, 10.1.0-M16, 10.1.0-M5, 9.0.69, 9.0.53, 9.0.43, 9.0.13, 9.0.0.M8, 9.0.33, 9.0.35, 9.0.22, 9.0.16, 9.0.10, 9.0.8, 10.1.10, 9.0.78, 9.0.70, 9.0.29, 9.0.24, 9.0.17, 9.0.11, 9.0.1, 9.0.0.M17, 8.5.91, 8.5.85, 8.5.75, 8.5.72, 8.5.50, 8.5.23, 8.5.12, 8.5.6, 10.1.9, 8.5.89, 8.5.20, 8.5.27, 8.5.29, 8.5.31, 8.5.37, 8.5.47, 8.5.49, 8.5.53, 8.5.55, 8.5.65, 8.5.68, 9.0.55, 9.0.63, 9.0.65, 9.0.67, 9.0.71, 10.1.0-M7, 10.1.0-M14, 10.1.5, 10.1.7, 8.5.34, 8.5.35, 8.5.40, 8.5.46, 8.5.56, 8.5.57, 8.5.59, 8.5.60, 8.5.71, 8.5.73, 8.5.77, 8.5.84, 8.5.88, 9.0.0.M11, 9.0.0.M21, 9.0.0.M19, 9.0.34, 9.0.2, 9.0.4, 9.0.7, 9.0.40, 8.5.81, 9.0.0.M3, 9.0.0.M13, 9.0.0.M15, 9.0.0.M18, 9.0.31, 9.0.36, 9.0.38, 9.0.39, 9.0.44, 9.0.45, 9.0.46, 9.0.50, 9.0.52, 10.1.1, 10.1.2, 10.1.4, 10.1.0-M1, 8.5.13, 10.1.0-M10, 10.1.0-M15, 8.5.33, 8.5.42, 9.0.0.M4, 9.0.0.M10, 9.0.0.M6, 9.0.0.M9, 10.1.0-M4, 8.5.32, 8.5.41, 9.0.19, 8.5.3, 9.0.0.M25, 8.5.61, 10.1.0-M6
(Show all)
|
Patch → NO_SAFE_VERSION |
| CVE-2024-21733 |
Generation of Error Message Containing Sensitive Information vulnerability in Apache Tomcat.This issue affects Apache Tomcat: from 8.5.7 through 8.5.63, from 9.0.0-M11 through 9.0.43.
Users are recommended to upgrade to version 8.5.64 onwards or 9.0.44 onwards, which contain a fix for the issue.
|
8.5.58,
8.5.54,
8.5.38,
8.5.30,
8.5.8,
8.5.24,
8.5.28,
8.5.11
, 8.5.9, 9.0.0.M26, 9.0.37, 9.0.30, 9.0.0.M27, 8.5.45, 8.5.39, 8.5.21, 8.5.16, 9.0.6, 8.5.63, 8.5.51, 8.5.43, 8.5.19, 8.5.15, 8.5.14, 9.0.20, 9.0.27, 9.0.41, 9.0.26, 9.0.21, 9.0.12, 9.0.5, 9.0.0.M22, 9.0.0.M20, 9.0.14, 9.0.43, 9.0.13, 9.0.33, 9.0.35, 9.0.22, 9.0.16, 9.0.10, 9.0.8, 9.0.29, 9.0.24, 9.0.17, 9.0.11, 9.0.1, 9.0.0.M17, 8.5.50, 8.5.23, 8.5.12, 8.5.20, 8.5.27, 8.5.29, 8.5.31, 8.5.37, 8.5.47, 8.5.49, 8.5.53, 8.5.55, 8.5.34, 8.5.35, 8.5.40, 8.5.46, 8.5.56, 8.5.57, 8.5.59, 8.5.60, 9.0.0.M11, 9.0.0.M21, 9.0.0.M19, 9.0.34, 9.0.2, 9.0.4, 9.0.7, 9.0.40, 9.0.0.M13, 9.0.0.M15, 9.0.0.M18, 9.0.31, 9.0.36, 9.0.38, 9.0.39, 8.5.13, 8.5.33, 8.5.42, 8.5.32, 8.5.41, 9.0.19, 9.0.0.M25, 8.5.61
(Show all)
|
Patch → NO_SAFE_VERSION |
| CVE-2023-45648 |
Improper Input Validation vulnerability in Apache Tomcat.Tomcat from 11.0.0-M1 through 11.0.0-M11, from 10.1.0-M1 through 10.1.13, from 9.0.0-M1 through 9.0.81 and from 8.5.0 through 8.5.93 did not correctly parse HTTP trailer headers. A specially
crafted, invalid trailer header could cause Tomcat to treat a single
request as multiple requests leading to the possibility of request
smuggling when behind a reverse proxy.
Users are recommended to upgrade to version 11.0.0-M12 onwards, 10.1.14 onwards, 9.0.81 onwards or 8.5.94 onwards, which fix the issue.
|
9.0.68,
11.0.0-M1,
9.0.64,
10.1.11,
11.0.0-M9,
11.0.0-M7,
10.1.0-M17,
10.1.0-M8
, 10.1.0-M11, 11.0.0-M10, 11.0.0-M4, 9.0.0.M1, 9.0.76, 9.0.62, 11.0.0-M11, 10.1.13, 10.1.12, 9.0.80, 9.0.79, 8.5.93, 8.5.92, 8.5.82, 8.5.78, 8.5.79, 8.5.76, 8.5.69, 8.5.66, 8.5.58, 8.5.54, 8.5.38, 8.5.30, 8.5.8, 8.5.24, 8.5.28, 8.5.5, 8.5.64, 8.5.11, 8.5.9, 8.5.4, 11.0.0-M3, 10.1.0-M2, 10.1.0-M12, 9.0.0.M26, 8.5.70, 10.1.0, 9.0.72, 9.0.60, 9.0.37, 9.0.30, 9.0.0.M27, 8.5.90, 8.5.45, 8.5.39, 8.5.21, 8.5.16, 8.5.2, 9.0.74, 9.0.58, 9.0.6, 8.5.87, 8.5.63, 8.5.51, 8.5.43, 8.5.19, 8.5.15, 8.5.14, 8.5.0, 9.0.20, 9.0.27, 9.0.75, 10.1.8, 11.0.0-M5, 9.0.73, 9.0.59, 9.0.56, 9.0.54, 9.0.48, 9.0.41, 9.0.26, 9.0.21, 9.0.12, 9.0.5, 9.0.0.M22, 9.0.0.M20, 9.0.14, 8.5.86, 11.0.0-M6, 8.5.83, 10.1.6, 10.1.0-M16, 10.1.0-M5, 9.0.69, 9.0.53, 9.0.43, 9.0.13, 9.0.0.M8, 9.0.33, 9.0.35, 9.0.22, 9.0.16, 9.0.10, 9.0.8, 10.1.10, 9.0.78, 9.0.70, 9.0.29, 9.0.24, 9.0.17, 9.0.11, 9.0.1, 9.0.0.M17, 8.5.91, 8.5.85, 8.5.75, 8.5.72, 8.5.50, 8.5.23, 8.5.12, 8.5.6, 10.1.9, 8.5.89, 8.5.20, 8.5.27, 8.5.29, 8.5.31, 8.5.37, 8.5.47, 8.5.49, 8.5.53, 8.5.55, 8.5.65, 8.5.68, 9.0.55, 9.0.63, 9.0.65, 9.0.67, 9.0.71, 10.1.0-M7, 10.1.0-M14, 10.1.5, 10.1.7, 8.5.34, 8.5.35, 8.5.40, 8.5.46, 8.5.56, 8.5.57, 8.5.59, 8.5.60, 8.5.71, 8.5.73, 8.5.77, 8.5.84, 8.5.88, 9.0.0.M11, 9.0.0.M21, 9.0.0.M19, 9.0.34, 9.0.2, 9.0.4, 9.0.7, 9.0.40, 8.5.81, 9.0.0.M3, 9.0.0.M13, 9.0.0.M15, 9.0.0.M18, 9.0.31, 9.0.36, 9.0.38, 9.0.39, 9.0.44, 9.0.45, 9.0.46, 9.0.50, 9.0.52, 10.1.1, 10.1.2, 10.1.4, 10.1.0-M1, 8.5.13, 10.1.0-M10, 10.1.0-M15, 8.5.33, 8.5.42, 9.0.0.M4, 9.0.0.M10, 9.0.0.M6, 9.0.0.M9, 10.1.0-M4, 8.5.32, 8.5.41, 9.0.19, 8.5.3, 9.0.0.M25, 8.5.61, 10.1.0-M6
(Show all)
|
Patch → NO_SAFE_VERSION |
| CVE-2023-44487 |
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. |
9.0.68,
11.0.0-M1,
9.0.64,
10.1.11,
11.0.0-M9,
11.0.0-M7,
10.1.0-M17,
10.1.0-M8
, 10.1.0-M11, 11.0.0-M10, 11.0.0-M4, 9.0.76, 9.0.62, 11.0.0-M11, 10.1.13, 10.1.12, 9.0.80, 9.0.79, 8.5.93, 8.5.92, 8.5.82, 8.5.78, 8.5.79, 8.5.76, 8.5.69, 8.5.66, 8.5.58, 8.5.54, 8.5.38, 8.5.30, 8.5.8, 8.5.24, 8.5.28, 8.5.5, 8.5.64, 8.5.11, 8.5.9, 8.5.4, 11.0.0-M3, 10.1.0-M2, 10.1.0-M12, 8.5.70, 10.1.0, 10.0.0, 9.0.72, 9.0.60, 9.0.37, 9.0.30, 8.5.90, 8.5.45, 8.5.39, 8.5.21, 8.5.16, 8.5.2, 10.0.4, 9.0.74, 9.0.58, 9.0.6, 8.5.87, 8.5.63, 8.5.51, 8.5.43, 8.5.19, 8.5.15, 8.5.14, 8.5.0, 9.0.20, 9.0.27, 9.0.75, 10.0.2, 10.0.5, 10.0.6, 10.0.23, 10.1.8, 11.0.0-M5, 10.0.16, 10.0.10, 9.0.73, 9.0.59, 9.0.56, 9.0.54, 9.0.48, 9.0.41, 9.0.26, 9.0.21, 9.0.12, 9.0.5, 9.0.14, 8.5.86, 11.0.0-M6, 8.5.83, 10.1.6, 10.1.0-M16, 10.1.0-M5, 10.0.26, 9.0.69, 9.0.53, 9.0.43, 9.0.13, 9.0.33, 9.0.35, 9.0.22, 9.0.16, 9.0.10, 9.0.8, 10.1.10, 9.0.78, 9.0.70, 9.0.29, 9.0.24, 9.0.17, 9.0.11, 9.0.1, 8.5.91, 8.5.85, 8.5.75, 8.5.72, 8.5.50, 8.5.23, 8.5.12, 8.5.6, 10.1.9, 10.0.27, 10.0.8, 8.5.89, 8.5.20, 8.5.27, 8.5.29, 8.5.31, 8.5.37, 8.5.47, 8.5.49, 8.5.53, 8.5.55, 8.5.65, 8.5.68, 9.0.55, 9.0.63, 9.0.65, 9.0.67, 9.0.71, 10.0.7, 10.0.13, 10.0.17, 10.0.20, 10.0.21, 10.0.22, 10.1.0-M7, 10.1.0-M14, 10.1.5, 10.1.7, 8.5.34, 8.5.35, 8.5.40, 8.5.46, 8.5.56, 8.5.57, 8.5.59, 8.5.60, 8.5.71, 8.5.73, 8.5.77, 8.5.84, 8.5.88, 9.0.34, 10.0.14, 9.0.2, 9.0.4, 9.0.7, 9.0.40, 8.5.81, 9.0.31, 9.0.36, 9.0.38, 9.0.39, 9.0.44, 9.0.45, 9.0.46, 9.0.50, 9.0.52, 10.0.18, 10.1.1, 10.1.2, 10.1.4, 10.1.0-M1, 8.5.13, 10.1.0-M10, 10.1.0-M15, 8.5.33, 8.5.42, 10.0.11, 10.1.0-M4, 8.5.32, 8.5.41, 9.0.19, 8.5.3, 8.5.61, 10.0.12, 10.1.0-M6
(Show all)
|
Patch → NO_SAFE_VERSION |
| CVE-2023-42795 |
Incomplete Cleanup vulnerability in Apache Tomcat.When recycling various internal objects in Apache Tomcat from 11.0.0-M1 through 11.0.0-M11, from 10.1.0-M1 through 10.1.13, from 9.0.0-M1 through 9.0.80 and from 8.5.0 through 8.5.93, an error could
cause Tomcat to skip some parts of the recycling process leading to
information leaking from the current request/response to the next.
Users are recommended to upgrade to version 11.0.0-M12 onwards, 10.1.14 onwards, 9.0.81 onwards or 8.5.94 onwards, which fixes the issue.
|
9.0.68,
11.0.0-M1,
9.0.64,
10.1.11,
11.0.0-M9,
11.0.0-M7,
10.1.0-M17,
10.1.0-M8
, 10.1.0-M11, 11.0.0-M10, 11.0.0-M4, 9.0.0.M1, 9.0.76, 9.0.62, 11.0.0-M11, 10.1.13, 10.1.12, 9.0.80, 9.0.79, 8.5.93, 8.5.92, 8.5.82, 8.5.78, 8.5.79, 8.5.76, 8.5.69, 8.5.66, 8.5.58, 8.5.54, 8.5.38, 8.5.30, 8.5.8, 8.5.24, 8.5.28, 8.5.5, 8.5.64, 8.5.11, 8.5.9, 8.5.4, 11.0.0-M3, 10.1.0-M2, 10.1.0-M12, 9.0.0.M26, 8.5.70, 10.1.0, 9.0.72, 9.0.60, 9.0.37, 9.0.30, 9.0.0.M27, 8.5.90, 8.5.45, 8.5.39, 8.5.21, 8.5.16, 8.5.2, 9.0.74, 9.0.58, 9.0.6, 8.5.87, 8.5.63, 8.5.51, 8.5.43, 8.5.19, 8.5.15, 8.5.14, 8.5.0, 9.0.20, 9.0.27, 9.0.75, 10.1.8, 11.0.0-M5, 9.0.73, 9.0.59, 9.0.56, 9.0.54, 9.0.48, 9.0.41, 9.0.26, 9.0.21, 9.0.12, 9.0.5, 9.0.0.M22, 9.0.0.M20, 9.0.14, 8.5.86, 11.0.0-M6, 8.5.83, 10.1.6, 10.1.0-M16, 10.1.0-M5, 9.0.69, 9.0.53, 9.0.43, 9.0.13, 9.0.0.M8, 9.0.33, 9.0.35, 9.0.22, 9.0.16, 9.0.10, 9.0.8, 10.1.10, 9.0.78, 9.0.70, 9.0.29, 9.0.24, 9.0.17, 9.0.11, 9.0.1, 9.0.0.M17, 8.5.91, 8.5.85, 8.5.75, 8.5.72, 8.5.50, 8.5.23, 8.5.12, 8.5.6, 10.1.9, 8.5.89, 8.5.20, 8.5.27, 8.5.29, 8.5.31, 8.5.37, 8.5.47, 8.5.49, 8.5.53, 8.5.55, 8.5.65, 8.5.68, 9.0.55, 9.0.63, 9.0.65, 9.0.67, 9.0.71, 10.1.0-M7, 10.1.0-M14, 10.1.5, 10.1.7, 8.5.34, 8.5.35, 8.5.40, 8.5.46, 8.5.56, 8.5.57, 8.5.59, 8.5.60, 8.5.71, 8.5.73, 8.5.77, 8.5.84, 8.5.88, 9.0.0.M11, 9.0.0.M21, 9.0.0.M19, 9.0.34, 9.0.2, 9.0.4, 9.0.7, 9.0.40, 8.5.81, 9.0.0.M3, 9.0.0.M13, 9.0.0.M15, 9.0.0.M18, 9.0.31, 9.0.36, 9.0.38, 9.0.39, 9.0.44, 9.0.45, 9.0.46, 9.0.50, 9.0.52, 10.1.1, 10.1.2, 10.1.4, 10.1.0-M1, 8.5.13, 10.1.0-M10, 10.1.0-M15, 8.5.33, 8.5.42, 9.0.0.M4, 9.0.0.M10, 9.0.0.M6, 9.0.0.M9, 10.1.0-M4, 8.5.32, 8.5.41, 9.0.19, 8.5.3, 9.0.0.M25, 8.5.61, 10.1.0-M6
(Show all)
|
Patch → NO_SAFE_VERSION |
| CVE-2023-42794 |
Incomplete Cleanup vulnerability in Apache Tomcat.
The internal fork of Commons FileUpload packaged with Apache Tomcat 9.0.70 through 9.0.80 and 8.5.85 through 8.5.93 included an unreleased,
in progress refactoring that exposed a potential denial of service on
Windows if a web application opened a stream for an uploaded file but
failed to close the stream. The file would never be deleted from disk
creating the possibility of an eventual denial of service due to the
disk being full.
Users are recommended to upgrade to version 9.0.81 onwards or 8.5.94 onwards, which fixes the issue.
|
9.0.76,
9.0.80,
9.0.79,
8.5.93,
8.5.92,
9.0.72,
8.5.90,
9.0.74
, 8.5.87, 9.0.75, 9.0.73, 8.5.86, 9.0.78, 9.0.70, 8.5.91, 8.5.85, 8.5.89, 9.0.71, 8.5.88
(Show all)
|
Patch → NO_SAFE_VERSION |
| CVE-2023-41080 |
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in FORM authentication feature Apache Tomcat.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M10, from 10.1.0-M1 through 10.0.12, from 9.0.0-M1 through 9.0.79 and from 8.5.0 through 8.5.92.
The vulnerability is limited to the ROOT (default) web application. |
9.0.68,
11.0.0-M1,
9.0.64,
10.1.11,
11.0.0-M9,
11.0.0-M7,
10.1.0-M17,
10.1.0-M8
, 10.1.0-M11, 11.0.0-M10, 11.0.0-M4, 9.0.0.M1, 9.0.76, 9.0.62, 10.1.12, 9.0.79, 8.5.92, 8.5.82, 8.5.78, 8.5.79, 8.5.76, 8.5.69, 8.5.66, 8.5.58, 8.5.54, 8.5.38, 8.5.30, 8.5.8, 8.5.24, 8.5.28, 8.5.5, 8.5.64, 8.5.11, 8.5.9, 8.5.4, 11.0.0-M3, 10.1.0-M2, 10.1.0-M12, 9.0.0.M26, 8.5.70, 10.1.0, 9.0.72, 9.0.60, 9.0.37, 9.0.30, 9.0.0.M27, 8.5.90, 8.5.45, 8.5.39, 8.5.21, 8.5.16, 8.5.2, 9.0.74, 9.0.58, 9.0.6, 8.5.87, 8.5.63, 8.5.51, 8.5.43, 8.5.19, 8.5.15, 8.5.14, 8.5.0, 9.0.20, 9.0.27, 9.0.75, 10.1.8, 11.0.0-M5, 9.0.73, 9.0.59, 9.0.56, 9.0.54, 9.0.48, 9.0.41, 9.0.26, 9.0.21, 9.0.12, 9.0.5, 9.0.0.M22, 9.0.0.M20, 9.0.14, 8.5.86, 11.0.0-M6, 8.5.83, 10.1.6, 10.1.0-M16, 10.1.0-M5, 9.0.69, 9.0.53, 9.0.43, 9.0.13, 9.0.0.M8, 9.0.33, 9.0.35, 9.0.22, 9.0.16, 9.0.10, 9.0.8, 10.1.10, 9.0.78, 9.0.70, 9.0.29, 9.0.24, 9.0.17, 9.0.11, 9.0.1, 9.0.0.M17, 8.5.91, 8.5.85, 8.5.75, 8.5.72, 8.5.50, 8.5.23, 8.5.12, 8.5.6, 10.1.9, 8.5.89, 8.5.20, 8.5.27, 8.5.29, 8.5.31, 8.5.37, 8.5.47, 8.5.49, 8.5.53, 8.5.55, 8.5.65, 8.5.68, 9.0.55, 9.0.63, 9.0.65, 9.0.67, 9.0.71, 10.1.0-M7, 10.1.0-M14, 10.1.5, 10.1.7, 8.5.34, 8.5.35, 8.5.40, 8.5.46, 8.5.56, 8.5.57, 8.5.59, 8.5.60, 8.5.71, 8.5.73, 8.5.77, 8.5.84, 8.5.88, 9.0.0.M11, 9.0.0.M21, 9.0.0.M19, 9.0.34, 9.0.2, 9.0.4, 9.0.7, 9.0.40, 8.5.81, 9.0.0.M3, 9.0.0.M13, 9.0.0.M15, 9.0.0.M18, 9.0.31, 9.0.36, 9.0.38, 9.0.39, 9.0.44, 9.0.45, 9.0.46, 9.0.50, 9.0.52, 10.1.1, 10.1.2, 10.1.4, 10.1.0-M1, 8.5.13, 10.1.0-M10, 10.1.0-M15, 8.5.33, 8.5.42, 9.0.0.M4, 9.0.0.M10, 9.0.0.M6, 9.0.0.M9, 10.1.0-M4, 8.5.32, 8.5.41, 9.0.19, 8.5.3, 9.0.0.M25, 8.5.61, 10.1.0-M6
(Show all)
|
Patch → NO_SAFE_VERSION |
| CVE-2023-34981 |
A regression in the fix for bug 66512 in Apache Tomcat 11.0.0-M5, 10.1.8, 9.0.74 and 8.5.88 meant that, if a response did not include any HTTP headers no AJP SEND_HEADERS messare woudl be sent for the response which in turn meant that at least one AJP proxy (mod_proxy_ajp) would use the response headers from the previous request leading to an information leak. |
9.0.74,
10.1.8,
11.0.0-M5,
8.5.88
|
Patch → NO_SAFE_VERSION |
| CVE-2023-28709 |
The fix for CVE-2023-24998 was incomplete for Apache Tomcat 11.0.0-M2 to 11.0.0-M4, 10.1.5 to 10.1.7, 9.0.71 to 9.0.73 and 8.5.85 to 8.5.87. If non-default HTTP connector settings were used such that the maxParameterCount could be reached using query string parameters and a request was submitted that supplied exactly maxParameterCount parameters in the query string, the limit for uploaded request parts could be bypassed with the potential for a denial of service to occur.
|
11.0.0-M4,
11.0.0-M3,
9.0.72,
8.5.87,
9.0.73,
8.5.86,
10.1.6,
8.5.85
, 9.0.71, 10.1.5, 10.1.7
(Show all)
|
Patch → NO_SAFE_VERSION |
| CVE-2023-24998 |
Apache Commons FileUpload before 1.5 does not limit the number of request parts to be processed resulting in the possibility of an attacker triggering a DoS with a malicious upload or series of uploads.
Note that, like all of the file upload limits, the
new configuration option (FileUploadBase#setFileCountMax) is not
enabled by default and must be explicitly configured.
|
9.0.68,
9.0.64,
10.1.0-M17,
10.1.0-M8,
10.1.0-M11,
11.0.0-M4,
9.0.0.M1,
9.0.62
, 11.0.0-M3, 10.1.0-M2, 10.1.0-M12, 9.0.0.M26, 10.1.0, 9.0.60, 9.0.37, 9.0.30, 9.0.0.M27, 9.0.58, 9.0.6, 8.5.87, 9.0.20, 9.0.27, 9.0.59, 9.0.56, 9.0.54, 9.0.48, 9.0.41, 9.0.26, 9.0.21, 9.0.12, 9.0.5, 9.0.0.M22, 9.0.0.M20, 9.0.14, 8.5.86, 10.1.0-M16, 10.1.0-M5, 9.0.69, 9.0.53, 9.0.43, 9.0.13, 9.0.0.M8, 9.0.33, 9.0.35, 9.0.22, 9.0.16, 9.0.10, 9.0.8, 9.0.70, 9.0.29, 9.0.24, 9.0.17, 9.0.11, 9.0.1, 9.0.0.M17, 8.5.85, 9.0.55, 9.0.63, 9.0.65, 9.0.67, 10.1.0-M7, 10.1.0-M14, 9.0.0.M11, 9.0.0.M21, 9.0.0.M19, 9.0.34, 9.0.2, 9.0.4, 9.0.7, 9.0.40, 9.0.0.M3, 9.0.0.M13, 9.0.0.M15, 9.0.0.M18, 9.0.31, 9.0.36, 9.0.38, 9.0.39, 9.0.44, 9.0.45, 9.0.46, 9.0.50, 9.0.52, 10.1.1, 10.1.2, 10.1.4, 10.1.0-M1, 10.1.0-M10, 10.1.0-M15, 9.0.0.M4, 9.0.0.M10, 9.0.0.M6, 9.0.0.M9, 10.1.0-M4, 9.0.19, 9.0.0.M25, 10.1.0-M6
(Show all)
|
Patch → NO_SAFE_VERSION |
| CVE-2022-45143 |
The JsonErrorReportValve in Apache Tomcat 8.5.83, 9.0.40 to 9.0.68 and 10.1.0-M1 to 10.1.1 did not escape the type, message or description values. In some circumstances these are constructed from user provided data and it was therefore possible for users to supply values that invalidated or manipulated the JSON output. |
9.0.68,
9.0.64,
9.0.62,
10.1.0,
9.0.60,
9.0.58,
9.0.59,
9.0.56
, 9.0.54, 9.0.48, 9.0.41, 8.5.83, 9.0.53, 9.0.43, 9.0.55, 9.0.63, 9.0.65, 9.0.67, 9.0.40, 9.0.44, 9.0.45, 9.0.46, 9.0.50, 9.0.52, 10.1.1
(Show all)
|
Patch → NO_SAFE_VERSION |
| CVE-2022-42252 |
If Apache Tomcat 8.5.0 to 8.5.82, 9.0.0-M1 to 9.0.67, 10.0.0-M1 to 10.0.26 or 10.1.0-M1 to 10.1.0 was configured to ignore invalid HTTP headers via setting rejectIllegalHeader to false (the default for 8.5.x only), Tomcat did not reject a request containing an invalid Content-Length header making a request smuggling attack possible if Tomcat was located behind a reverse proxy that also failed to reject the request with the invalid header. |
10.0.0-M1,
9.0.64,
10.1.0-M17,
10.1.0-M8,
10.1.0-M11,
9.0.0.M1,
9.0.62,
8.5.82
, 8.5.78, 8.5.79, 8.5.76, 8.5.69, 8.5.66, 8.5.58, 8.5.54, 8.5.38, 8.5.30, 8.5.8, 8.5.24, 8.5.28, 8.5.5, 8.5.64, 8.5.11, 8.5.9, 8.5.4, 10.1.0-M2, 10.1.0-M12, 9.0.0.M26, 8.5.70, 10.1.0, 10.0.0, 9.0.60, 9.0.37, 9.0.30, 9.0.0.M27, 8.5.45, 8.5.39, 8.5.21, 8.5.16, 8.5.2, 10.0.4, 9.0.58, 9.0.6, 8.5.63, 8.5.51, 8.5.43, 8.5.19, 8.5.15, 8.5.14, 8.5.0, 9.0.20, 9.0.27, 10.0.0-M7, 10.0.2, 10.0.5, 10.0.6, 10.0.23, 10.0.16, 10.0.10, 9.0.59, 9.0.56, 9.0.54, 9.0.48, 9.0.41, 9.0.26, 9.0.21, 9.0.12, 9.0.5, 9.0.0.M22, 9.0.0.M20, 9.0.14, 10.1.0-M16, 10.1.0-M5, 10.0.26, 10.0.0-M8, 9.0.53, 9.0.43, 9.0.13, 9.0.0.M8, 9.0.33, 9.0.35, 9.0.22, 9.0.16, 9.0.10, 9.0.8, 9.0.29, 9.0.24, 9.0.17, 9.0.11, 9.0.1, 9.0.0.M17, 8.5.75, 8.5.72, 8.5.50, 8.5.23, 8.5.12, 8.5.6, 10.0.8, 8.5.20, 8.5.27, 8.5.29, 8.5.31, 8.5.37, 8.5.47, 8.5.49, 8.5.55, 8.5.65, 8.5.68, 9.0.55, 9.0.63, 9.0.65, 9.0.67, 10.0.0-M3, 10.0.0-M4, 10.0.0-M6, 10.0.7, 10.0.13, 10.0.17, 10.0.20, 10.0.21, 10.0.22, 10.1.0-M7, 10.1.0-M14, 8.5.34, 8.5.35, 8.5.40, 8.5.46, 8.5.56, 8.5.57, 8.5.59, 8.5.60, 8.5.71, 8.5.73, 8.5.77, 9.0.0.M11, 9.0.0.M21, 9.0.0.M19, 9.0.34, 10.0.14, 9.0.2, 9.0.4, 9.0.7, 9.0.40, 8.5.81, 9.0.0.M3, 9.0.0.M13, 9.0.0.M15, 9.0.0.M18, 9.0.31, 9.0.36, 9.0.38, 9.0.39, 9.0.44, 9.0.45, 9.0.46, 9.0.50, 9.0.52, 10.0.18, 10.1.0-M1, 8.5.13, 10.1.0-M10, 10.1.0-M15, 8.5.33, 8.5.42, 9.0.0.M4, 9.0.0.M10, 9.0.0.M6, 9.0.0.M9, 10.0.11, 10.1.0-M4, 8.5.32, 8.5.41, 9.0.19, 8.5.3, 9.0.0.M25, 8.5.61, 10.0.0-M10, 10.0.0-M9, 10.0.0-M5, 10.0.12, 10.1.0-M6
(Show all)
|
Patch → NO_SAFE_VERSION |
| CVE-2022-34305 |
In Apache Tomcat 10.1.0-M1 to 10.1.0-M16, 10.0.0-M1 to 10.0.22, 9.0.30 to 9.0.64 and 8.5.50 to 8.5.81 the Form authentication example in the examples web application displayed user provided data without filtering, exposing a XSS vulnerability. |
10.0.0-M1,
9.0.64,
10.1.0-M8,
10.1.0-M11,
9.0.62,
8.5.78,
8.5.79,
8.5.76
, 8.5.69, 8.5.66, 8.5.58, 8.5.54, 8.5.64, 10.1.0-M2, 10.1.0-M12, 8.5.70, 10.0.0, 9.0.60, 9.0.37, 9.0.30, 10.0.4, 9.0.58, 8.5.63, 8.5.51, 10.0.0-M7, 10.0.2, 10.0.5, 10.0.6, 10.0.16, 10.0.10, 9.0.59, 9.0.56, 9.0.54, 9.0.48, 9.0.41, 10.1.0-M16, 10.1.0-M5, 10.0.0-M8, 9.0.53, 9.0.43, 9.0.33, 9.0.35, 8.5.75, 8.5.72, 8.5.50, 10.0.8, 8.5.53, 8.5.55, 8.5.65, 8.5.68, 9.0.55, 9.0.63, 10.0.0-M3, 10.0.0-M4, 10.0.0-M6, 10.0.7, 10.0.13, 10.0.17, 10.0.20, 10.0.21, 10.1.0-M7, 10.1.0-M14, 8.5.56, 8.5.57, 8.5.59, 8.5.60, 8.5.71, 8.5.73, 8.5.77, 9.0.34, 10.0.14, 9.0.40, 8.5.81, 9.0.31, 9.0.36, 9.0.38, 9.0.39, 9.0.44, 9.0.45, 9.0.46, 9.0.50, 9.0.52, 10.0.18, 10.1.0-M1, 10.1.0-M10, 10.1.0-M15, 10.0.11, 10.1.0-M4, 8.5.61, 10.0.0-M10, 10.0.0-M9, 10.0.0-M5, 10.0.12, 10.1.0-M6
(Show all)
|
Patch → NO_SAFE_VERSION |
| CVE-2022-29885 |
The documentation of Apache Tomcat 10.1.0-M1 to 10.1.0-M14, 10.0.0-M1 to 10.0.20, 9.0.13 to 9.0.62 and 8.5.38 to 8.5.78 for the EncryptInterceptor incorrectly stated it enabled Tomcat clustering to run over an untrusted network. This was not correct. While the EncryptInterceptor does provide confidentiality and integrity protection, it does not protect against all risks associated with running over any untrusted network, particularly DoS risks. |
10.0.0-M1,
10.1.0-M8,
10.1.0-M11,
9.0.62,
8.5.78,
8.5.76,
8.5.69,
8.5.66
, 8.5.58, 8.5.54, 8.5.38, 8.5.64, 10.1.0-M2, 10.1.0-M12, 8.5.70, 10.0.0, 9.0.60, 9.0.37, 9.0.30, 8.5.45, 8.5.39, 10.0.4, 9.0.58, 8.5.63, 8.5.51, 8.5.43, 9.0.20, 9.0.27, 10.0.0-M7, 10.0.2, 10.0.5, 10.0.6, 10.0.16, 10.0.10, 9.0.59, 9.0.56, 9.0.54, 9.0.48, 9.0.41, 9.0.26, 9.0.21, 9.0.14, 10.1.0-M5, 10.0.0-M8, 9.0.53, 9.0.43, 9.0.13, 9.0.33, 9.0.35, 9.0.22, 9.0.16, 9.0.29, 9.0.24, 9.0.17, 8.5.75, 8.5.72, 8.5.50, 10.0.8, 8.5.47, 8.5.49, 8.5.53, 8.5.55, 8.5.65, 8.5.68, 9.0.55, 10.0.0-M3, 10.0.0-M4, 10.0.0-M6, 10.0.7, 10.0.13, 10.0.17, 10.0.20, 10.1.0-M7, 10.1.0-M14, 8.5.40, 8.5.46, 8.5.56, 8.5.57, 8.5.59, 8.5.60, 8.5.71, 8.5.73, 8.5.77, 9.0.34, 10.0.14, 9.0.40, 9.0.31, 9.0.36, 9.0.38, 9.0.39, 9.0.44, 9.0.45, 9.0.46, 9.0.50, 9.0.52, 10.0.18, 10.1.0-M1, 10.1.0-M10, 8.5.42, 10.0.11, 10.1.0-M4, 8.5.41, 9.0.19, 8.5.61, 10.0.0-M10, 10.0.0-M9, 10.0.0-M5, 10.0.12, 10.1.0-M6
(Show all)
|
Patch → NO_SAFE_VERSION |
| CVE-2022-25762 |
If a web application sends a WebSocket message concurrently with the WebSocket connection closing when running on Apache Tomcat 8.5.0 to 8.5.75 or Apache Tomcat 9.0.0.M1 to 9.0.20, it is possible that the application will continue to use the socket after it has been closed. The error handling triggered in this case could cause the a pooled object to be placed in the pool twice. This could result in subsequent connections using the same object concurrently which could result in data being returned to the wrong use and/or other errors. |
9.0.0.M1,
8.5.69,
8.5.66,
8.5.58,
8.5.54,
8.5.38,
8.5.30,
8.5.8
, 8.5.24, 8.5.28, 8.5.5, 8.5.64, 8.5.11, 8.5.9, 8.5.4, 9.0.0.M26, 8.5.70, 9.0.0.M27, 8.5.45, 8.5.39, 8.5.21, 8.5.16, 8.5.2, 9.0.6, 8.5.63, 8.5.51, 8.5.43, 8.5.19, 8.5.15, 8.5.14, 8.5.0, 9.0.12, 9.0.5, 9.0.0.M22, 9.0.0.M20, 9.0.14, 9.0.13, 9.0.0.M8, 9.0.16, 9.0.10, 9.0.8, 9.0.17, 9.0.11, 9.0.1, 9.0.0.M17, 8.5.72, 8.5.50, 8.5.23, 8.5.12, 8.5.6, 8.5.20, 8.5.27, 8.5.29, 8.5.31, 8.5.37, 8.5.47, 8.5.49, 8.5.53, 8.5.55, 8.5.65, 8.5.68, 8.5.34, 8.5.35, 8.5.40, 8.5.46, 8.5.56, 8.5.57, 8.5.59, 8.5.60, 8.5.71, 8.5.73, 9.0.0.M11, 9.0.0.M21, 9.0.0.M19, 9.0.2, 9.0.4, 9.0.7, 9.0.0.M3, 9.0.0.M13, 9.0.0.M15, 9.0.0.M18, 8.5.13, 8.5.33, 8.5.42, 9.0.0.M4, 9.0.0.M10, 9.0.0.M6, 9.0.0.M9, 8.5.32, 8.5.41, 9.0.19, 8.5.3, 9.0.0.M25, 8.5.61
(Show all)
|
Patch → NO_SAFE_VERSION |
| CVE-2022-23181 |
The fix for bug CVE-2020-9484 introduced a time of check, time of use vulnerability into Apache Tomcat 10.1.0-M1 to 10.1.0-M8, 10.0.0-M5 to 10.0.14, 9.0.35 to 9.0.56 and 8.5.55 to 8.5.73 that allowed a local attacker to perform actions with the privileges of the user that the Tomcat process is using. This issue is only exploitable when Tomcat is configured to persist sessions using the FileStore. |
8.0.28,
8.5.69,
8.5.66,
8.5.58,
8.5.54,
8.5.38,
8.5.30,
8.5.8
, 8.5.24, 8.5.28, 8.5.5, 8.0.33, 8.0.21, 8.0.0-RC5, 7.0.104, 8.0.24, 8.0.18, 8.5.64, 8.5.11, 8.5.9, 8.5.4, 8.0.51, 8.0.23, 8.0.22, 8.0.11, 8.0.8, 7.0.81, 7.0.68, 7.0.65, 7.0.59, 7.0.47, 7.0.40, 8.5.70, 8.0.35, 8.0.37, 8.0.29, 8.0.3, 8.0.1, 10.0.0, 9.0.37, 9.0.30, 8.5.45, 8.5.39, 8.5.21, 8.0.52, 8.5.16, 7.0.86, 8.5.2, 8.0.53, 8.0.50, 8.0.47, 8.0.39, 8.0.14, 7.0.106, 7.0.99, 7.0.94, 7.0.92, 7.0.85, 7.0.53, 7.0.42, 10.0.4, 9.0.6, 8.5.63, 8.5.51, 8.5.43, 8.5.19, 8.5.15, 8.5.14, 8.5.0, 8.0.46, 8.0.43, 8.0.30, 8.0.9, 7.0.91, 7.0.57, 7.0.96, 7.0.100, 7.0.105, 7.0.107, 7.0.109, 9.0.20, 9.0.27, 10.0.2, 10.0.5, 10.0.6, 7.0.64, 7.0.55, 10.0.10, 9.0.56, 9.0.54, 9.0.48, 9.0.41, 9.0.26, 9.0.21, 9.0.12, 9.0.5, 9.0.14, 9.0.53, 9.0.43, 9.0.13, 9.0.33, 9.0.35, 9.0.22, 9.0.16, 9.0.10, 9.0.8, 9.0.29, 9.0.24, 9.0.17, 9.0.11, 9.0.1, 8.5.72, 8.5.50, 8.5.23, 8.5.12, 8.5.6, 10.0.8, 7.0.77, 7.0.50, 7.0.84, 7.0.90, 8.0.41, 8.0.45, 8.0.49, 8.5.20, 8.5.27, 8.5.29, 8.5.31, 8.5.37, 8.5.47, 8.5.49, 8.5.53, 8.5.55, 8.5.65, 8.5.68, 9.0.55, 10.0.7, 10.0.13, 8.0.12, 8.0.15, 8.0.20, 8.0.32, 8.0.38, 8.5.34, 8.5.35, 8.5.40, 8.5.46, 8.5.56, 8.5.57, 8.5.59, 8.5.60, 8.5.71, 8.5.73, 7.0.88, 9.0.34, 10.0.14, 7.0.70, 7.0.69, 7.0.62, 7.0.56, 7.0.41, 7.0.37, 9.0.2, 9.0.4, 9.0.7, 9.0.40, 9.0.31, 9.0.36, 9.0.38, 9.0.39, 9.0.44, 9.0.45, 9.0.46, 9.0.50, 9.0.52, 7.0.78, 7.0.61, 7.0.75, 7.0.63, 7.0.79, 7.0.54, 7.0.52, 7.0.108, 8.5.13, 8.5.33, 8.5.42, 8.0.44, 8.0.0-RC3, 8.0.5, 7.0.82, 8.0.17, 7.0.35, 8.0.0-RC1, 7.0.39, 8.0.0-RC10, 8.0.27, 8.0.26, 10.0.11, 7.0.76, 7.0.67, 8.5.32, 7.0.103, 8.0.42, 8.0.48, 7.0.93, 8.5.41, 9.0.19, 8.0.36, 8.5.3, 8.5.61, 10.0.12, 7.0.73, 7.0.72
(Show all)
|
Patch → NO_SAFE_VERSION |
| CVE-2021-43980 |
The simplified implementation of blocking reads and writes introduced in Tomcat 10 and back-ported to Tomcat 9.0.47 onwards exposed a long standing (but extremely hard to trigger) concurrency bug in Apache Tomcat 10.1.0 to 10.1.0-M12, 10.0.0-M1 to 10.0.18, 9.0.0-M1 to 9.0.60 and 8.5.0 to 8.5.77 that could cause client connections to share an Http11Processor instance resulting in responses, or part responses, to be received by the wrong client. |
10.0.0-M1,
10.1.0-M8,
10.1.0-M11,
9.0.0.M1,
8.5.76,
8.5.69,
8.5.66,
8.5.58
, 8.5.54, 8.5.38, 8.5.30, 8.5.8, 8.5.24, 8.5.28, 8.5.5, 8.5.64, 8.5.11, 8.5.9, 8.5.4, 10.1.0-M2, 10.1.0-M12, 9.0.0.M26, 8.5.70, 10.0.0, 9.0.60, 9.0.37, 9.0.30, 9.0.0.M27, 8.5.45, 8.5.39, 8.5.21, 8.5.16, 8.5.2, 10.0.4, 9.0.58, 9.0.6, 8.5.63, 8.5.51, 8.5.43, 8.5.19, 8.5.15, 8.5.14, 8.5.0, 9.0.20, 9.0.27, 10.0.0-M7, 10.0.2, 10.0.5, 10.0.6, 10.0.16, 10.0.10, 9.0.59, 9.0.56, 9.0.54, 9.0.48, 9.0.41, 9.0.26, 9.0.21, 9.0.12, 9.0.5, 9.0.0.M22, 9.0.0.M20, 9.0.14, 10.1.0-M5, 10.0.0-M8, 9.0.53, 9.0.43, 9.0.13, 9.0.0.M8, 9.0.33, 9.0.35, 9.0.22, 9.0.16, 9.0.10, 9.0.8, 9.0.29, 9.0.24, 9.0.17, 9.0.11, 9.0.1, 9.0.0.M17, 8.5.75, 8.5.72, 8.5.50, 8.5.23, 8.5.12, 8.5.6, 10.0.8, 8.5.20, 8.5.27, 8.5.29, 8.5.31, 8.5.37, 8.5.47, 8.5.49, 8.5.53, 8.5.55, 8.5.65, 8.5.68, 9.0.55, 10.0.0-M3, 10.0.0-M4, 10.0.0-M6, 10.0.7, 10.0.13, 10.0.17, 10.1.0-M7, 8.5.34, 8.5.35, 8.5.40, 8.5.46, 8.5.56, 8.5.57, 8.5.59, 8.5.60, 8.5.71, 8.5.73, 8.5.77, 9.0.0.M11, 9.0.0.M21, 9.0.0.M19, 9.0.34, 10.0.14, 9.0.2, 9.0.4, 9.0.7, 9.0.40, 9.0.0.M3, 9.0.0.M13, 9.0.0.M15, 9.0.0.M18, 9.0.31, 9.0.36, 9.0.38, 9.0.39, 9.0.44, 9.0.45, 9.0.46, 9.0.50, 9.0.52, 10.0.18, 10.1.0-M1, 8.5.13, 10.1.0-M10, 8.5.33, 8.5.42, 9.0.0.M4, 9.0.0.M10, 9.0.0.M6, 9.0.0.M9, 10.0.11, 10.1.0-M4, 8.5.32, 8.5.41, 9.0.19, 8.5.3, 9.0.0.M25, 8.5.61, 10.0.0-M10, 10.0.0-M9, 10.0.0-M5, 10.0.12, 10.1.0-M6
(Show all)
|
Patch → NO_SAFE_VERSION |
| CVE-2021-42340 |
The fix for bug 63362 present in Apache Tomcat 10.1.0-M1 to 10.1.0-M5, 10.0.0-M1 to 10.0.11, 9.0.40 to 9.0.53 and 8.5.60 to 8.5.71 introduced a memory leak. The object introduced to collect metrics for HTTP upgrade connections was not released for WebSocket connections once the connection was closed. This created a memory leak that, over time, could lead to a denial of service via an OutOfMemoryError. |
10.0.0-M1,
8.5.69,
8.5.66,
8.5.64,
10.1.0-M2,
8.5.70,
10.0.0,
10.0.4
, 8.5.63, 10.0.0-M7, 10.0.2, 10.0.5, 10.0.6, 10.0.10, 9.0.48, 9.0.41, 10.1.0-M5, 10.0.0-M8, 9.0.53, 9.0.43, 10.0.8, 8.5.65, 8.5.68, 10.0.0-M3, 10.0.0-M4, 10.0.0-M6, 10.0.7, 8.5.60, 8.5.71, 9.0.40, 9.0.44, 9.0.45, 9.0.46, 9.0.50, 9.0.52, 10.1.0-M1, 10.0.11, 10.1.0-M4, 8.5.61, 10.0.0-M10, 10.0.0-M9, 10.0.0-M5
(Show all)
|
Patch → NO_SAFE_VERSION |
| CVE-2021-41079 |
Apache Tomcat 8.5.0 to 8.5.63, 9.0.0-M1 to 9.0.43 and 10.0.0-M1 to 10.0.2 did not properly validate incoming TLS packets. When Tomcat was configured to use NIO+OpenSSL or NIO2+OpenSSL for TLS, a specially crafted packet could be used to trigger an infinite loop resulting in a denial of service. |
8.5.58,
8.5.54,
8.5.38,
8.5.30,
8.5.8,
8.5.24,
8.5.28,
8.5.5
, 8.5.11, 8.5.9, 8.5.4, 10.0.0, 9.0.37, 9.0.30, 8.5.45, 8.5.39, 8.5.21, 8.5.16, 8.5.2, 9.0.6, 8.5.63, 8.5.51, 8.5.43, 8.5.19, 8.5.15, 8.5.14, 8.5.0, 9.0.20, 9.0.27, 10.0.2, 9.0.41, 9.0.26, 9.0.21, 9.0.12, 9.0.5, 9.0.14, 9.0.43, 9.0.13, 9.0.33, 9.0.35, 9.0.22, 9.0.16, 9.0.10, 9.0.8, 9.0.29, 9.0.24, 9.0.17, 9.0.11, 9.0.1, 8.5.50, 8.5.23, 8.5.12, 8.5.6, 8.5.20, 8.5.27, 8.5.29, 8.5.31, 8.5.37, 8.5.47, 8.5.49, 8.5.53, 8.5.55, 8.5.34, 8.5.35, 8.5.40, 8.5.46, 8.5.56, 8.5.57, 8.5.59, 8.5.60, 9.0.34, 9.0.2, 9.0.4, 9.0.7, 9.0.40, 9.0.31, 9.0.36, 9.0.38, 9.0.39, 8.5.13, 8.5.33, 8.5.42, 8.5.32, 8.5.41, 9.0.19, 8.5.3, 8.5.61
(Show all)
|
Patch → NO_SAFE_VERSION |
| CVE-2021-33037 |
Apache Tomcat 10.0.0-M1 to 10.0.6, 9.0.0.M1 to 9.0.46 and 8.5.0 to 8.5.66 did not correctly parse the HTTP transfer-encoding request header in some circumstances leading to the possibility to request smuggling when used with a reverse proxy. Specifically: - Tomcat incorrectly ignored the transfer encoding header if the client declared it would only accept an HTTP/1.0 response; - Tomcat honoured the identify encoding; and - Tomcat did not ensure that, if present, the chunked encoding was the final encoding. |
10.0.0-M1,
9.0.0.M1,
8.5.66,
8.5.58,
8.5.54,
8.5.38,
8.5.30,
8.5.8
, 8.5.24, 8.5.28, 8.5.5, 8.5.64, 8.5.11, 8.5.9, 8.5.4, 9.0.0.M26, 10.0.0, 9.0.37, 9.0.30, 9.0.0.M27, 8.5.45, 8.5.39, 8.5.21, 8.5.16, 8.5.2, 10.0.4, 9.0.6, 8.5.63, 8.5.51, 8.5.43, 8.5.19, 8.5.15, 8.5.14, 8.5.0, 9.0.20, 9.0.27, 10.0.0-M7, 10.0.2, 10.0.5, 10.0.6, 9.0.41, 9.0.26, 9.0.21, 9.0.12, 9.0.5, 9.0.0.M22, 9.0.0.M20, 9.0.14, 10.0.0-M8, 9.0.43, 9.0.13, 9.0.0.M8, 9.0.33, 9.0.35, 9.0.22, 9.0.16, 9.0.10, 9.0.8, 9.0.29, 9.0.24, 9.0.17, 9.0.11, 9.0.1, 9.0.0.M17, 8.5.50, 8.5.23, 8.5.12, 8.5.6, 8.5.20, 8.5.27, 8.5.29, 8.5.31, 8.5.37, 8.5.47, 8.5.49, 8.5.53, 8.5.55, 8.5.65, 10.0.0-M3, 10.0.0-M4, 10.0.0-M6, 8.5.34, 8.5.35, 8.5.40, 8.5.46, 8.5.56, 8.5.57, 8.5.59, 8.5.60, 9.0.0.M11, 9.0.0.M21, 9.0.0.M19, 9.0.34, 9.0.2, 9.0.4, 9.0.7, 9.0.40, 9.0.0.M3, 9.0.0.M13, 9.0.0.M15, 9.0.0.M18, 9.0.31, 9.0.36, 9.0.38, 9.0.39, 9.0.44, 9.0.45, 9.0.46, 8.5.13, 8.5.33, 8.5.42, 9.0.0.M4, 9.0.0.M10, 9.0.0.M6, 9.0.0.M9, 8.5.32, 8.5.41, 9.0.19, 8.5.3, 9.0.0.M25, 8.5.61, 10.0.0-M10, 10.0.0-M9, 10.0.0-M5
(Show all)
|
Patch → NO_SAFE_VERSION |
| CVE-2021-30640 |
A vulnerability in the JNDI Realm of Apache Tomcat allows an attacker to authenticate using variations of a valid user name and/or to bypass some of the protection provided by the LockOut Realm. This issue affects Apache Tomcat 10.0.0-M1 to 10.0.5; 9.0.0.M1 to 9.0.45; 8.5.0 to 8.5.65. |
10.0.0-M1,
9.0.0.M1,
8.5.58,
8.5.54,
8.5.38,
8.5.30,
8.5.8,
8.5.24
, 8.5.28, 8.5.5, 8.5.64, 8.5.11, 8.5.9, 8.5.4, 9.0.0.M26, 10.0.0, 9.0.37, 9.0.30, 9.0.0.M27, 8.5.45, 8.5.39, 8.5.21, 8.5.16, 8.5.2, 10.0.4, 9.0.6, 8.5.63, 8.5.51, 8.5.43, 8.5.19, 8.5.15, 8.5.14, 8.5.0, 9.0.20, 9.0.27, 10.0.0-M7, 10.0.2, 9.0.41, 9.0.26, 9.0.21, 9.0.12, 9.0.5, 9.0.0.M22, 9.0.0.M20, 9.0.14, 10.0.0-M8, 9.0.43, 9.0.13, 9.0.0.M8, 9.0.33, 9.0.35, 9.0.22, 9.0.16, 9.0.10, 9.0.8, 9.0.29, 9.0.24, 9.0.17, 9.0.11, 9.0.1, 9.0.0.M17, 8.5.50, 8.5.23, 8.5.12, 8.5.6, 8.5.20, 8.5.27, 8.5.29, 8.5.31, 8.5.37, 8.5.47, 8.5.49, 8.5.53, 8.5.55, 10.0.0-M3, 10.0.0-M4, 10.0.0-M6, 8.5.34, 8.5.35, 8.5.40, 8.5.46, 8.5.56, 8.5.57, 8.5.59, 8.5.60, 9.0.0.M11, 9.0.0.M21, 9.0.0.M19, 9.0.34, 9.0.2, 9.0.4, 9.0.7, 9.0.40, 9.0.0.M3, 9.0.0.M13, 9.0.0.M15, 9.0.0.M18, 9.0.31, 9.0.36, 9.0.38, 9.0.39, 9.0.44, 8.5.13, 8.5.33, 8.5.42, 9.0.0.M4, 9.0.0.M10, 9.0.0.M6, 9.0.0.M9, 8.5.32, 8.5.41, 9.0.19, 8.5.3, 9.0.0.M25, 8.5.61, 10.0.0-M10, 10.0.0-M9, 10.0.0-M5
(Show all)
|
Patch → NO_SAFE_VERSION |
| CVE-2021-30639 |
A vulnerability in Apache Tomcat allows an attacker to remotely trigger a denial of service. An error introduced as part of a change to improve error handling during non-blocking I/O meant that the error flag associated with the Request object was not reset between requests. This meant that once a non-blocking I/O error occurred, all future requests handled by that request object would fail. Users were able to trigger non-blocking I/O errors, e.g. by dropping a connection, thereby creating the possibility of triggering a DoS. Applications that do not use non-blocking I/O are not exposed to this vulnerability. This issue affects Apache Tomcat 10.0.3 to 10.0.4; 9.0.44; 8.5.64. |
8.0.28,
8.5.58,
8.5.54,
8.5.38,
8.5.30,
8.5.8,
8.5.24,
8.5.28
, 8.5.5, 8.0.33, 8.0.21, 8.0.0-RC5, 7.0.104, 8.0.24, 8.0.18, 8.5.64, 8.5.11, 8.5.9, 8.5.4, 8.0.51, 8.0.23, 8.0.22, 8.0.11, 8.0.8, 7.0.81, 7.0.68, 7.0.65, 7.0.59, 7.0.47, 7.0.40, 8.0.35, 8.0.37, 8.0.29, 8.0.3, 8.0.1, 9.0.37, 9.0.30, 8.5.45, 8.5.39, 8.5.21, 8.0.52, 8.5.16, 7.0.86, 8.5.2, 8.0.53, 8.0.50, 8.0.47, 8.0.39, 8.0.14, 7.0.106, 7.0.99, 7.0.94, 7.0.92, 7.0.85, 7.0.53, 7.0.42, 10.0.4, 9.0.6, 8.5.63, 8.5.51, 8.5.43, 8.5.19, 8.5.15, 8.5.14, 8.5.0, 8.0.46, 8.0.43, 8.0.30, 8.0.9, 7.0.91, 7.0.57, 7.0.96, 7.0.100, 7.0.105, 7.0.107, 7.0.109, 9.0.20, 9.0.27, 7.0.64, 7.0.55, 9.0.41, 9.0.26, 9.0.21, 9.0.12, 9.0.5, 9.0.14, 9.0.43, 9.0.13, 9.0.33, 9.0.35, 9.0.22, 9.0.16, 9.0.10, 9.0.8, 9.0.29, 9.0.24, 9.0.17, 9.0.11, 9.0.1, 8.5.50, 8.5.23, 8.5.12, 8.5.6, 7.0.77, 7.0.50, 7.0.84, 7.0.90, 8.0.41, 8.0.45, 8.0.49, 8.5.20, 8.5.27, 8.5.29, 8.5.31, 8.5.37, 8.5.47, 8.5.49, 8.5.53, 8.5.55, 8.0.12, 8.0.15, 8.0.20, 8.0.32, 8.0.38, 8.5.34, 8.5.35, 8.5.40, 8.5.46, 8.5.56, 8.5.57, 8.5.59, 8.5.60, 7.0.88, 9.0.34, 7.0.70, 7.0.69, 7.0.62, 7.0.56, 7.0.41, 7.0.37, 9.0.2, 9.0.4, 9.0.7, 9.0.40, 9.0.31, 9.0.36, 9.0.38, 9.0.39, 9.0.44, 7.0.78, 7.0.61, 7.0.75, 7.0.63, 7.0.79, 7.0.54, 7.0.52, 7.0.108, 8.5.13, 8.5.33, 8.5.42, 8.0.44, 8.0.0-RC3, 8.0.5, 7.0.82, 8.0.17, 7.0.35, 8.0.0-RC1, 7.0.39, 8.0.0-RC10, 8.0.27, 8.0.26, 7.0.76, 7.0.67, 8.5.32, 7.0.103, 8.0.42, 8.0.48, 7.0.93, 8.5.41, 9.0.19, 8.0.36, 8.5.3, 8.5.61, 7.0.73, 7.0.72
(Show all)
|
Patch → NO_SAFE_VERSION |
| CVE-2020-8022 |
A Incorrect Default Permissions vulnerability in the packaging of tomcat on SUSE Enterprise Storage 5, SUSE Linux Enterprise Server 12-SP2-BCL, SUSE Linux Enterprise Server 12-SP2-LTSS, SUSE Linux Enterprise Server 12-SP3-BCL, SUSE Linux Enterprise Server 12-SP3-LTSS, SUSE Linux Enterprise Server 12-SP4, SUSE Linux Enterprise Server 12-SP5, SUSE Linux Enterprise Server 15-LTSS, SUSE Linux Enterprise Server for SAP 12-SP2, SUSE Linux Enterprise Server for SAP 12-SP3, SUSE Linux Enterprise Server for SAP 15, SUSE OpenStack Cloud 7, SUSE OpenStack Cloud 8, SUSE OpenStack Cloud Crowbar 8 allows local attackers to escalate from group tomcat to root. This issue affects: SUSE Enterprise Storage 5 tomcat versions prior to 8.0.53-29.32.1. SUSE Linux Enterprise Server 12-SP2-BCL tomcat versions prior to 8.0.53-29.32.1. SUSE Linux Enterprise Server 12-SP2-LTSS tomcat versions prior to 8.0.53-29.32.1. SUSE Linux Enterprise Server 12-SP3-BCL tomcat versions prior to 8.0.53-29.32.1. SUSE Linux Enterprise Server 12-SP3-LTSS tomcat versions prior to 8.0.53-29.32.1. SUSE Linux Enterprise Server 12-SP4 tomcat versions prior to 9.0.35-3.39.1. SUSE Linux Enterprise Server 12-SP5 tomcat versions prior to 9.0.35-3.39.1. SUSE Linux Enterprise Server 15-LTSS tomcat versions prior to 9.0.35-3.57.3. SUSE Linux Enterprise Server for SAP 12-SP2 tomcat versions prior to 8.0.53-29.32.1. SUSE Linux Enterprise Server for SAP 12-SP3 tomcat versions prior to 8.0.53-29.32.1. SUSE Linux Enterprise Server for SAP 15 tomcat versions prior to 9.0.35-3.57.3. SUSE OpenStack Cloud 7 tomcat versions prior to 8.0.53-29.32.1. SUSE OpenStack Cloud 8 tomcat versions prior to 8.0.53-29.32.1. SUSE OpenStack Cloud Crowbar 8 tomcat versions prior to 8.0.53-29.32.1. |
8.0.28,
8.0.33,
8.0.21,
8.0.0-RC5,
7.0.104,
8.0.24,
8.0.18,
8.0.51
, 8.0.23, 8.0.22, 8.0.11, 8.0.8, 7.0.81, 7.0.68, 7.0.65, 7.0.59, 7.0.47, 7.0.40, 8.0.35, 8.0.37, 8.0.29, 8.0.3, 8.0.1, 9.0.30, 8.0.52, 7.0.86, 8.0.50, 8.0.47, 8.0.39, 8.0.14, 7.0.106, 7.0.99, 7.0.94, 7.0.92, 7.0.85, 7.0.53, 7.0.42, 9.0.6, 8.0.46, 8.0.43, 8.0.30, 8.0.9, 7.0.91, 7.0.57, 7.0.96, 7.0.100, 7.0.105, 7.0.107, 7.0.109, 9.0.20, 9.0.27, 7.0.64, 7.0.55, 9.0.26, 9.0.21, 9.0.12, 9.0.5, 9.0.14, 9.0.13, 9.0.33, 9.0.22, 9.0.16, 9.0.10, 9.0.8, 9.0.29, 9.0.24, 9.0.17, 9.0.11, 9.0.1, 7.0.77, 7.0.50, 7.0.84, 7.0.90, 8.0.41, 8.0.45, 8.0.49, 8.0.12, 8.0.15, 8.0.20, 8.0.32, 8.0.38, 7.0.88, 9.0.34, 7.0.70, 7.0.69, 7.0.62, 7.0.56, 7.0.41, 7.0.37, 9.0.2, 9.0.4, 9.0.7, 9.0.31, 7.0.78, 7.0.61, 7.0.75, 7.0.63, 7.0.79, 7.0.54, 7.0.52, 7.0.108, 8.0.44, 8.0.0-RC3, 8.0.5, 7.0.82, 8.0.17, 7.0.35, 8.0.0-RC1, 7.0.39, 8.0.0-RC10, 8.0.27, 8.0.26, 7.0.76, 7.0.67, 7.0.103, 8.0.42, 8.0.48, 7.0.93, 9.0.19, 8.0.36, 7.0.73, 7.0.72
(Show all)
|
Patch → NO_SAFE_VERSION |
| CVE-2020-1935 |
In Apache Tomcat 9.0.0.M1 to 9.0.30, 8.5.0 to 8.5.50 and 7.0.0 to 7.0.99 the HTTP header parsing code used an approach to end-of-line parsing that allowed some invalid HTTP headers to be parsed as valid. This led to a possibility of HTTP Request Smuggling if Tomcat was located behind a reverse proxy that incorrectly handled the invalid Transfer-Encoding header in a particular manner. Such a reverse proxy is considered unlikely. |
8.0.28,
8.5.38,
8.5.30,
8.5.8,
8.5.24,
8.5.28,
8.5.5,
8.0.33
, 8.0.21, 8.0.24, 8.0.18, 8.5.11, 8.5.9, 8.5.4, 8.0.51, 8.0.23, 8.0.22, 8.0.11, 8.0.8, 7.0.81, 7.0.68, 7.0.65, 7.0.59, 7.0.47, 7.0.40, 8.0.35, 8.0.37, 8.0.29, 8.0.3, 8.0.1, 9.0.30, 8.5.45, 8.5.39, 8.5.21, 8.0.52, 8.5.16, 7.0.86, 8.5.2, 8.0.53, 8.0.50, 8.0.47, 8.0.39, 8.0.14, 7.0.99, 7.0.94, 7.0.92, 7.0.85, 7.0.53, 7.0.42, 9.0.6, 8.5.43, 8.5.19, 8.5.15, 8.5.14, 8.5.0, 8.0.46, 8.0.43, 8.0.30, 8.0.9, 7.0.91, 7.0.57, 7.0.96, 9.0.20, 9.0.27, 7.0.64, 7.0.55, 9.0.26, 9.0.21, 9.0.12, 9.0.5, 9.0.14, 9.0.13, 9.0.22, 9.0.16, 9.0.10, 9.0.8, 9.0.29, 9.0.24, 9.0.17, 9.0.11, 9.0.1, 8.5.50, 8.5.23, 8.5.12, 8.5.6, 7.0.77, 7.0.50, 7.0.84, 7.0.90, 8.0.41, 8.0.45, 8.0.49, 8.5.20, 8.5.27, 8.5.29, 8.5.31, 8.5.37, 8.5.47, 8.5.49, 8.0.12, 8.0.15, 8.0.20, 8.0.32, 8.0.38, 8.5.34, 8.5.35, 8.5.40, 8.5.46, 7.0.88, 7.0.70, 7.0.69, 7.0.62, 7.0.56, 7.0.41, 7.0.37, 9.0.2, 9.0.4, 9.0.7, 7.0.78, 7.0.61, 7.0.75, 7.0.63, 7.0.79, 7.0.54, 7.0.52, 8.5.13, 8.5.33, 8.5.42, 8.0.44, 8.0.5, 7.0.82, 8.0.17, 7.0.35, 7.0.39, 8.0.27, 8.0.26, 7.0.76, 7.0.67, 8.5.32, 8.0.42, 8.0.48, 7.0.93, 8.5.41, 9.0.19, 8.0.36, 8.5.3, 7.0.73, 7.0.72
(Show all)
|
Patch → NO_SAFE_VERSION |
| CVE-2020-17527 |
While investigating bug 64830 it was discovered that Apache Tomcat 10.0.0-M1 to 10.0.0-M9, 9.0.0-M1 to 9.0.39 and 8.5.0 to 8.5.59 could re-use an HTTP request header value from the previous stream received on an HTTP/2 connection for the request associated with the subsequent stream. While this would most likely lead to an error and the closure of the HTTP/2 connection, it is possible that information could leak between requests. |
10.0.0-M1,
9.0.0.M1,
8.5.58,
8.5.54,
8.5.38,
8.5.30,
8.5.8,
8.5.24
, 8.5.28, 8.5.5, 8.5.11, 8.5.9, 8.5.4, 9.0.0.M26, 9.0.37, 9.0.30, 9.0.0.M27, 8.5.45, 8.5.39, 8.5.21, 8.5.16, 8.5.2, 9.0.6, 8.5.51, 8.5.43, 8.5.19, 8.5.15, 8.5.14, 8.5.0, 9.0.20, 9.0.27, 10.0.0-M7, 9.0.26, 9.0.21, 9.0.12, 9.0.5, 9.0.0.M22, 9.0.0.M20, 9.0.14, 10.0.0-M8, 9.0.13, 9.0.0.M8, 9.0.33, 9.0.35, 9.0.22, 9.0.16, 9.0.10, 9.0.8, 9.0.29, 9.0.24, 9.0.17, 9.0.11, 9.0.1, 9.0.0.M17, 8.5.50, 8.5.23, 8.5.12, 8.5.6, 8.5.20, 8.5.27, 8.5.29, 8.5.31, 8.5.37, 8.5.47, 8.5.49, 8.5.53, 8.5.55, 10.0.0-M3, 10.0.0-M4, 10.0.0-M6, 8.5.34, 8.5.35, 8.5.40, 8.5.46, 8.5.56, 8.5.57, 9.0.0.M11, 9.0.0.M21, 9.0.0.M19, 9.0.34, 9.0.2, 9.0.4, 9.0.7, 9.0.0.M3, 9.0.0.M13, 9.0.0.M15, 9.0.0.M18, 9.0.31, 9.0.36, 9.0.38, 8.5.13, 8.5.33, 8.5.42, 9.0.0.M4, 9.0.0.M10, 9.0.0.M6, 9.0.0.M9, 8.5.32, 8.5.41, 9.0.19, 8.5.3, 9.0.0.M25, 10.0.0-M5
(Show all)
|
Patch → NO_SAFE_VERSION |
| CVE-2020-13943 |
If an HTTP/2 client connecting to Apache Tomcat 10.0.0-M1 to 10.0.0-M7, 9.0.0.M1 to 9.0.37 or 8.5.0 to 8.5.57 exceeded the agreed maximum number of concurrent streams for a connection (in violation of the HTTP/2 protocol), it was possible that a subsequent request made on that connection could contain HTTP headers - including HTTP/2 pseudo headers - from a previous request rather than the intended headers. This could lead to users seeing responses for unexpected resources. |
10.0.0-M1,
9.0.0.M1,
8.5.54,
8.5.38,
8.5.30,
8.5.8,
8.5.24,
8.5.28
, 8.5.5, 8.5.11, 8.5.9, 8.5.4, 9.0.0.M26, 9.0.30, 9.0.0.M27, 8.5.45, 8.5.39, 8.5.21, 8.5.16, 8.5.2, 9.0.6, 8.5.51, 8.5.43, 8.5.19, 8.5.15, 8.5.14, 8.5.0, 9.0.20, 9.0.27, 9.0.26, 9.0.21, 9.0.12, 9.0.5, 9.0.0.M22, 9.0.0.M20, 9.0.14, 9.0.13, 9.0.0.M8, 9.0.33, 9.0.35, 9.0.22, 9.0.16, 9.0.10, 9.0.8, 9.0.29, 9.0.24, 9.0.17, 9.0.11, 9.0.1, 9.0.0.M17, 8.5.50, 8.5.23, 8.5.12, 8.5.6, 8.5.20, 8.5.27, 8.5.29, 8.5.31, 8.5.37, 8.5.47, 8.5.49, 8.5.53, 8.5.55, 10.0.0-M3, 10.0.0-M4, 10.0.0-M6, 8.5.34, 8.5.35, 8.5.40, 8.5.46, 8.5.56, 9.0.0.M11, 9.0.0.M21, 9.0.0.M19, 9.0.34, 9.0.2, 9.0.4, 9.0.7, 9.0.0.M3, 9.0.0.M13, 9.0.0.M15, 9.0.0.M18, 9.0.31, 9.0.36, 8.5.13, 8.5.33, 8.5.42, 9.0.0.M4, 9.0.0.M10, 9.0.0.M6, 9.0.0.M9, 8.5.32, 8.5.41, 9.0.19, 8.5.3, 9.0.0.M25, 10.0.0-M5
(Show all)
|
Patch → NO_SAFE_VERSION |
| CVE-2020-13935 |
The payload length in a WebSocket frame was not correctly validated in Apache Tomcat 10.0.0-M1 to 10.0.0-M6, 9.0.0.M1 to 9.0.36, 8.5.0 to 8.5.56 and 7.0.27 to 7.0.104. Invalid payload lengths could trigger an infinite loop. Multiple requests with invalid payload lengths could lead to a denial of service. |
10.0.0-M1,
9.0.0.M1,
8.5.54,
8.5.38,
8.5.30,
8.5.8,
8.5.24,
8.5.28
, 8.5.5, 8.5.11, 8.5.9, 8.5.4, 7.0.81, 7.0.68, 7.0.65, 7.0.59, 7.0.47, 7.0.40, 9.0.0.M26, 9.0.30, 9.0.0.M27, 8.5.45, 8.5.39, 8.5.21, 8.5.16, 7.0.86, 8.5.2, 7.0.99, 7.0.94, 7.0.92, 7.0.85, 7.0.53, 7.0.42, 9.0.6, 8.5.51, 8.5.43, 8.5.19, 8.5.15, 8.5.14, 8.5.0, 7.0.91, 7.0.57, 7.0.96, 7.0.100, 9.0.20, 9.0.27, 7.0.64, 7.0.55, 9.0.26, 9.0.21, 9.0.12, 9.0.5, 9.0.0.M22, 9.0.0.M20, 9.0.14, 9.0.13, 9.0.0.M8, 9.0.33, 9.0.35, 9.0.22, 9.0.16, 9.0.10, 9.0.8, 9.0.29, 9.0.24, 9.0.17, 9.0.11, 9.0.1, 9.0.0.M17, 8.5.50, 8.5.23, 8.5.12, 8.5.6, 7.0.77, 7.0.50, 7.0.84, 7.0.90, 8.5.20, 8.5.27, 8.5.29, 8.5.31, 8.5.37, 8.5.47, 8.5.49, 8.5.53, 8.5.55, 10.0.0-M3, 10.0.0-M4, 8.5.34, 8.5.35, 8.5.40, 8.5.46, 9.0.0.M11, 9.0.0.M21, 7.0.88, 9.0.0.M19, 9.0.34, 7.0.70, 7.0.69, 7.0.62, 7.0.56, 7.0.41, 7.0.37, 9.0.2, 9.0.4, 9.0.7, 9.0.0.M3, 9.0.0.M13, 9.0.0.M15, 9.0.0.M18, 9.0.31, 7.0.78, 7.0.61, 7.0.75, 7.0.63, 7.0.79, 7.0.54, 7.0.52, 8.5.13, 8.5.33, 8.5.42, 9.0.0.M4, 7.0.82, 9.0.0.M10, 9.0.0.M6, 9.0.0.M9, 7.0.35, 7.0.39, 7.0.76, 7.0.67, 8.5.32, 7.0.103, 7.0.93, 8.5.41, 9.0.19, 8.5.3, 9.0.0.M25, 10.0.0-M5, 7.0.73, 7.0.72
(Show all)
|
Patch → NO_SAFE_VERSION |
| CVE-2020-13934 |
An h2c direct connection to Apache Tomcat 10.0.0-M1 to 10.0.0-M6, 9.0.0.M5 to 9.0.36 and 8.5.1 to 8.5.56 did not release the HTTP/1.1 processor after the upgrade to HTTP/2. If a sufficient number of such requests were made, an OutOfMemoryException could occur leading to a denial of service. |
10.0.0-M1,
8.5.54,
8.5.38,
8.5.30,
8.5.8,
8.5.24,
8.5.28,
8.5.5
, 8.5.11, 8.5.9, 8.5.4, 9.0.0.M26, 9.0.30, 9.0.0.M27, 8.5.45, 8.5.39, 8.5.21, 8.5.16, 8.5.2, 9.0.6, 8.5.51, 8.5.43, 8.5.19, 8.5.15, 8.5.14, 9.0.20, 9.0.27, 9.0.26, 9.0.21, 9.0.12, 9.0.5, 9.0.0.M22, 9.0.0.M20, 9.0.14, 9.0.13, 9.0.0.M8, 9.0.33, 9.0.35, 9.0.22, 9.0.16, 9.0.10, 9.0.8, 9.0.29, 9.0.24, 9.0.17, 9.0.11, 9.0.1, 9.0.0.M17, 8.5.50, 8.5.23, 8.5.12, 8.5.6, 8.5.20, 8.5.27, 8.5.29, 8.5.31, 8.5.37, 8.5.47, 8.5.49, 8.5.53, 8.5.55, 10.0.0-M3, 10.0.0-M4, 8.5.34, 8.5.35, 8.5.40, 8.5.46, 9.0.0.M11, 9.0.0.M21, 9.0.0.M19, 9.0.34, 9.0.2, 9.0.4, 9.0.7, 9.0.0.M13, 9.0.0.M15, 9.0.0.M18, 9.0.31, 8.5.13, 8.5.33, 8.5.42, 9.0.0.M10, 9.0.0.M6, 9.0.0.M9, 8.5.32, 8.5.41, 9.0.19, 8.5.3, 9.0.0.M25, 10.0.0-M5
(Show all)
|
Patch → NO_SAFE_VERSION |
| CVE-2020-11996 |
A specially crafted sequence of HTTP/2 requests sent to Apache Tomcat 10.0.0-M1 to 10.0.0-M5, 9.0.0.M1 to 9.0.35 and 8.5.0 to 8.5.55 could trigger high CPU usage for several seconds. If a sufficient number of such requests were made on concurrent HTTP/2 connections, the server could become unresponsive. |
10.0.0-M1,
9.0.0.M1,
8.5.54,
8.5.38,
8.5.30,
8.5.8,
8.5.24,
8.5.28
, 8.5.5, 8.5.11, 8.5.9, 8.5.4, 9.0.0.M26, 9.0.30, 9.0.0.M27, 8.5.45, 8.5.39, 8.5.21, 8.5.16, 8.5.2, 9.0.6, 8.5.51, 8.5.43, 8.5.19, 8.5.15, 8.5.14, 8.5.0, 9.0.20, 9.0.27, 9.0.26, 9.0.21, 9.0.12, 9.0.5, 9.0.0.M22, 9.0.0.M20, 9.0.14, 9.0.13, 9.0.0.M8, 9.0.33, 9.0.22, 9.0.16, 9.0.10, 9.0.8, 9.0.29, 9.0.24, 9.0.17, 9.0.11, 9.0.1, 9.0.0.M17, 8.5.50, 8.5.23, 8.5.12, 8.5.6, 8.5.20, 8.5.27, 8.5.29, 8.5.31, 8.5.37, 8.5.47, 8.5.49, 8.5.53, 10.0.0-M3, 10.0.0-M4, 8.5.34, 8.5.35, 8.5.40, 8.5.46, 9.0.0.M11, 9.0.0.M21, 9.0.0.M19, 9.0.34, 9.0.2, 9.0.4, 9.0.7, 9.0.0.M3, 9.0.0.M13, 9.0.0.M15, 9.0.0.M18, 9.0.31, 8.5.13, 8.5.33, 8.5.42, 9.0.0.M4, 9.0.0.M10, 9.0.0.M6, 9.0.0.M9, 8.5.32, 8.5.41, 9.0.19, 8.5.3, 9.0.0.M25
(Show all)
|
Patch → NO_SAFE_VERSION |
| CVE-2019-17569 |
The refactoring present in Apache Tomcat 9.0.28 to 9.0.30, 8.5.48 to 8.5.50 and 7.0.98 to 7.0.99 introduced a regression. The result of the regression was that invalid Transfer-Encoding headers were incorrectly processed leading to a possibility of HTTP Request Smuggling if Tomcat was located behind a reverse proxy that incorrectly handled the invalid Transfer-Encoding header in a particular manner. Such a reverse proxy is considered unlikely. |
9.0.30,
7.0.99,
9.0.29,
8.5.50,
8.5.49
|
Patch → NO_SAFE_VERSION |
| CVE-2017-7675 |
The HTTP/2 implementation in Apache Tomcat 9.0.0.M1 to 9.0.0.M21 and 8.5.0 to 8.5.15 bypassed a number of security checks that prevented directory traversal attacks. It was therefore possible to bypass security constraints using a specially crafted URL. |
9.0.0.M1,
8.5.8,
8.5.5,
8.5.11,
8.5.9,
8.5.4,
8.5.2,
8.5.15
, 8.5.14, 8.5.0, 9.0.0.M20, 9.0.0.M8, 9.0.0.M17, 8.5.12, 8.5.6, 9.0.0.M11, 9.0.0.M21, 9.0.0.M19, 9.0.0.M3, 9.0.0.M13, 9.0.0.M15, 9.0.0.M18, 8.5.13, 9.0.0.M4, 9.0.0.M10, 9.0.0.M6, 9.0.0.M9, 8.5.3
(Show all)
|
Patch → NO_SAFE_VERSION |
| CVE-2017-7674 |
The CORS Filter in Apache Tomcat 9.0.0.M1 to 9.0.0.M21, 8.5.0 to 8.5.15, 8.0.0.RC1 to 8.0.44 and 7.0.41 to 7.0.78 did not add an HTTP Vary header indicating that the response varies depending on Origin. This permitted client and server side cache poisoning in some circumstances. |
8.0.28,
9.0.0.M1,
8.5.8,
8.5.5,
8.0.33,
8.0.21,
8.0.0-RC5,
8.0.24
, 8.0.18, 8.5.11, 8.5.9, 8.5.4, 8.0.23, 8.0.22, 8.0.11, 8.0.8, 7.0.68, 7.0.65, 7.0.59, 7.0.47, 8.0.35, 8.0.37, 8.0.29, 8.0.3, 8.0.1, 8.5.2, 8.0.39, 8.0.14, 7.0.53, 7.0.42, 8.5.15, 8.5.14, 8.5.0, 8.0.43, 8.0.30, 8.0.9, 7.0.57, 7.0.64, 7.0.55, 9.0.0.M20, 9.0.0.M8, 9.0.0.M17, 8.5.12, 8.5.6, 7.0.77, 7.0.50, 8.0.41, 8.0.12, 8.0.15, 8.0.20, 8.0.32, 8.0.38, 9.0.0.M11, 9.0.0.M21, 9.0.0.M19, 7.0.70, 7.0.69, 7.0.62, 7.0.56, 7.0.41, 9.0.0.M3, 9.0.0.M13, 9.0.0.M15, 9.0.0.M18, 7.0.78, 7.0.61, 7.0.75, 7.0.63, 7.0.54, 7.0.52, 8.5.13, 9.0.0.M4, 8.0.44, 8.0.0-RC3, 8.0.5, 8.0.17, 9.0.0.M10, 9.0.0.M6, 9.0.0.M9, 8.0.0-RC1, 8.0.0-RC10, 8.0.27, 8.0.26, 7.0.76, 7.0.67, 8.0.42, 8.0.36, 8.5.3, 7.0.73, 7.0.72
(Show all)
|
Patch → NO_SAFE_VERSION |
| CVE-2017-5664 |
The error page mechanism of the Java Servlet Specification requires that, when an error occurs and an error page is configured for the error that occurred, the original request and response are forwarded to the error page. This means that the request is presented to the error page with the original HTTP method. If the error page is a static file, expected behaviour is to serve content of the file as if processing a GET request, regardless of the actual HTTP method. The Default Servlet in Apache Tomcat 9.0.0.M1 to 9.0.0.M20, 8.5.0 to 8.5.14, 8.0.0.RC1 to 8.0.43 and 7.0.0 to 7.0.77 did not do this. Depending on the original request this could lead to unexpected and undesirable results for static error pages including, if the DefaultServlet is configured to permit writes, the replacement or removal of the custom error page. Notes for other user provided error pages: (1) Unless explicitly coded otherwise, JSPs ignore the HTTP method. JSPs used as error pages must must ensure that they handle any error dispatch as a GET request, regardless of the actual method. (2) By default, the response generated by a Servlet does depend on the HTTP method. Custom Servlets used as error pages must ensure that they handle any error dispatch as a GET request, regardless of the actual method. |
8.0.28,
9.0.0.M1,
8.5.8,
8.5.5,
8.0.33,
8.0.21,
8.0.24,
8.0.18
, 8.5.11, 8.5.9, 8.5.4, 8.0.23, 8.0.22, 8.0.11, 8.0.8, 7.0.68, 7.0.65, 7.0.59, 7.0.47, 7.0.40, 8.0.35, 8.0.37, 8.0.29, 8.0.3, 8.0.1, 8.5.2, 8.0.39, 8.0.14, 7.0.53, 7.0.42, 8.5.14, 8.5.0, 8.0.43, 8.0.30, 8.0.9, 7.0.57, 7.0.64, 7.0.55, 9.0.0.M20, 9.0.0.M8, 9.0.0.M17, 8.5.12, 8.5.6, 7.0.77, 7.0.50, 8.0.41, 8.0.12, 8.0.15, 8.0.20, 8.0.32, 8.0.38, 9.0.0.M11, 9.0.0.M19, 7.0.70, 7.0.69, 7.0.62, 7.0.56, 7.0.41, 7.0.37, 9.0.0.M3, 9.0.0.M13, 9.0.0.M15, 9.0.0.M18, 7.0.61, 7.0.75, 7.0.63, 7.0.54, 7.0.52, 8.5.13, 9.0.0.M4, 8.0.5, 8.0.17, 9.0.0.M10, 9.0.0.M6, 9.0.0.M9, 7.0.35, 7.0.39, 8.0.27, 8.0.26, 7.0.76, 7.0.67, 8.0.42, 8.0.36, 8.5.3, 7.0.73, 7.0.72
(Show all)
|
Patch → NO_SAFE_VERSION |
| CVE-2017-5651 |
In Apache Tomcat 9.0.0.M1 to 9.0.0.M18 and 8.5.0 to 8.5.12, the refactoring of the HTTP connectors introduced a regression in the send file processing. If the send file processing completed quickly, it was possible for the Processor to be added to the processor cache twice. This could result in the same Processor being used for multiple requests which in turn could lead to unexpected errors and/or response mix-up. |
9.0.0.M1,
8.5.8,
8.5.5,
8.5.11,
8.5.9,
8.5.4,
8.5.2,
8.5.0
, 9.0.0.M8, 9.0.0.M17, 8.5.12, 8.5.6, 9.0.0.M11, 9.0.0.M3, 9.0.0.M13, 9.0.0.M15, 9.0.0.M18, 9.0.0.M4, 9.0.0.M10, 9.0.0.M6, 9.0.0.M9, 8.5.3
(Show all)
|
Patch → NO_SAFE_VERSION |
| CVE-2017-5650 |
In Apache Tomcat 9.0.0.M1 to 9.0.0.M18 and 8.5.0 to 8.5.12, the handling of an HTTP/2 GOAWAY frame for a connection did not close streams associated with that connection that were currently waiting for a WINDOW_UPDATE before allowing the application to write more data. These waiting streams each consumed a thread. A malicious client could therefore construct a series of HTTP/2 requests that would consume all available processing threads. |
9.0.0.M1,
8.5.8,
8.5.5,
8.5.11,
8.5.9,
8.5.4,
8.5.2,
8.5.0
, 9.0.0.M8, 9.0.0.M17, 8.5.12, 8.5.6, 9.0.0.M11, 9.0.0.M3, 9.0.0.M13, 9.0.0.M15, 9.0.0.M18, 9.0.0.M4, 9.0.0.M10, 9.0.0.M6, 9.0.0.M9, 8.5.3
(Show all)
|
Patch → NO_SAFE_VERSION |
| CVE-2017-5648 |
While investigating bug 60718, it was noticed that some calls to application listeners in Apache Tomcat 9.0.0.M1 to 9.0.0.M17, 8.5.0 to 8.5.11, 8.0.0.RC1 to 8.0.41, and 7.0.0 to 7.0.75 did not use the appropriate facade object. When running an untrusted application under a SecurityManager, it was therefore possible for that untrusted application to retain a reference to the request or response object and thereby access and/or modify information associated with another web application. |
8.0.28,
9.0.0.M1,
8.5.8,
8.5.5,
8.0.33,
8.0.21,
8.0.24,
8.0.18
, 8.5.11, 8.5.9, 8.5.4, 8.0.23, 8.0.22, 8.0.11, 8.0.8, 7.0.68, 7.0.65, 7.0.59, 7.0.47, 7.0.40, 8.0.35, 8.0.37, 8.0.29, 8.0.3, 8.0.1, 8.5.2, 8.0.39, 8.0.14, 7.0.53, 7.0.42, 8.5.0, 8.0.30, 8.0.9, 7.0.57, 7.0.64, 7.0.55, 9.0.0.M8, 9.0.0.M17, 8.5.12, 8.5.6, 7.0.50, 8.0.41, 8.0.12, 8.0.15, 8.0.20, 8.0.32, 8.0.38, 9.0.0.M11, 7.0.70, 7.0.69, 7.0.62, 7.0.56, 7.0.41, 7.0.37, 9.0.0.M3, 9.0.0.M13, 9.0.0.M15, 7.0.61, 7.0.75, 7.0.63, 7.0.54, 7.0.52, 9.0.0.M4, 8.0.5, 8.0.17, 9.0.0.M10, 9.0.0.M6, 9.0.0.M9, 7.0.35, 7.0.39, 8.0.27, 8.0.26, 7.0.67, 8.0.36, 8.5.3, 7.0.73, 7.0.72
(Show all)
|
Patch → NO_SAFE_VERSION |
| CVE-2017-5647 |
A bug in the handling of the pipelined requests in Apache Tomcat 9.0.0.M1 to 9.0.0.M18, 8.5.0 to 8.5.12, 8.0.0.RC1 to 8.0.42, 7.0.0 to 7.0.76, and 6.0.0 to 6.0.52, when send file was used, results in the pipelined request being lost when send file processing of the previous request completed. This could result in responses appearing to be sent for the wrong request. For example, a user agent that sent requests A, B and C could see the correct response for request A, the response for request C for request B and no response for request C. |
8.0.28,
9.0.0.M1,
8.5.8,
8.5.5,
8.0.33,
8.0.21,
8.0.24,
8.0.18
, 8.5.11, 8.5.9, 8.5.4, 8.0.51, 8.0.23, 8.0.22, 8.0.11, 8.0.8, 7.0.68, 7.0.65, 7.0.59, 7.0.47, 7.0.40, 8.0.35, 8.0.37, 8.0.29, 8.0.3, 8.0.1, 8.0.52, 8.5.2, 8.0.53, 8.0.50, 8.0.47, 8.0.39, 8.0.14, 7.0.53, 7.0.42, 8.5.0, 8.0.46, 8.0.43, 8.0.30, 8.0.9, 7.0.57, 7.0.64, 7.0.55, 9.0.0.M8, 9.0.0.M17, 8.5.12, 8.5.6, 7.0.50, 8.0.41, 8.0.45, 8.0.49, 8.0.12, 8.0.15, 8.0.20, 8.0.32, 8.0.38, 9.0.0.M11, 7.0.70, 7.0.69, 7.0.62, 7.0.56, 7.0.41, 7.0.37, 9.0.0.M3, 9.0.0.M13, 9.0.0.M15, 9.0.0.M18, 7.0.61, 7.0.75, 7.0.63, 7.0.54, 7.0.52, 9.0.0.M4, 8.0.44, 8.0.5, 8.0.17, 9.0.0.M10, 9.0.0.M6, 9.0.0.M9, 7.0.35, 7.0.39, 8.0.27, 8.0.26, 7.0.76, 7.0.67, 8.0.48, 8.0.36, 8.5.3, 7.0.73, 7.0.72
(Show all)
|
Patch → NO_SAFE_VERSION |
| CVE-2017-15706 |
As part of the fix for bug 61201, the documentation for Apache Tomcat 9.0.0.M22 to 9.0.1, 8.5.16 to 8.5.23, 8.0.45 to 8.0.47 and 7.0.79 to 7.0.82 included an updated description of the search algorithm used by the CGI Servlet to identify which script to execute. The update was not correct. As a result, some scripts may have failed to execute as expected and other scripts may have been executed unexpectedly. Note that the behaviour of the CGI servlet has remained unchanged in this regard. It is only the documentation of the behaviour that was wrong and has been corrected. |
7.0.81,
9.0.0.M26,
9.0.0.M27,
8.5.21,
8.5.16,
8.0.47,
8.5.19,
8.0.46
, 9.0.0.M22, 9.0.1, 8.5.23, 8.0.45, 8.5.20, 7.0.79, 7.0.82, 9.0.0.M25
(Show all)
|
Patch → NO_SAFE_VERSION |
| CVE-2017-12617 |
When running Apache Tomcat versions 9.0.0.M1 to 9.0.0, 8.5.0 to 8.5.22, 8.0.0.RC1 to 8.0.46 and 7.0.0 to 7.0.81 with HTTP PUTs enabled (e.g. via setting the readonly initialisation parameter of the Default servlet to false) it was possible to upload a JSP file to the server via a specially crafted request. This JSP could then be requested and any code it contained would be executed by the server. |
8.0.28,
9.0.0.M1,
8.5.8,
8.5.5,
8.0.33,
8.0.21,
8.0.0-RC5,
8.0.24
, 8.0.18, 8.5.11, 8.5.9, 8.5.4, 8.0.23, 8.0.22, 8.0.11, 8.0.8, 7.0.81, 7.0.68, 7.0.65, 7.0.59, 7.0.47, 7.0.40, 9.0.0.M26, 8.0.35, 8.0.37, 8.0.29, 8.0.3, 8.0.1, 9.0.0.M27, 8.5.21, 8.5.16, 8.5.2, 8.0.39, 8.0.14, 7.0.53, 7.0.42, 8.5.19, 8.5.15, 8.5.14, 8.5.0, 8.0.46, 8.0.43, 8.0.30, 8.0.9, 7.0.57, 7.0.64, 7.0.55, 9.0.0.M22, 9.0.0.M20, 9.0.0.M8, 9.0.0.M17, 8.5.12, 8.5.6, 7.0.77, 7.0.50, 8.0.41, 8.0.45, 8.5.20, 8.0.12, 8.0.15, 8.0.20, 8.0.32, 8.0.38, 9.0.0.M11, 9.0.0.M21, 9.0.0.M19, 7.0.70, 7.0.69, 7.0.62, 7.0.56, 7.0.41, 7.0.37, 9.0.0.M3, 9.0.0.M13, 9.0.0.M15, 9.0.0.M18, 7.0.78, 7.0.61, 7.0.75, 7.0.63, 7.0.79, 7.0.54, 7.0.52, 8.5.13, 9.0.0.M4, 8.0.44, 8.0.0-RC3, 8.0.5, 8.0.17, 9.0.0.M10, 9.0.0.M6, 9.0.0.M9, 7.0.35, 8.0.0-RC1, 7.0.39, 8.0.0-RC10, 8.0.27, 8.0.26, 7.0.76, 7.0.67, 8.0.42, 8.0.36, 8.5.3, 9.0.0.M25, 7.0.73, 7.0.72
(Show all)
|
Patch → NO_SAFE_VERSION |
| CVE-2016-8747 |
An information disclosure issue was discovered in Apache Tomcat 8.5.7 to 8.5.9 and 9.0.0.M11 to 9.0.0.M15 in reverse-proxy configurations. Http11InputBuffer.java allows remote attackers to read data that was intended to be associated with a different request. |
8.5.8,
8.5.9,
9.0.0.M11,
9.0.0.M13,
9.0.0.M15
|
Patch → NO_SAFE_VERSION |
| CVE-2016-8745 |
A bug in the error handling of the send file code for the NIO HTTP connector in Apache Tomcat 9.0.0.M1 to 9.0.0.M13, 8.5.0 to 8.5.8, 8.0.0.RC1 to 8.0.39, 7.0.0 to 7.0.73 and 6.0.16 to 6.0.48 resulted in the current Processor object being added to the Processor cache multiple times. This in turn meant that the same Processor could be used for concurrent requests. Sharing a Processor can result in information leakage between requests including, not not limited to, session ID and the response body. The bug was first noticed in 8.5.x onwards where it appears the refactoring of the Connector code for 8.5.x onwards made it more likely that the bug was observed. Initially it was thought that the 8.5.x refactoring introduced the bug but further investigation has shown that the bug is present in all currently supported Tomcat versions. |
8.0.28,
9.0.0.M1,
8.5.8,
8.5.5,
8.0.33,
8.0.21,
8.0.0-RC5,
8.0.24
, 8.0.18, 8.5.4, 8.0.23, 8.0.22, 8.0.11, 8.0.8, 7.0.68, 7.0.65, 7.0.59, 7.0.47, 7.0.40, 8.0.35, 8.0.37, 8.0.29, 8.0.3, 8.0.1, 8.5.2, 8.0.39, 8.0.14, 7.0.53, 7.0.42, 8.5.0, 8.0.30, 8.0.9, 7.0.57, 7.0.64, 7.0.55, 9.0.0.M8, 8.5.6, 7.0.50, 8.0.12, 8.0.15, 8.0.20, 8.0.32, 8.0.38, 9.0.0.M11, 7.0.70, 7.0.69, 7.0.62, 7.0.56, 7.0.41, 7.0.37, 9.0.0.M3, 9.0.0.M13, 7.0.61, 7.0.63, 7.0.54, 7.0.52, 9.0.0.M4, 8.0.0-RC3, 8.0.5, 8.0.17, 9.0.0.M10, 9.0.0.M6, 9.0.0.M9, 7.0.35, 8.0.0-RC1, 7.0.39, 8.0.0-RC10, 8.0.27, 8.0.26, 7.0.67, 8.0.36, 8.5.3, 7.0.73, 7.0.72
(Show all)
|
Patch → NO_SAFE_VERSION |
| CVE-2016-8735 |
Remote code execution is possible with Apache Tomcat before 6.0.48, 7.x before 7.0.73, 8.x before 8.0.39, 8.5.x before 8.5.7, and 9.x before 9.0.0.M12 if JmxRemoteLifecycleListener is used and an attacker can reach JMX ports. The issue exists because this listener wasn't updated for consistency with the CVE-2016-3427 Oracle patch that affected credential types. |
8.0.28,
9.0.0.M1,
8.5.5,
8.0.33,
8.0.21,
8.0.24,
8.0.18,
8.5.4
, 8.0.23, 8.0.22, 8.0.11, 8.0.8, 7.0.68, 7.0.65, 7.0.59, 7.0.47, 7.0.40, 8.0.35, 8.0.37, 8.0.29, 8.0.3, 8.0.1, 8.5.2, 8.0.14, 7.0.53, 7.0.42, 8.5.0, 8.0.30, 8.0.9, 7.0.57, 7.0.64, 7.0.55, 9.0.0.M8, 8.5.6, 7.0.50, 8.0.12, 8.0.15, 8.0.20, 8.0.32, 8.0.38, 9.0.0.M11, 7.0.70, 7.0.69, 7.0.62, 7.0.56, 7.0.41, 7.0.37, 9.0.0.M3, 7.0.61, 7.0.63, 7.0.54, 7.0.52, 9.0.0.M4, 8.0.5, 8.0.17, 9.0.0.M10, 9.0.0.M6, 9.0.0.M9, 7.0.35, 7.0.39, 8.0.27, 8.0.26, 7.0.67, 8.0.36, 8.5.3, 7.0.72
(Show all)
|
Patch → NO_SAFE_VERSION |
| CVE-2016-6817 |
The HTTP/2 header parser in Apache Tomcat 9.0.0.M1 to 9.0.0.M11 and 8.5.0 to 8.5.6 entered an infinite loop if a header was received that was larger than the available buffer. This made a denial of service attack possible. |
9.0.0.M1,
8.5.5,
8.5.4,
8.5.2,
8.5.0,
9.0.0.M8,
8.5.6,
9.0.0.M11
, 9.0.0.M3, 9.0.0.M4, 9.0.0.M10, 9.0.0.M6, 9.0.0.M9, 8.5.3
(Show all)
|
Patch → NO_SAFE_VERSION |
| CVE-2016-6816 |
The code in Apache Tomcat 9.0.0.M1 to 9.0.0.M11, 8.5.0 to 8.5.6, 8.0.0.RC1 to 8.0.38, 7.0.0 to 7.0.72, and 6.0.0 to 6.0.47 that parsed the HTTP request line permitted invalid characters. This could be exploited, in conjunction with a proxy that also permitted the invalid characters but with a different interpretation, to inject data into the HTTP response. By manipulating the HTTP response the attacker could poison a web-cache, perform an XSS attack and/or obtain sensitive information from requests other then their own. |
8.0.28,
9.0.0.M1,
8.5.5,
8.0.33,
8.0.21,
8.0.0-RC5,
8.0.24,
8.0.18
, 8.5.4, 8.0.23, 8.0.22, 8.0.11, 8.0.8, 7.0.68, 7.0.65, 7.0.59, 7.0.47, 7.0.40, 8.0.35, 8.0.37, 8.0.29, 8.0.3, 8.0.1, 8.5.2, 8.0.14, 7.0.53, 7.0.42, 8.5.0, 8.0.30, 8.0.9, 7.0.57, 7.0.64, 7.0.55, 9.0.0.M8, 8.5.6, 7.0.50, 8.0.12, 8.0.15, 8.0.20, 8.0.32, 8.0.38, 9.0.0.M11, 7.0.70, 7.0.69, 7.0.62, 7.0.56, 7.0.41, 7.0.37, 9.0.0.M3, 7.0.61, 7.0.63, 7.0.54, 7.0.52, 9.0.0.M4, 8.0.0-RC3, 8.0.5, 8.0.17, 9.0.0.M10, 9.0.0.M6, 9.0.0.M9, 7.0.35, 8.0.0-RC1, 7.0.39, 8.0.0-RC10, 8.0.27, 8.0.26, 7.0.67, 8.0.36, 8.5.3, 7.0.72
(Show all)
|
Patch → NO_SAFE_VERSION |
| CVE-2016-6797 |
The ResourceLinkFactory implementation in Apache Tomcat 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 and 6.0.0 to 6.0.45 did not limit web application access to global JNDI resources to those resources explicitly linked to the web application. Therefore, it was possible for a web application to access any global JNDI resource whether an explicit ResourceLink had been configured or not. |
8.0.28,
9.0.0.M1,
8.0.33,
8.0.21,
8.0.24,
8.0.18,
8.5.4,
8.0.23
, 8.0.22, 8.0.11, 8.0.8, 7.0.68, 7.0.65, 7.0.59, 7.0.47, 7.0.40, 8.0.35, 8.0.29, 8.0.3, 8.0.1, 8.5.2, 8.0.14, 7.0.53, 7.0.42, 8.5.0, 8.0.30, 8.0.9, 7.0.57, 7.0.64, 7.0.55, 9.0.0.M8, 7.0.50, 8.0.12, 8.0.15, 8.0.20, 8.0.32, 7.0.70, 7.0.69, 7.0.62, 7.0.56, 7.0.41, 7.0.37, 9.0.0.M3, 7.0.61, 7.0.63, 7.0.54, 7.0.52, 9.0.0.M4, 8.0.5, 8.0.17, 9.0.0.M6, 9.0.0.M9, 7.0.35, 7.0.39, 8.0.27, 8.0.26, 7.0.67, 8.0.36, 8.5.3
(Show all)
|
Patch → NO_SAFE_VERSION |
| CVE-2016-6796 |
A malicious web application running on Apache Tomcat 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 and 6.0.0 to 6.0.45 was able to bypass a configured SecurityManager via manipulation of the configuration parameters for the JSP Servlet. |
8.0.28,
9.0.0.M1,
8.0.33,
8.0.21,
8.0.0-RC5,
8.0.24,
8.0.18,
8.5.4
, 8.0.23, 8.0.22, 8.0.11, 8.0.8, 8.0.35, 8.0.29, 8.0.3, 8.0.1, 8.5.2, 8.0.14, 8.5.0, 8.0.30, 8.0.9, 9.0.0.M8, 8.0.12, 8.0.15, 8.0.20, 8.0.32, 9.0.0.M3, 9.0.0.M4, 8.0.0-RC3, 8.0.5, 8.0.17, 9.0.0.M6, 9.0.0.M9, 8.0.0-RC1, 8.0.0-RC10, 8.0.27, 8.0.26, 8.0.36, 8.5.3
(Show all)
|
Patch → NO_SAFE_VERSION |
| CVE-2016-6794 |
When a SecurityManager is configured, a web application's ability to read system properties should be controlled by the SecurityManager. In Apache Tomcat 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70, 6.0.0 to 6.0.45 the system property replacement feature for configuration files could be used by a malicious web application to bypass the SecurityManager and read system properties that should not be visible. |
8.0.28,
9.0.0.M1,
8.0.33,
8.0.21,
8.0.24,
8.0.18,
8.5.4,
8.0.23
, 8.0.22, 8.0.11, 8.0.8, 7.0.68, 7.0.65, 7.0.59, 7.0.47, 7.0.40, 8.0.35, 8.0.29, 8.0.3, 8.0.1, 8.5.2, 8.0.14, 7.0.53, 7.0.42, 8.5.0, 8.0.30, 8.0.9, 7.0.57, 7.0.64, 7.0.55, 9.0.0.M8, 7.0.50, 8.0.12, 8.0.15, 8.0.20, 8.0.32, 7.0.70, 7.0.69, 7.0.62, 7.0.56, 7.0.41, 7.0.37, 9.0.0.M3, 7.0.61, 7.0.63, 7.0.54, 7.0.52, 9.0.0.M4, 8.0.5, 8.0.17, 9.0.0.M6, 9.0.0.M9, 7.0.35, 7.0.39, 8.0.27, 8.0.26, 7.0.67, 8.0.36, 8.5.3
(Show all)
|
Patch → NO_SAFE_VERSION |
| CVE-2016-5388 |
Apache Tomcat 7.x through 7.0.70 and 8.x through 8.5.4, when the CGI Servlet is enabled, follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, aka an "httpoxy" issue. NOTE: the vendor states "A mitigation is planned for future releases of Tomcat, tracked as CVE-2016-5388"; in other words, this is not a CVE ID for a vulnerability. |
8.0.28,
8.0.33,
8.0.21,
8.0.0-RC5,
8.0.24,
8.0.18,
8.5.4,
8.0.51
, 8.0.23, 8.0.22, 8.0.11, 8.0.8, 7.0.68, 7.0.65, 7.0.59, 7.0.47, 7.0.40, 8.0.35, 8.0.37, 8.0.29, 8.0.3, 8.0.1, 8.0.52, 8.5.2, 8.0.53, 8.0.50, 8.0.47, 8.0.39, 8.0.14, 7.0.53, 7.0.42, 8.5.0, 8.0.46, 8.0.43, 8.0.30, 8.0.9, 7.0.57, 7.0.64, 7.0.55, 7.0.50, 8.0.41, 8.0.45, 8.0.49, 8.0.12, 8.0.15, 8.0.20, 8.0.32, 8.0.38, 7.0.69, 7.0.62, 7.0.56, 7.0.41, 7.0.37, 7.0.61, 7.0.63, 7.0.54, 7.0.52, 8.0.44, 8.0.0-RC3, 8.0.5, 8.0.17, 7.0.35, 8.0.0-RC1, 7.0.39, 8.0.0-RC10, 8.0.27, 8.0.26, 7.0.67, 8.0.42, 8.0.48, 8.0.36, 8.5.3
(Show all)
|
Patch → NO_SAFE_VERSION |
| CVE-2016-5018 |
In Apache Tomcat 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 and 6.0.0 to 6.0.45 a malicious web application was able to bypass a configured SecurityManager via a Tomcat utility method that was accessible to web applications. |
8.0.28,
9.0.0.M1,
8.0.33,
8.0.21,
8.0.0-RC5,
8.0.24,
8.0.18,
8.5.4
, 8.0.23, 8.0.22, 8.0.11, 8.0.8, 7.0.68, 7.0.65, 7.0.59, 7.0.47, 7.0.40, 8.0.35, 8.0.29, 8.0.3, 8.0.1, 8.5.2, 8.0.14, 7.0.53, 7.0.42, 8.5.0, 8.0.30, 8.0.9, 7.0.57, 7.0.64, 7.0.55, 9.0.0.M8, 7.0.50, 8.0.12, 8.0.15, 8.0.20, 8.0.32, 7.0.70, 7.0.69, 7.0.62, 7.0.56, 7.0.41, 7.0.37, 9.0.0.M3, 7.0.61, 7.0.63, 7.0.54, 7.0.52, 9.0.0.M4, 8.0.0-RC3, 8.0.5, 8.0.17, 9.0.0.M6, 9.0.0.M9, 7.0.35, 8.0.0-RC1, 7.0.39, 8.0.0-RC10, 8.0.27, 8.0.26, 7.0.67, 8.0.36, 8.5.3
(Show all)
|
Patch → NO_SAFE_VERSION |
| CVE-2016-0763 |
The setGlobalContext method in org/apache/naming/factory/ResourceLinkFactory.java in Apache Tomcat 7.x before 7.0.68, 8.x before 8.0.31, and 9.x before 9.0.0.M3 does not consider whether ResourceLinkFactory.setGlobalContext callers are authorized, which allows remote authenticated users to bypass intended SecurityManager restrictions and read or write to arbitrary application data, or cause a denial of service (application disruption), via a web application that sets a crafted global context. |
8.0.28,
9.0.0.M1,
8.0.21,
8.0.24,
8.0.18,
8.0.23,
8.0.22,
8.0.11
, 8.0.8, 7.0.65, 7.0.59, 7.0.47, 7.0.40, 8.0.29, 8.0.3, 8.0.1, 8.0.14, 7.0.53, 7.0.42, 8.0.30, 8.0.9, 7.0.57, 7.0.64, 7.0.55, 7.0.50, 8.0.12, 8.0.15, 8.0.20, 7.0.62, 7.0.56, 7.0.41, 7.0.37, 7.0.61, 7.0.63, 7.0.54, 7.0.52, 8.0.5, 8.0.17, 7.0.35, 7.0.39, 8.0.27, 8.0.26, 7.0.67
(Show all)
|
Patch → NO_SAFE_VERSION |
| CVE-2016-0762 |
The Realm implementations in Apache Tomcat versions 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 and 6.0.0 to 6.0.45 did not process the supplied password if the supplied user name did not exist. This made a timing attack possible to determine valid user names. Note that the default configuration includes the LockOutRealm which makes exploitation of this vulnerability harder. |
8.0.28,
9.0.0.M1,
8.0.33,
8.0.21,
8.0.0-RC5,
8.0.24,
8.0.18,
8.5.4
, 8.0.23, 8.0.22, 8.0.11, 8.0.8, 7.0.68, 7.0.65, 7.0.59, 7.0.47, 7.0.40, 8.0.35, 8.0.29, 8.0.3, 8.0.1, 8.5.2, 8.0.14, 7.0.53, 7.0.42, 8.5.0, 8.0.30, 8.0.9, 7.0.57, 7.0.64, 7.0.55, 9.0.0.M8, 7.0.50, 8.0.12, 8.0.15, 8.0.20, 8.0.32, 7.0.70, 7.0.69, 7.0.62, 7.0.56, 7.0.41, 7.0.37, 9.0.0.M3, 7.0.61, 7.0.63, 7.0.54, 7.0.52, 9.0.0.M4, 8.0.0-RC3, 8.0.5, 8.0.17, 9.0.0.M6, 9.0.0.M9, 7.0.35, 8.0.0-RC1, 7.0.39, 8.0.0-RC10, 8.0.27, 8.0.26, 7.0.67, 8.0.36, 8.5.3
(Show all)
|
Patch → NO_SAFE_VERSION |
| CVE-2016-0714 |
The session-persistence implementation in Apache Tomcat 6.x before 6.0.45, 7.x before 7.0.68, 8.x before 8.0.31, and 9.x before 9.0.0.M2 mishandles session attributes, which allows remote authenticated users to bypass intended SecurityManager restrictions and execute arbitrary code in a privileged context via a web application that places a crafted object in a session. |
8.0.28,
9.0.0.M1,
8.0.21,
8.0.0-RC5,
8.0.24,
8.0.18,
8.0.23,
8.0.22
, 8.0.11, 8.0.8, 7.0.68, 7.0.65, 7.0.59, 7.0.47, 7.0.40, 8.0.29, 8.0.3, 8.0.1, 8.0.14, 7.0.53, 7.0.42, 8.0.30, 8.0.9, 7.0.57, 7.0.64, 7.0.55, 7.0.50, 8.0.12, 8.0.15, 8.0.20, 7.0.69, 7.0.62, 7.0.56, 7.0.41, 7.0.37, 7.0.61, 7.0.63, 7.0.54, 7.0.52, 8.0.0-RC3, 8.0.5, 8.0.17, 7.0.35, 8.0.0-RC1, 7.0.39, 8.0.0-RC10, 8.0.27, 8.0.26, 7.0.67
(Show all)
|
Patch → NO_SAFE_VERSION |
| CVE-2016-0706 |
Apache Tomcat 6.x before 6.0.45, 7.x before 7.0.68, 8.x before 8.0.31, and 9.x before 9.0.0.M2 does not place org.apache.catalina.manager.StatusManagerServlet on the org/apache/catalina/core/RestrictedServlets.properties list, which allows remote authenticated users to bypass intended SecurityManager restrictions and read arbitrary HTTP requests, and consequently discover session ID values, via a crafted web application. |
8.0.28,
9.0.0.M1,
8.0.21,
8.0.0-RC5,
8.0.24,
8.0.18,
8.0.23,
8.0.22
, 8.0.11, 8.0.8, 8.0.29, 8.0.3, 8.0.1, 8.0.14, 8.0.30, 8.0.9, 8.0.12, 8.0.15, 8.0.20, 8.0.0-RC3, 8.0.5, 8.0.17, 8.0.0-RC1, 8.0.0-RC10, 8.0.27, 8.0.26
(Show all)
|
Patch → NO_SAFE_VERSION |
| CVE-2015-5351 |
The (1) Manager and (2) Host Manager applications in Apache Tomcat 7.x before 7.0.68, 8.x before 8.0.31, and 9.x before 9.0.0.M2 establish sessions and send CSRF tokens for arbitrary new requests, which allows remote attackers to bypass a CSRF protection mechanism by using a token. |
8.0.28,
9.0.0.M1,
8.0.21,
8.0.24,
8.0.18,
8.0.23,
8.0.22,
8.0.11
, 8.0.8, 7.0.65, 7.0.59, 7.0.47, 7.0.40, 8.0.29, 8.0.3, 8.0.1, 8.0.14, 7.0.53, 7.0.42, 8.0.30, 8.0.9, 7.0.57, 7.0.64, 7.0.55, 7.0.50, 8.0.12, 8.0.15, 8.0.20, 7.0.62, 7.0.56, 7.0.41, 7.0.37, 7.0.61, 7.0.63, 7.0.54, 7.0.52, 8.0.5, 8.0.17, 7.0.35, 7.0.39, 8.0.27, 8.0.26, 7.0.67
(Show all)
|
Patch → NO_SAFE_VERSION |
| CVE-2015-5346 |
Session fixation vulnerability in Apache Tomcat 7.x before 7.0.66, 8.x before 8.0.30, and 9.x before 9.0.0.M2, when different session settings are used for deployments of multiple versions of the same web application, might allow remote attackers to hijack web sessions by leveraging use of a requestedSessionSSL field for an unintended request, related to CoyoteAdapter.java and Request.java. |
8.0.28,
9.0.0.M1,
8.0.21,
8.0.0-RC5,
8.0.24,
8.0.18,
8.0.23,
8.0.22
, 8.0.11, 8.0.8, 7.0.65, 7.0.59, 7.0.47, 7.0.40, 8.0.29, 8.0.3, 8.0.1, 8.0.14, 7.0.53, 7.0.42, 8.0.30, 8.0.9, 7.0.57, 7.0.64, 7.0.55, 7.0.50, 8.0.12, 8.0.15, 8.0.20, 7.0.62, 7.0.56, 7.0.41, 7.0.37, 7.0.61, 7.0.63, 7.0.54, 7.0.52, 8.0.0-RC3, 8.0.5, 8.0.17, 7.0.35, 8.0.0-RC1, 7.0.39, 8.0.0-RC10, 8.0.27, 8.0.26
(Show all)
|
Patch → NO_SAFE_VERSION |
| CVE-2015-5345 |
The Mapper component in Apache Tomcat 6.x before 6.0.45, 7.x before 7.0.68, 8.x before 8.0.30, and 9.x before 9.0.0.M2 processes redirects before considering security constraints and Filters, which allows remote attackers to determine the existence of a directory via a URL that lacks a trailing / (slash) character. |
8.0.28,
9.0.0.M1,
8.0.21,
8.0.0-RC5,
8.0.24,
8.0.18,
8.0.23,
8.0.22
, 8.0.11, 8.0.8, 7.0.65, 7.0.59, 7.0.47, 7.0.40, 8.0.29, 8.0.3, 8.0.1, 8.0.14, 7.0.53, 7.0.42, 8.0.9, 7.0.57, 7.0.64, 7.0.55, 7.0.50, 8.0.12, 8.0.15, 8.0.20, 7.0.62, 7.0.56, 7.0.41, 7.0.37, 7.0.61, 7.0.63, 7.0.54, 7.0.52, 8.0.0-RC3, 8.0.5, 8.0.17, 7.0.35, 8.0.0-RC1, 7.0.39, 8.0.0-RC10, 8.0.27, 8.0.26, 7.0.67
(Show all)
|
Patch → NO_SAFE_VERSION |
| CVE-2015-5174 |
Directory traversal vulnerability in RequestUtil.java in Apache Tomcat 6.x before 6.0.45, 7.x before 7.0.65, and 8.x before 8.0.27 allows remote authenticated users to bypass intended SecurityManager restrictions and list a parent directory via a /.. (slash dot dot) in a pathname used by a web application in a getResource, getResourceAsStream, or getResourcePaths call, as demonstrated by the $CATALINA_BASE/webapps directory. |
8.0.21,
8.0.0-RC5,
8.0.24,
8.0.18,
8.0.23,
8.0.22,
8.0.11,
8.0.8
, 7.0.59, 7.0.47, 7.0.40, 8.0.3, 8.0.1, 8.0.14, 7.0.53, 7.0.42, 8.0.9, 7.0.57, 7.0.64, 7.0.55, 7.0.50, 8.0.12, 8.0.15, 8.0.20, 7.0.62, 7.0.56, 7.0.41, 7.0.37, 7.0.61, 7.0.63, 7.0.54, 7.0.52, 8.0.0-RC3, 8.0.5, 8.0.17, 7.0.35, 8.0.0-RC1, 7.0.39, 8.0.0-RC10, 8.0.26
(Show all)
|
Patch → NO_SAFE_VERSION |
| CVE-2014-7810 |
The Expression Language (EL) implementation in Apache Tomcat 6.x before 6.0.44, 7.x before 7.0.58, and 8.x before 8.0.16 does not properly consider the possibility of an accessible interface implemented by an inaccessible class, which allows attackers to bypass a SecurityManager protection mechanism via a web application that leverages use of incorrect privileges during EL evaluation. |
8.0.11,
8.0.8,
7.0.47,
7.0.40,
8.0.3,
8.0.1,
8.0.14,
7.0.53
, 7.0.42, 8.0.9, 7.0.57, 7.0.55, 7.0.50, 8.0.12, 8.0.15, 7.0.56, 7.0.41, 7.0.37, 7.0.54, 7.0.52, 8.0.5, 7.0.35, 7.0.39
(Show all)
|
Patch → NO_SAFE_VERSION |
| CVE-2014-0230 |
Apache Tomcat 6.x before 6.0.44, 7.x before 7.0.55, and 8.x before 8.0.9 does not properly handle cases where an HTTP response occurs before finishing the reading of an entire request body, which allows remote attackers to cause a denial of service (thread consumption) via a series of aborted upload attempts. |
8.0.8,
7.0.47,
7.0.40,
8.0.3,
8.0.1,
7.0.53,
7.0.42,
7.0.50
, 7.0.41, 7.0.37, 7.0.54, 7.0.52, 8.0.5, 7.0.35, 7.0.39
(Show all)
|
Patch → NO_SAFE_VERSION |
| CVE-2014-0227 |
java/org/apache/coyote/http11/filters/ChunkedInputFilter.java in Apache Tomcat 6.x before 6.0.42, 7.x before 7.0.55, and 8.x before 8.0.9 does not properly handle attempts to continue reading data after an error has occurred, which allows remote attackers to conduct HTTP request smuggling attacks or cause a denial of service (resource consumption) by streaming data with malformed chunked transfer coding. |
8.0.8,
7.0.47,
7.0.40,
8.0.3,
8.0.1,
7.0.53,
7.0.42,
7.0.50
, 7.0.41, 7.0.37, 7.0.54, 7.0.52, 8.0.5, 7.0.35, 7.0.39
(Show all)
|
Patch → NO_SAFE_VERSION |
| CVE-2014-0119 |
Apache Tomcat before 6.0.40, 7.x before 7.0.54, and 8.x before 8.0.6 does not properly constrain the class loader that accesses the XML parser used with an XSLT stylesheet, which allows remote attackers to (1) read arbitrary files via a crafted web application that provides an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue, or (2) read files associated with different web applications on a single Tomcat instance via a crafted web application. |
7.0.47,
7.0.40,
8.0.3,
8.0.1,
7.0.53,
7.0.42,
7.0.50,
7.0.41
, 7.0.37, 7.0.52, 8.0.5, 7.0.35, 7.0.39
(Show all)
|
Patch → NO_SAFE_VERSION |
| CVE-2014-0099 |
Integer overflow in java/org/apache/tomcat/util/buf/Ascii.java in Apache Tomcat before 6.0.40, 7.x before 7.0.53, and 8.x before 8.0.4, when operated behind a reverse proxy, allows remote attackers to conduct HTTP request smuggling attacks via a crafted Content-Length HTTP header. |
7.0.47,
7.0.40,
8.0.3,
8.0.1,
7.0.53,
7.0.42,
7.0.50,
7.0.41
, 7.0.37, 7.0.52, 8.0.5, 7.0.35, 7.0.39
(Show all)
|
Patch → NO_SAFE_VERSION |
| CVE-2014-0096 |
java/org/apache/catalina/servlets/DefaultServlet.java in the default servlet in Apache Tomcat before 6.0.40, 7.x before 7.0.53, and 8.x before 8.0.4 does not properly restrict XSLT stylesheets, which allows remote attackers to bypass security-manager restrictions and read arbitrary files via a crafted web application that provides an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue. |
7.0.47,
7.0.40,
8.0.3,
8.0.1,
7.0.53,
7.0.42,
7.0.50,
7.0.41
, 7.0.37, 7.0.52, 8.0.5, 7.0.35, 7.0.39
(Show all)
|
Patch → NO_SAFE_VERSION |
| CVE-2014-0075 |
Integer overflow in the parseChunkHeader function in java/org/apache/coyote/http11/filters/ChunkedInputFilter.java in Apache Tomcat before 6.0.40, 7.x before 7.0.53, and 8.x before 8.0.4 allows remote attackers to cause a denial of service (resource consumption) via a malformed chunk size in chunked transfer coding of a request during the streaming of data. |
7.0.47,
7.0.40,
8.0.3,
8.0.1,
7.0.42,
7.0.50,
7.0.41,
7.0.37
, 7.0.52, 7.0.35, 7.0.39
(Show all)
|
Patch → NO_SAFE_VERSION |
| CVE-2014-0050 |
MultipartStream.java in Apache Commons FileUpload before 1.3.1, as used in Apache Tomcat, JBoss Web, and other products, allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a crafted Content-Type header that bypasses a loop's intended exit conditions. |
8.0.0-RC5,
7.0.47,
7.0.40,
8.0.1,
7.0.42,
7.0.50,
7.0.41,
7.0.37
, 8.0.0-RC3, 7.0.35, 8.0.0-RC1, 7.0.39, 8.0.0-RC10
(Show all)
|
Patch → NO_SAFE_VERSION |
| CVE-2013-4590 |
Apache Tomcat before 6.0.39, 7.x before 7.0.50, and 8.x before 8.0.0-RC10 allows attackers to obtain "Tomcat internals" information by leveraging the presence of an untrusted web application with a context.xml, web.xml, *.jspx, *.tagx, or *.tld XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue. |
8.0.0-RC5,
7.0.47,
7.0.40,
7.0.42,
7.0.41,
7.0.37,
8.0.0-RC3,
7.0.35
, 8.0.0-RC1, 7.0.39
(Show all)
|
Patch → NO_SAFE_VERSION |
| CVE-2013-4444 |
Unrestricted file upload vulnerability in Apache Tomcat 7.x before 7.0.40, in certain situations involving outdated java.io.File code and a custom JMX configuration, allows remote attackers to execute arbitrary code by uploading and accessing a JSP file. |
7.0.37,
7.0.35,
7.0.39
|
Patch → NO_SAFE_VERSION |
| CVE-2013-4322 |
Apache Tomcat before 6.0.39, 7.x before 7.0.50, and 8.x before 8.0.0-RC10 processes chunked transfer coding without properly handling (1) a large total amount of chunked data or (2) whitespace characters in an HTTP header value within a trailer field, which allows remote attackers to cause a denial of service by streaming data. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-3544. |
8.0.0-RC5,
7.0.47,
7.0.40,
7.0.42,
7.0.41,
7.0.37,
8.0.0-RC3,
7.0.35
, 8.0.0-RC1, 7.0.39
(Show all)
|
Patch → NO_SAFE_VERSION |
| CVE-2013-4286 |
Apache Tomcat before 6.0.39, 7.x before 7.0.47, and 8.x before 8.0.0-RC3, when an HTTP connector or AJP connector is used, does not properly handle certain inconsistent HTTP request headers, which allows remote attackers to trigger incorrect identification of a request's length and conduct request-smuggling attacks via (1) multiple Content-Length headers or (2) a Content-Length header and a "Transfer-Encoding: chunked" header. NOTE: this vulnerability exists because of an incomplete fix for CVE-2005-2090. |
7.0.40,
7.0.42,
7.0.41,
7.0.37,
7.0.35,
8.0.0-RC1,
7.0.39
|
Patch → NO_SAFE_VERSION |
| CVE-2013-2185 |
The readObject method in the DiskFileItem class in Apache Tomcat and JBoss Web, as used in Red Hat JBoss Enterprise Application Platform 6.1.0 and Red Hat JBoss Portal 6.0.0, allows remote attackers to write to arbitrary files via a NULL byte in a file name in a serialized instance, a similar issue to CVE-2013-2186. NOTE: this issue is reportedly disputed by the Apache Tomcat team, although Red Hat considers it a vulnerability. The dispute appears to regard whether it is the responsibility of applications to avoid providing untrusted data to be deserialized, or whether this class should inherently protect against this issue |
7.0.37,
7.0.35,
7.0.39
|
Patch → NO_SAFE_VERSION |
| CVE-2013-2071 |
java/org/apache/catalina/core/AsyncContextImpl.java in Apache Tomcat 7.x before 7.0.40 does not properly handle the throwing of a RuntimeException in an AsyncListener in an application, which allows context-dependent attackers to obtain sensitive request information intended for other applications in opportunistic circumstances via an application that records the requests that it processes. |
7.0.37,
7.0.35,
7.0.39
|
Patch → NO_SAFE_VERSION |
| CVE-2007-6286 |
Apache Tomcat 5.5.11 through 5.5.25 and 6.0.0 through 6.0.15, when the native APR connector is used, does not properly handle an empty request to the SSL port, which allows remote attackers to trigger handling of "a duplicate copy of one of the recent requests," as demonstrated by using netcat to send the empty request. |
9.0.68,
11.0.0-M1,
11.0.0-M16,
10.0.0-M1,
11.0.0,
10.1.31,
9.0.96,
9.0.64
, 10.1.30, 11.0.0-M13, 11.0.0-M26, 8.0.28, 10.1.29, 9.0.95, 11.0.0-M25, 9.0.94, 10.1.11, 11.0.0-M9, 11.0.0-M7, 11.0.0-M24, 10.1.28, 9.0.93, 10.1.0-M17, 11.0.0-M22, 10.1.26, 9.0.91, 10.1.0-M8, 10.1.0-M11, 11.0.0-M21, 10.1.25, 9.0.90, 11.0.0-M20, 10.1.24, 11.0.0-M10, 9.0.89, 11.0.0-M4, 10.1.20, 11.0.0-M19, 10.1.23, 9.0.88, 9.0.0.M1, 8.5.100, 8.5.99, 9.0.87, 9.0.76, 9.0.83, 8.5.96, 9.0.62, 11.0.0-M12, 11.0.0-M11, 10.1.15, 10.1.14, 10.1.13, 10.1.12, 9.0.82, 9.0.80, 9.0.81, 9.0.79, 8.5.95, 8.5.94, 8.5.93, 8.5.92, 8.5.82, 8.5.78, 8.5.79, 8.5.76, 8.5.69, 8.5.66, 8.5.58, 8.5.54, 8.5.38, 8.5.30, 8.5.8, 8.5.24, 8.5.28, 8.5.5, 8.0.33, 8.0.21, 8.0.0-RC5, 7.0.104, 8.0.24, 8.0.18, 8.5.64, 8.5.11, 8.5.9, 8.5.4, 8.0.51, 8.0.23, 8.0.22, 8.0.11, 8.0.8, 7.0.81, 7.0.68, 7.0.65, 7.0.59, 7.0.47, 7.0.40, 11.0.0-M3, 10.1.0-M2, 10.1.0-M12, 9.0.0.M26, 8.5.70, 8.0.35, 8.0.37, 8.0.29, 8.0.3, 8.0.1, 10.1.0, 10.0.0, 9.0.72, 9.0.60, 9.0.37, 9.0.30, 9.0.0.M27, 8.5.90, 8.5.45, 8.5.39, 8.5.21, 8.0.52, 8.5.16, 7.0.86, 8.5.2, 8.0.53, 8.0.50, 8.0.47, 8.0.39, 8.0.14, 7.0.106, 7.0.99, 7.0.94, 7.0.92, 7.0.85, 7.0.53, 7.0.42, 10.0.4, 9.0.74, 9.0.58, 9.0.6, 8.5.87, 8.5.63, 8.5.51, 8.5.43, 8.5.19, 8.5.15, 8.5.14, 8.5.0, 8.0.46, 8.0.43, 8.0.30, 8.0.9, 7.0.91, 7.0.57, 7.0.96, 7.0.100, 7.0.105, 7.0.107, 7.0.109, 9.0.20, 9.0.27, 9.0.75, 10.0.0-M7, 10.0.2, 10.0.5, 10.0.6, 10.0.23, 10.1.8, 11.0.0-M5, 7.0.64, 7.0.55, 11.0.0-M18, 10.1.19, 11.0.0-M17, 9.0.86, 11.0.0-M15, 10.1.18, 10.1.17, 9.0.85, 9.0.84, 8.5.98, 8.5.97, 11.0.0-M14, 10.1.16, 10.0.16, 10.0.10, 9.0.73, 9.0.59, 9.0.56, 9.0.54, 9.0.48, 9.0.41, 9.0.26, 9.0.21, 9.0.12, 9.0.5, 9.0.0.M22, 9.0.0.M20, 9.0.14, 8.5.86, 11.0.0-M6, 8.5.83, 10.1.6, 10.1.0-M16, 10.1.0-M5, 10.0.26, 9.0.69, 10.0.0-M8, 9.0.53, 9.0.43, 9.0.13, 9.0.0.M8, 9.0.33, 9.0.35, 9.0.22, 9.0.16, 9.0.10, 9.0.8, 10.1.10, 9.0.78, 9.0.70, 9.0.29, 9.0.24, 9.0.17, 9.0.11, 9.0.1, 9.0.0.M17, 8.5.91, 8.5.85, 8.5.75, 8.5.72, 8.5.50, 8.5.23, 8.5.12, 8.5.6, 10.1.9, 10.0.27, 10.0.8, 7.0.77, 7.0.50, 8.5.89, 7.0.84, 7.0.90, 8.0.41, 8.0.45, 8.0.49, 8.5.20, 8.5.27, 8.5.29, 8.5.31, 8.5.37, 8.5.47, 8.5.49, 8.5.53, 8.5.55, 8.5.65, 8.5.68, 9.0.55, 9.0.63, 9.0.65, 9.0.67, 9.0.71, 10.0.0-M3, 10.0.0-M4, 10.0.0-M6, 10.0.7, 10.0.13, 10.0.17, 10.0.20, 10.0.21, 10.0.22, 10.1.0-M7, 10.1.0-M14, 10.1.5, 10.1.7, 8.0.12, 8.0.15, 8.0.20, 8.0.32, 8.0.38, 8.5.34, 8.5.35, 8.5.40, 8.5.46, 8.5.56, 8.5.57, 8.5.59, 8.5.60, 8.5.71, 8.5.73, 8.5.77, 8.5.84, 8.5.88, 9.0.0.M11, 9.0.0.M21, 7.0.88, 9.0.0.M19, 9.0.34, 10.0.14, 7.0.70, 7.0.69, 7.0.62, 7.0.56, 7.0.41, 7.0.37, 9.0.2, 9.0.4, 9.0.7, 9.0.40, 8.5.81, 9.0.0.M3, 9.0.0.M13, 9.0.0.M15, 9.0.0.M18, 9.0.31, 9.0.36, 9.0.38, 9.0.39, 9.0.44, 9.0.45, 9.0.46, 9.0.50, 9.0.52, 10.0.18, 10.1.1, 10.1.2, 7.0.78, 7.0.61, 7.0.75, 7.0.63, 10.1.4, 10.1.0-M1, 7.0.79, 7.0.54, 7.0.52, 7.0.108, 8.5.13, 10.1.0-M10, 10.1.0-M15, 8.5.33, 8.5.42, 9.0.0.M4, 8.0.44, 8.0.0-RC3, 8.0.5, 7.0.82, 8.0.17, 9.0.0.M10, 9.0.0.M6, 9.0.0.M9, 7.0.35, 8.0.0-RC1, 7.0.39, 8.0.0-RC10, 8.0.27, 8.0.26, 10.0.11, 10.1.0-M4, 7.0.76, 7.0.67, 8.5.32, 7.0.103, 8.0.42, 8.0.48, 7.0.93, 8.5.41, 9.0.19, 8.0.36, 8.5.3, 9.0.0.M25, 8.5.61, 10.0.0-M10, 10.0.0-M9, 10.0.0-M5, 10.0.12, 10.1.0-M6, 7.0.73, 7.0.72
(Show all)
|
Patch → NO_SAFE_VERSION |
| CVE-2007-4724 |
Cross-site request forgery (CSRF) vulnerability in cal2.jsp in the calendar examples application in Apache Tomcat 4.1.31 allows remote attackers to add events as arbitrary users via the time and description parameters. |
9.0.68,
11.0.0-M1,
11.0.0-M16,
10.0.0-M1,
11.0.0,
10.1.31,
9.0.96,
9.0.64
, 10.1.30, 11.0.0-M13, 11.0.0-M26, 8.0.28, 10.1.29, 9.0.95, 11.0.0-M25, 9.0.94, 10.1.11, 11.0.0-M9, 11.0.0-M7, 11.0.0-M24, 10.1.28, 9.0.93, 10.1.0-M17, 11.0.0-M22, 10.1.26, 9.0.91, 10.1.0-M8, 10.1.0-M11, 11.0.0-M21, 10.1.25, 9.0.90, 11.0.0-M20, 10.1.24, 11.0.0-M10, 9.0.89, 11.0.0-M4, 10.1.20, 11.0.0-M19, 10.1.23, 9.0.88, 9.0.0.M1, 8.5.100, 8.5.99, 9.0.87, 9.0.76, 9.0.83, 8.5.96, 9.0.62, 11.0.0-M12, 11.0.0-M11, 10.1.15, 10.1.14, 10.1.13, 10.1.12, 9.0.82, 9.0.80, 9.0.81, 9.0.79, 8.5.95, 8.5.94, 8.5.93, 8.5.92, 8.5.82, 8.5.78, 8.5.79, 8.5.76, 8.5.69, 8.5.66, 8.5.58, 8.5.54, 8.5.38, 8.5.30, 8.5.8, 8.5.24, 8.5.28, 8.5.5, 8.0.33, 8.0.21, 8.0.0-RC5, 7.0.104, 8.0.24, 8.0.18, 8.5.64, 8.5.11, 8.5.9, 8.5.4, 8.0.51, 8.0.23, 8.0.22, 8.0.11, 8.0.8, 7.0.81, 7.0.68, 7.0.65, 7.0.59, 7.0.47, 7.0.40, 11.0.0-M3, 10.1.0-M2, 10.1.0-M12, 9.0.0.M26, 8.5.70, 8.0.35, 8.0.37, 8.0.29, 8.0.3, 8.0.1, 10.1.0, 10.0.0, 9.0.72, 9.0.60, 9.0.37, 9.0.30, 9.0.0.M27, 8.5.90, 8.5.45, 8.5.39, 8.5.21, 8.0.52, 8.5.16, 7.0.86, 8.5.2, 8.0.53, 8.0.50, 8.0.47, 8.0.39, 8.0.14, 7.0.106, 7.0.99, 7.0.94, 7.0.92, 7.0.85, 7.0.53, 7.0.42, 10.0.4, 9.0.74, 9.0.58, 9.0.6, 8.5.87, 8.5.63, 8.5.51, 8.5.43, 8.5.19, 8.5.15, 8.5.14, 8.5.0, 8.0.46, 8.0.43, 8.0.30, 8.0.9, 7.0.91, 7.0.57, 7.0.96, 7.0.100, 7.0.105, 7.0.107, 7.0.109, 9.0.20, 9.0.27, 9.0.75, 10.0.0-M7, 10.0.2, 10.0.5, 10.0.6, 10.0.23, 10.1.8, 11.0.0-M5, 7.0.64, 7.0.55, 11.0.0-M18, 10.1.19, 11.0.0-M17, 9.0.86, 11.0.0-M15, 10.1.18, 10.1.17, 9.0.85, 9.0.84, 8.5.98, 8.5.97, 11.0.0-M14, 10.1.16, 10.0.16, 10.0.10, 9.0.73, 9.0.59, 9.0.56, 9.0.54, 9.0.48, 9.0.41, 9.0.26, 9.0.21, 9.0.12, 9.0.5, 9.0.0.M22, 9.0.0.M20, 9.0.14, 8.5.86, 11.0.0-M6, 8.5.83, 10.1.6, 10.1.0-M16, 10.1.0-M5, 10.0.26, 9.0.69, 10.0.0-M8, 9.0.53, 9.0.43, 9.0.13, 9.0.0.M8, 9.0.33, 9.0.35, 9.0.22, 9.0.16, 9.0.10, 9.0.8, 10.1.10, 9.0.78, 9.0.70, 9.0.29, 9.0.24, 9.0.17, 9.0.11, 9.0.1, 9.0.0.M17, 8.5.91, 8.5.85, 8.5.75, 8.5.72, 8.5.50, 8.5.23, 8.5.12, 8.5.6, 10.1.9, 10.0.27, 10.0.8, 7.0.77, 7.0.50, 8.5.89, 7.0.84, 7.0.90, 8.0.41, 8.0.45, 8.0.49, 8.5.20, 8.5.27, 8.5.29, 8.5.31, 8.5.37, 8.5.47, 8.5.49, 8.5.53, 8.5.55, 8.5.65, 8.5.68, 9.0.55, 9.0.63, 9.0.65, 9.0.67, 9.0.71, 10.0.0-M3, 10.0.0-M4, 10.0.0-M6, 10.0.7, 10.0.13, 10.0.17, 10.0.20, 10.0.21, 10.0.22, 10.1.0-M7, 10.1.0-M14, 10.1.5, 10.1.7, 8.0.12, 8.0.15, 8.0.20, 8.0.32, 8.0.38, 8.5.34, 8.5.35, 8.5.40, 8.5.46, 8.5.56, 8.5.57, 8.5.59, 8.5.60, 8.5.71, 8.5.73, 8.5.77, 8.5.84, 8.5.88, 9.0.0.M11, 9.0.0.M21, 7.0.88, 9.0.0.M19, 9.0.34, 10.0.14, 7.0.70, 7.0.69, 7.0.62, 7.0.56, 7.0.41, 7.0.37, 9.0.2, 9.0.4, 9.0.7, 9.0.40, 8.5.81, 9.0.0.M3, 9.0.0.M13, 9.0.0.M15, 9.0.0.M18, 9.0.31, 9.0.36, 9.0.38, 9.0.39, 9.0.44, 9.0.45, 9.0.46, 9.0.50, 9.0.52, 10.0.18, 10.1.1, 10.1.2, 7.0.78, 7.0.61, 7.0.75, 7.0.63, 10.1.4, 10.1.0-M1, 7.0.79, 7.0.54, 7.0.52, 7.0.108, 8.5.13, 10.1.0-M10, 10.1.0-M15, 8.5.33, 8.5.42, 9.0.0.M4, 8.0.44, 8.0.0-RC3, 8.0.5, 7.0.82, 8.0.17, 9.0.0.M10, 9.0.0.M6, 9.0.0.M9, 7.0.35, 8.0.0-RC1, 7.0.39, 8.0.0-RC10, 8.0.27, 8.0.26, 10.0.11, 10.1.0-M4, 7.0.76, 7.0.67, 8.5.32, 7.0.103, 8.0.42, 8.0.48, 7.0.93, 8.5.41, 9.0.19, 8.0.36, 8.5.3, 9.0.0.M25, 8.5.61, 10.0.0-M10, 10.0.0-M9, 10.0.0-M5, 10.0.12, 10.1.0-M6, 7.0.73, 7.0.72
(Show all)
|
Patch → NO_SAFE_VERSION |
| CVE-2007-3385 |
Apache Tomcat 6.0.0 to 6.0.13, 5.5.0 to 5.5.24, 5.0.0 to 5.0.30, 4.1.0 to 4.1.36, and 3.3 to 3.3.2 does not properly handle the \" character sequence in a cookie value, which might cause sensitive information such as session IDs to be leaked to remote attackers and enable session hijacking attacks. |
9.0.68,
11.0.0-M1,
11.0.0-M16,
10.0.0-M1,
11.0.0,
10.1.31,
9.0.96,
9.0.64
, 10.1.30, 11.0.0-M13, 11.0.0-M26, 8.0.28, 10.1.29, 9.0.95, 11.0.0-M25, 9.0.94, 10.1.11, 11.0.0-M9, 11.0.0-M7, 11.0.0-M24, 10.1.28, 9.0.93, 10.1.0-M17, 11.0.0-M22, 10.1.26, 9.0.91, 10.1.0-M8, 10.1.0-M11, 11.0.0-M21, 10.1.25, 9.0.90, 11.0.0-M20, 10.1.24, 11.0.0-M10, 9.0.89, 11.0.0-M4, 10.1.20, 11.0.0-M19, 10.1.23, 9.0.88, 9.0.0.M1, 8.5.100, 8.5.99, 9.0.87, 9.0.76, 9.0.83, 8.5.96, 9.0.62, 11.0.0-M12, 11.0.0-M11, 10.1.15, 10.1.14, 10.1.13, 10.1.12, 9.0.82, 9.0.80, 9.0.81, 9.0.79, 8.5.95, 8.5.94, 8.5.93, 8.5.92, 8.5.82, 8.5.78, 8.5.79, 8.5.76, 8.5.69, 8.5.66, 8.5.58, 8.5.54, 8.5.38, 8.5.30, 8.5.8, 8.5.24, 8.5.28, 8.5.5, 8.0.33, 8.0.21, 8.0.0-RC5, 7.0.104, 8.0.24, 8.0.18, 8.5.64, 8.5.11, 8.5.9, 8.5.4, 8.0.51, 8.0.23, 8.0.22, 8.0.11, 8.0.8, 7.0.81, 7.0.68, 7.0.65, 7.0.59, 7.0.47, 7.0.40, 11.0.0-M3, 10.1.0-M2, 10.1.0-M12, 9.0.0.M26, 8.5.70, 8.0.35, 8.0.37, 8.0.29, 8.0.3, 8.0.1, 10.1.0, 10.0.0, 9.0.72, 9.0.60, 9.0.37, 9.0.30, 9.0.0.M27, 8.5.90, 8.5.45, 8.5.39, 8.5.21, 8.0.52, 8.5.16, 7.0.86, 8.5.2, 8.0.53, 8.0.50, 8.0.47, 8.0.39, 8.0.14, 7.0.106, 7.0.99, 7.0.94, 7.0.92, 7.0.85, 7.0.53, 7.0.42, 10.0.4, 9.0.74, 9.0.58, 9.0.6, 8.5.87, 8.5.63, 8.5.51, 8.5.43, 8.5.19, 8.5.15, 8.5.14, 8.5.0, 8.0.46, 8.0.43, 8.0.30, 8.0.9, 7.0.91, 7.0.57, 7.0.96, 7.0.100, 7.0.105, 7.0.107, 7.0.109, 9.0.20, 9.0.27, 9.0.75, 10.0.0-M7, 10.0.2, 10.0.5, 10.0.6, 10.0.23, 10.1.8, 11.0.0-M5, 7.0.64, 7.0.55, 11.0.0-M18, 10.1.19, 11.0.0-M17, 9.0.86, 11.0.0-M15, 10.1.18, 10.1.17, 9.0.85, 9.0.84, 8.5.98, 8.5.97, 11.0.0-M14, 10.1.16, 10.0.16, 10.0.10, 9.0.73, 9.0.59, 9.0.56, 9.0.54, 9.0.48, 9.0.41, 9.0.26, 9.0.21, 9.0.12, 9.0.5, 9.0.0.M22, 9.0.0.M20, 9.0.14, 8.5.86, 11.0.0-M6, 8.5.83, 10.1.6, 10.1.0-M16, 10.1.0-M5, 10.0.26, 9.0.69, 10.0.0-M8, 9.0.53, 9.0.43, 9.0.13, 9.0.0.M8, 9.0.33, 9.0.35, 9.0.22, 9.0.16, 9.0.10, 9.0.8, 10.1.10, 9.0.78, 9.0.70, 9.0.29, 9.0.24, 9.0.17, 9.0.11, 9.0.1, 9.0.0.M17, 8.5.91, 8.5.85, 8.5.75, 8.5.72, 8.5.50, 8.5.23, 8.5.12, 8.5.6, 10.1.9, 10.0.27, 10.0.8, 7.0.77, 7.0.50, 8.5.89, 7.0.84, 7.0.90, 8.0.41, 8.0.45, 8.0.49, 8.5.20, 8.5.27, 8.5.29, 8.5.31, 8.5.37, 8.5.47, 8.5.49, 8.5.53, 8.5.55, 8.5.65, 8.5.68, 9.0.55, 9.0.63, 9.0.65, 9.0.67, 9.0.71, 10.0.0-M3, 10.0.0-M4, 10.0.0-M6, 10.0.7, 10.0.13, 10.0.17, 10.0.20, 10.0.21, 10.0.22, 10.1.0-M7, 10.1.0-M14, 10.1.5, 10.1.7, 8.0.12, 8.0.15, 8.0.20, 8.0.32, 8.0.38, 8.5.34, 8.5.35, 8.5.40, 8.5.46, 8.5.56, 8.5.57, 8.5.59, 8.5.60, 8.5.71, 8.5.73, 8.5.77, 8.5.84, 8.5.88, 9.0.0.M11, 9.0.0.M21, 7.0.88, 9.0.0.M19, 9.0.34, 10.0.14, 7.0.70, 7.0.69, 7.0.62, 7.0.56, 7.0.41, 7.0.37, 9.0.2, 9.0.4, 9.0.7, 9.0.40, 8.5.81, 9.0.0.M3, 9.0.0.M13, 9.0.0.M15, 9.0.0.M18, 9.0.31, 9.0.36, 9.0.38, 9.0.39, 9.0.44, 9.0.45, 9.0.46, 9.0.50, 9.0.52, 10.0.18, 10.1.1, 10.1.2, 7.0.78, 7.0.61, 7.0.75, 7.0.63, 10.1.4, 10.1.0-M1, 7.0.79, 7.0.54, 7.0.52, 7.0.108, 8.5.13, 10.1.0-M10, 10.1.0-M15, 8.5.33, 8.5.42, 9.0.0.M4, 8.0.44, 8.0.0-RC3, 8.0.5, 7.0.82, 8.0.17, 9.0.0.M10, 9.0.0.M6, 9.0.0.M9, 7.0.35, 8.0.0-RC1, 7.0.39, 8.0.0-RC10, 8.0.27, 8.0.26, 10.0.11, 10.1.0-M4, 7.0.76, 7.0.67, 8.5.32, 7.0.103, 8.0.42, 8.0.48, 7.0.93, 8.5.41, 9.0.19, 8.0.36, 8.5.3, 9.0.0.M25, 8.5.61, 10.0.0-M10, 10.0.0-M9, 10.0.0-M5, 10.0.12, 10.1.0-M6, 7.0.73, 7.0.72
(Show all)
|
Patch → NO_SAFE_VERSION |
| CVE-2007-3384 |
Multiple cross-site scripting (XSS) vulnerabilities in examples/servlet/CookieExample in Apache Tomcat 3.3 through 3.3.2 allow remote attackers to inject arbitrary web script or HTML via the (1) Name or (2) Value field, related to error messages. |
9.0.68,
11.0.0-M1,
11.0.0-M16,
10.0.0-M1,
11.0.0,
10.1.31,
9.0.96,
9.0.64
, 10.1.30, 11.0.0-M13, 11.0.0-M26, 8.0.28, 10.1.29, 9.0.95, 11.0.0-M25, 9.0.94, 10.1.11, 11.0.0-M9, 11.0.0-M7, 11.0.0-M24, 10.1.28, 9.0.93, 10.1.0-M17, 11.0.0-M22, 10.1.26, 9.0.91, 10.1.0-M8, 10.1.0-M11, 11.0.0-M21, 10.1.25, 9.0.90, 11.0.0-M20, 10.1.24, 11.0.0-M10, 9.0.89, 11.0.0-M4, 10.1.20, 11.0.0-M19, 10.1.23, 9.0.88, 9.0.0.M1, 8.5.100, 8.5.99, 9.0.87, 9.0.76, 9.0.83, 8.5.96, 9.0.62, 11.0.0-M12, 11.0.0-M11, 10.1.15, 10.1.14, 10.1.13, 10.1.12, 9.0.82, 9.0.80, 9.0.81, 9.0.79, 8.5.95, 8.5.94, 8.5.93, 8.5.92, 8.5.82, 8.5.78, 8.5.79, 8.5.76, 8.5.69, 8.5.66, 8.5.58, 8.5.54, 8.5.38, 8.5.30, 8.5.8, 8.5.24, 8.5.28, 8.5.5, 8.0.33, 8.0.21, 8.0.0-RC5, 7.0.104, 8.0.24, 8.0.18, 8.5.64, 8.5.11, 8.5.9, 8.5.4, 8.0.51, 8.0.23, 8.0.22, 8.0.11, 8.0.8, 7.0.81, 7.0.68, 7.0.65, 7.0.59, 7.0.47, 7.0.40, 11.0.0-M3, 10.1.0-M2, 10.1.0-M12, 9.0.0.M26, 8.5.70, 8.0.35, 8.0.37, 8.0.29, 8.0.3, 8.0.1, 10.1.0, 10.0.0, 9.0.72, 9.0.60, 9.0.37, 9.0.30, 9.0.0.M27, 8.5.90, 8.5.45, 8.5.39, 8.5.21, 8.0.52, 8.5.16, 7.0.86, 8.5.2, 8.0.53, 8.0.50, 8.0.47, 8.0.39, 8.0.14, 7.0.106, 7.0.99, 7.0.94, 7.0.92, 7.0.85, 7.0.53, 7.0.42, 10.0.4, 9.0.74, 9.0.58, 9.0.6, 8.5.87, 8.5.63, 8.5.51, 8.5.43, 8.5.19, 8.5.15, 8.5.14, 8.5.0, 8.0.46, 8.0.43, 8.0.30, 8.0.9, 7.0.91, 7.0.57, 7.0.96, 7.0.100, 7.0.105, 7.0.107, 7.0.109, 9.0.20, 9.0.27, 9.0.75, 10.0.0-M7, 10.0.2, 10.0.5, 10.0.6, 10.0.23, 10.1.8, 11.0.0-M5, 7.0.64, 7.0.55, 11.0.0-M18, 10.1.19, 11.0.0-M17, 9.0.86, 11.0.0-M15, 10.1.18, 10.1.17, 9.0.85, 9.0.84, 8.5.98, 8.5.97, 11.0.0-M14, 10.1.16, 10.0.16, 10.0.10, 9.0.73, 9.0.59, 9.0.56, 9.0.54, 9.0.48, 9.0.41, 9.0.26, 9.0.21, 9.0.12, 9.0.5, 9.0.0.M22, 9.0.0.M20, 9.0.14, 8.5.86, 11.0.0-M6, 8.5.83, 10.1.6, 10.1.0-M16, 10.1.0-M5, 10.0.26, 9.0.69, 10.0.0-M8, 9.0.53, 9.0.43, 9.0.13, 9.0.0.M8, 9.0.33, 9.0.35, 9.0.22, 9.0.16, 9.0.10, 9.0.8, 10.1.10, 9.0.78, 9.0.70, 9.0.29, 9.0.24, 9.0.17, 9.0.11, 9.0.1, 9.0.0.M17, 8.5.91, 8.5.85, 8.5.75, 8.5.72, 8.5.50, 8.5.23, 8.5.12, 8.5.6, 10.1.9, 10.0.27, 10.0.8, 7.0.77, 7.0.50, 8.5.89, 7.0.84, 7.0.90, 8.0.41, 8.0.45, 8.0.49, 8.5.20, 8.5.27, 8.5.29, 8.5.31, 8.5.37, 8.5.47, 8.5.49, 8.5.53, 8.5.55, 8.5.65, 8.5.68, 9.0.55, 9.0.63, 9.0.65, 9.0.67, 9.0.71, 10.0.0-M3, 10.0.0-M4, 10.0.0-M6, 10.0.7, 10.0.13, 10.0.17, 10.0.20, 10.0.21, 10.0.22, 10.1.0-M7, 10.1.0-M14, 10.1.5, 10.1.7, 8.0.12, 8.0.15, 8.0.20, 8.0.32, 8.0.38, 8.5.34, 8.5.35, 8.5.40, 8.5.46, 8.5.56, 8.5.57, 8.5.59, 8.5.60, 8.5.71, 8.5.73, 8.5.77, 8.5.84, 8.5.88, 9.0.0.M11, 9.0.0.M21, 7.0.88, 9.0.0.M19, 9.0.34, 10.0.14, 7.0.70, 7.0.69, 7.0.62, 7.0.56, 7.0.41, 7.0.37, 9.0.2, 9.0.4, 9.0.7, 9.0.40, 8.5.81, 9.0.0.M3, 9.0.0.M13, 9.0.0.M15, 9.0.0.M18, 9.0.31, 9.0.36, 9.0.38, 9.0.39, 9.0.44, 9.0.45, 9.0.46, 9.0.50, 9.0.52, 10.0.18, 10.1.1, 10.1.2, 7.0.78, 7.0.61, 7.0.75, 7.0.63, 10.1.4, 10.1.0-M1, 7.0.79, 7.0.54, 7.0.52, 7.0.108, 8.5.13, 10.1.0-M10, 10.1.0-M15, 8.5.33, 8.5.42, 9.0.0.M4, 8.0.44, 8.0.0-RC3, 8.0.5, 7.0.82, 8.0.17, 9.0.0.M10, 9.0.0.M6, 9.0.0.M9, 7.0.35, 8.0.0-RC1, 7.0.39, 8.0.0-RC10, 8.0.27, 8.0.26, 10.0.11, 10.1.0-M4, 7.0.76, 7.0.67, 8.5.32, 7.0.103, 8.0.42, 8.0.48, 7.0.93, 8.5.41, 9.0.19, 8.0.36, 8.5.3, 9.0.0.M25, 8.5.61, 10.0.0-M10, 10.0.0-M9, 10.0.0-M5, 10.0.12, 10.1.0-M6, 7.0.73, 7.0.72
(Show all)
|
Patch → NO_SAFE_VERSION |
| CVE-2007-3383 |
Cross-site scripting (XSS) vulnerability in SendMailServlet in the examples web application (examples/jsp/mail/sendmail.jsp) in Apache Tomcat 4.0.0 through 4.0.6 and 4.1.0 through 4.1.36 allows remote attackers to inject arbitrary web script or HTML via the From field and possibly other fields, related to generation of error messages. |
9.0.68,
11.0.0-M1,
11.0.0-M16,
10.0.0-M1,
11.0.0,
10.1.31,
9.0.96,
9.0.64
, 10.1.30, 11.0.0-M13, 11.0.0-M26, 8.0.28, 10.1.29, 9.0.95, 11.0.0-M25, 9.0.94, 10.1.11, 11.0.0-M9, 11.0.0-M7, 11.0.0-M24, 10.1.28, 9.0.93, 10.1.0-M17, 11.0.0-M22, 10.1.26, 9.0.91, 10.1.0-M8, 10.1.0-M11, 11.0.0-M21, 10.1.25, 9.0.90, 11.0.0-M20, 10.1.24, 11.0.0-M10, 9.0.89, 11.0.0-M4, 10.1.20, 11.0.0-M19, 10.1.23, 9.0.88, 9.0.0.M1, 8.5.100, 8.5.99, 9.0.87, 9.0.76, 9.0.83, 8.5.96, 9.0.62, 11.0.0-M12, 11.0.0-M11, 10.1.15, 10.1.14, 10.1.13, 10.1.12, 9.0.82, 9.0.80, 9.0.81, 9.0.79, 8.5.95, 8.5.94, 8.5.93, 8.5.92, 8.5.82, 8.5.78, 8.5.79, 8.5.76, 8.5.69, 8.5.66, 8.5.58, 8.5.54, 8.5.38, 8.5.30, 8.5.8, 8.5.24, 8.5.28, 8.5.5, 8.0.33, 8.0.21, 8.0.0-RC5, 7.0.104, 8.0.24, 8.0.18, 8.5.64, 8.5.11, 8.5.9, 8.5.4, 8.0.51, 8.0.23, 8.0.22, 8.0.11, 8.0.8, 7.0.81, 7.0.68, 7.0.65, 7.0.59, 7.0.47, 7.0.40, 11.0.0-M3, 10.1.0-M2, 10.1.0-M12, 9.0.0.M26, 8.5.70, 8.0.35, 8.0.37, 8.0.29, 8.0.3, 8.0.1, 10.1.0, 10.0.0, 9.0.72, 9.0.60, 9.0.37, 9.0.30, 9.0.0.M27, 8.5.90, 8.5.45, 8.5.39, 8.5.21, 8.0.52, 8.5.16, 7.0.86, 8.5.2, 8.0.53, 8.0.50, 8.0.47, 8.0.39, 8.0.14, 7.0.106, 7.0.99, 7.0.94, 7.0.92, 7.0.85, 7.0.53, 7.0.42, 10.0.4, 9.0.74, 9.0.58, 9.0.6, 8.5.87, 8.5.63, 8.5.51, 8.5.43, 8.5.19, 8.5.15, 8.5.14, 8.5.0, 8.0.46, 8.0.43, 8.0.30, 8.0.9, 7.0.91, 7.0.57, 7.0.96, 7.0.100, 7.0.105, 7.0.107, 7.0.109, 9.0.20, 9.0.27, 9.0.75, 10.0.0-M7, 10.0.2, 10.0.5, 10.0.6, 10.0.23, 10.1.8, 11.0.0-M5, 7.0.64, 7.0.55, 11.0.0-M18, 10.1.19, 11.0.0-M17, 9.0.86, 11.0.0-M15, 10.1.18, 10.1.17, 9.0.85, 9.0.84, 8.5.98, 8.5.97, 11.0.0-M14, 10.1.16, 10.0.16, 10.0.10, 9.0.73, 9.0.59, 9.0.56, 9.0.54, 9.0.48, 9.0.41, 9.0.26, 9.0.21, 9.0.12, 9.0.5, 9.0.0.M22, 9.0.0.M20, 9.0.14, 8.5.86, 11.0.0-M6, 8.5.83, 10.1.6, 10.1.0-M16, 10.1.0-M5, 10.0.26, 9.0.69, 10.0.0-M8, 9.0.53, 9.0.43, 9.0.13, 9.0.0.M8, 9.0.33, 9.0.35, 9.0.22, 9.0.16, 9.0.10, 9.0.8, 10.1.10, 9.0.78, 9.0.70, 9.0.29, 9.0.24, 9.0.17, 9.0.11, 9.0.1, 9.0.0.M17, 8.5.91, 8.5.85, 8.5.75, 8.5.72, 8.5.50, 8.5.23, 8.5.12, 8.5.6, 10.1.9, 10.0.27, 10.0.8, 7.0.77, 7.0.50, 8.5.89, 7.0.84, 7.0.90, 8.0.41, 8.0.45, 8.0.49, 8.5.20, 8.5.27, 8.5.29, 8.5.31, 8.5.37, 8.5.47, 8.5.49, 8.5.53, 8.5.55, 8.5.65, 8.5.68, 9.0.55, 9.0.63, 9.0.65, 9.0.67, 9.0.71, 10.0.0-M3, 10.0.0-M4, 10.0.0-M6, 10.0.7, 10.0.13, 10.0.17, 10.0.20, 10.0.21, 10.0.22, 10.1.0-M7, 10.1.0-M14, 10.1.5, 10.1.7, 8.0.12, 8.0.15, 8.0.20, 8.0.32, 8.0.38, 8.5.34, 8.5.35, 8.5.40, 8.5.46, 8.5.56, 8.5.57, 8.5.59, 8.5.60, 8.5.71, 8.5.73, 8.5.77, 8.5.84, 8.5.88, 9.0.0.M11, 9.0.0.M21, 7.0.88, 9.0.0.M19, 9.0.34, 10.0.14, 7.0.70, 7.0.69, 7.0.62, 7.0.56, 7.0.41, 7.0.37, 9.0.2, 9.0.4, 9.0.7, 9.0.40, 8.5.81, 9.0.0.M3, 9.0.0.M13, 9.0.0.M15, 9.0.0.M18, 9.0.31, 9.0.36, 9.0.38, 9.0.39, 9.0.44, 9.0.45, 9.0.46, 9.0.50, 9.0.52, 10.0.18, 10.1.1, 10.1.2, 7.0.78, 7.0.61, 7.0.75, 7.0.63, 10.1.4, 10.1.0-M1, 7.0.79, 7.0.54, 7.0.52, 7.0.108, 8.5.13, 10.1.0-M10, 10.1.0-M15, 8.5.33, 8.5.42, 9.0.0.M4, 8.0.44, 8.0.0-RC3, 8.0.5, 7.0.82, 8.0.17, 9.0.0.M10, 9.0.0.M6, 9.0.0.M9, 7.0.35, 8.0.0-RC1, 7.0.39, 8.0.0-RC10, 8.0.27, 8.0.26, 10.0.11, 10.1.0-M4, 7.0.76, 7.0.67, 8.5.32, 7.0.103, 8.0.42, 8.0.48, 7.0.93, 8.5.41, 9.0.19, 8.0.36, 8.5.3, 9.0.0.M25, 8.5.61, 10.0.0-M10, 10.0.0-M9, 10.0.0-M5, 10.0.12, 10.1.0-M6, 7.0.73, 7.0.72
(Show all)
|
Patch → NO_SAFE_VERSION |
| CVE-2007-3382 |
Apache Tomcat 6.0.0 to 6.0.13, 5.5.0 to 5.5.24, 5.0.0 to 5.0.30, 4.1.0 to 4.1.36, and 3.3 to 3.3.2 treats single quotes ("'") as delimiters in cookies, which might cause sensitive information such as session IDs to be leaked and allow remote attackers to conduct session hijacking attacks. |
9.0.68,
11.0.0-M1,
11.0.0-M16,
10.0.0-M1,
11.0.0,
10.1.31,
9.0.96,
9.0.64
, 10.1.30, 11.0.0-M13, 11.0.0-M26, 8.0.28, 10.1.29, 9.0.95, 11.0.0-M25, 9.0.94, 10.1.11, 11.0.0-M9, 11.0.0-M7, 11.0.0-M24, 10.1.28, 9.0.93, 10.1.0-M17, 11.0.0-M22, 10.1.26, 9.0.91, 10.1.0-M8, 10.1.0-M11, 11.0.0-M21, 10.1.25, 9.0.90, 11.0.0-M20, 10.1.24, 11.0.0-M10, 9.0.89, 11.0.0-M4, 10.1.20, 11.0.0-M19, 10.1.23, 9.0.88, 9.0.0.M1, 8.5.100, 8.5.99, 9.0.87, 9.0.76, 9.0.83, 8.5.96, 9.0.62, 11.0.0-M12, 11.0.0-M11, 10.1.15, 10.1.14, 10.1.13, 10.1.12, 9.0.82, 9.0.80, 9.0.81, 9.0.79, 8.5.95, 8.5.94, 8.5.93, 8.5.92, 8.5.82, 8.5.78, 8.5.79, 8.5.76, 8.5.69, 8.5.66, 8.5.58, 8.5.54, 8.5.38, 8.5.30, 8.5.8, 8.5.24, 8.5.28, 8.5.5, 8.0.33, 8.0.21, 8.0.0-RC5, 7.0.104, 8.0.24, 8.0.18, 8.5.64, 8.5.11, 8.5.9, 8.5.4, 8.0.51, 8.0.23, 8.0.22, 8.0.11, 8.0.8, 7.0.81, 7.0.68, 7.0.65, 7.0.59, 7.0.47, 7.0.40, 11.0.0-M3, 10.1.0-M2, 10.1.0-M12, 9.0.0.M26, 8.5.70, 8.0.35, 8.0.37, 8.0.29, 8.0.3, 8.0.1, 10.1.0, 10.0.0, 9.0.72, 9.0.60, 9.0.37, 9.0.30, 9.0.0.M27, 8.5.90, 8.5.45, 8.5.39, 8.5.21, 8.0.52, 8.5.16, 7.0.86, 8.5.2, 8.0.53, 8.0.50, 8.0.47, 8.0.39, 8.0.14, 7.0.106, 7.0.99, 7.0.94, 7.0.92, 7.0.85, 7.0.53, 7.0.42, 10.0.4, 9.0.74, 9.0.58, 9.0.6, 8.5.87, 8.5.63, 8.5.51, 8.5.43, 8.5.19, 8.5.15, 8.5.14, 8.5.0, 8.0.46, 8.0.43, 8.0.30, 8.0.9, 7.0.91, 7.0.57, 7.0.96, 7.0.100, 7.0.105, 7.0.107, 7.0.109, 9.0.20, 9.0.27, 9.0.75, 10.0.0-M7, 10.0.2, 10.0.5, 10.0.6, 10.0.23, 10.1.8, 11.0.0-M5, 7.0.64, 7.0.55, 11.0.0-M18, 10.1.19, 11.0.0-M17, 9.0.86, 11.0.0-M15, 10.1.18, 10.1.17, 9.0.85, 9.0.84, 8.5.98, 8.5.97, 11.0.0-M14, 10.1.16, 10.0.16, 10.0.10, 9.0.73, 9.0.59, 9.0.56, 9.0.54, 9.0.48, 9.0.41, 9.0.26, 9.0.21, 9.0.12, 9.0.5, 9.0.0.M22, 9.0.0.M20, 9.0.14, 8.5.86, 11.0.0-M6, 8.5.83, 10.1.6, 10.1.0-M16, 10.1.0-M5, 10.0.26, 9.0.69, 10.0.0-M8, 9.0.53, 9.0.43, 9.0.13, 9.0.0.M8, 9.0.33, 9.0.35, 9.0.22, 9.0.16, 9.0.10, 9.0.8, 10.1.10, 9.0.78, 9.0.70, 9.0.29, 9.0.24, 9.0.17, 9.0.11, 9.0.1, 9.0.0.M17, 8.5.91, 8.5.85, 8.5.75, 8.5.72, 8.5.50, 8.5.23, 8.5.12, 8.5.6, 10.1.9, 10.0.27, 10.0.8, 7.0.77, 7.0.50, 8.5.89, 7.0.84, 7.0.90, 8.0.41, 8.0.45, 8.0.49, 8.5.20, 8.5.27, 8.5.29, 8.5.31, 8.5.37, 8.5.47, 8.5.49, 8.5.53, 8.5.55, 8.5.65, 8.5.68, 9.0.55, 9.0.63, 9.0.65, 9.0.67, 9.0.71, 10.0.0-M3, 10.0.0-M4, 10.0.0-M6, 10.0.7, 10.0.13, 10.0.17, 10.0.20, 10.0.21, 10.0.22, 10.1.0-M7, 10.1.0-M14, 10.1.5, 10.1.7, 8.0.12, 8.0.15, 8.0.20, 8.0.32, 8.0.38, 8.5.34, 8.5.35, 8.5.40, 8.5.46, 8.5.56, 8.5.57, 8.5.59, 8.5.60, 8.5.71, 8.5.73, 8.5.77, 8.5.84, 8.5.88, 9.0.0.M11, 9.0.0.M21, 7.0.88, 9.0.0.M19, 9.0.34, 10.0.14, 7.0.70, 7.0.69, 7.0.62, 7.0.56, 7.0.41, 7.0.37, 9.0.2, 9.0.4, 9.0.7, 9.0.40, 8.5.81, 9.0.0.M3, 9.0.0.M13, 9.0.0.M15, 9.0.0.M18, 9.0.31, 9.0.36, 9.0.38, 9.0.39, 9.0.44, 9.0.45, 9.0.46, 9.0.50, 9.0.52, 10.0.18, 10.1.1, 10.1.2, 7.0.78, 7.0.61, 7.0.75, 7.0.63, 10.1.4, 10.1.0-M1, 7.0.79, 7.0.54, 7.0.52, 7.0.108, 8.5.13, 10.1.0-M10, 10.1.0-M15, 8.5.33, 8.5.42, 9.0.0.M4, 8.0.44, 8.0.0-RC3, 8.0.5, 7.0.82, 8.0.17, 9.0.0.M10, 9.0.0.M6, 9.0.0.M9, 7.0.35, 8.0.0-RC1, 7.0.39, 8.0.0-RC10, 8.0.27, 8.0.26, 10.0.11, 10.1.0-M4, 7.0.76, 7.0.67, 8.5.32, 7.0.103, 8.0.42, 8.0.48, 7.0.93, 8.5.41, 9.0.19, 8.0.36, 8.5.3, 9.0.0.M25, 8.5.61, 10.0.0-M10, 10.0.0-M9, 10.0.0-M5, 10.0.12, 10.1.0-M6, 7.0.73, 7.0.72
(Show all)
|
Patch → NO_SAFE_VERSION |
| CVE-2007-2449 |
Multiple cross-site scripting (XSS) vulnerabilities in certain JSP files in the examples web application in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0 through 4.1.36, 5.0.0 through 5.0.30, 5.5.0 through 5.5.24, and 6.0.0 through 6.0.13 allow remote attackers to inject arbitrary web script or HTML via the portion of the URI after the ';' character, as demonstrated by a URI containing a "snp/snoop.jsp;" sequence. |
9.0.68,
11.0.0-M1,
11.0.0-M16,
10.0.0-M1,
11.0.0,
10.1.31,
9.0.96,
9.0.64
, 10.1.30, 11.0.0-M13, 11.0.0-M26, 8.0.28, 10.1.29, 9.0.95, 11.0.0-M25, 9.0.94, 10.1.11, 11.0.0-M9, 11.0.0-M7, 11.0.0-M24, 10.1.28, 9.0.93, 10.1.0-M17, 11.0.0-M22, 10.1.26, 9.0.91, 10.1.0-M8, 10.1.0-M11, 11.0.0-M21, 10.1.25, 9.0.90, 11.0.0-M20, 10.1.24, 11.0.0-M10, 9.0.89, 11.0.0-M4, 10.1.20, 11.0.0-M19, 10.1.23, 9.0.88, 9.0.0.M1, 8.5.100, 8.5.99, 9.0.87, 9.0.76, 9.0.83, 8.5.96, 9.0.62, 11.0.0-M12, 11.0.0-M11, 10.1.15, 10.1.14, 10.1.13, 10.1.12, 9.0.82, 9.0.80, 9.0.81, 9.0.79, 8.5.95, 8.5.94, 8.5.93, 8.5.92, 8.5.82, 8.5.78, 8.5.79, 8.5.76, 8.5.69, 8.5.66, 8.5.58, 8.5.54, 8.5.38, 8.5.30, 8.5.8, 8.5.24, 8.5.28, 8.5.5, 8.0.33, 8.0.21, 8.0.0-RC5, 7.0.104, 8.0.24, 8.0.18, 8.5.64, 8.5.11, 8.5.9, 8.5.4, 8.0.51, 8.0.23, 8.0.22, 8.0.11, 8.0.8, 7.0.81, 7.0.68, 7.0.65, 7.0.59, 7.0.47, 7.0.40, 11.0.0-M3, 10.1.0-M2, 10.1.0-M12, 9.0.0.M26, 8.5.70, 8.0.35, 8.0.37, 8.0.29, 8.0.3, 8.0.1, 10.1.0, 10.0.0, 9.0.72, 9.0.60, 9.0.37, 9.0.30, 9.0.0.M27, 8.5.90, 8.5.45, 8.5.39, 8.5.21, 8.0.52, 8.5.16, 7.0.86, 8.5.2, 8.0.53, 8.0.50, 8.0.47, 8.0.39, 8.0.14, 7.0.106, 7.0.99, 7.0.94, 7.0.92, 7.0.85, 7.0.53, 7.0.42, 10.0.4, 9.0.74, 9.0.58, 9.0.6, 8.5.87, 8.5.63, 8.5.51, 8.5.43, 8.5.19, 8.5.15, 8.5.14, 8.5.0, 8.0.46, 8.0.43, 8.0.30, 8.0.9, 7.0.91, 7.0.57, 7.0.96, 7.0.100, 7.0.105, 7.0.107, 7.0.109, 9.0.20, 9.0.27, 9.0.75, 10.0.0-M7, 10.0.2, 10.0.5, 10.0.6, 10.0.23, 10.1.8, 11.0.0-M5, 7.0.64, 7.0.55, 11.0.0-M18, 10.1.19, 11.0.0-M17, 9.0.86, 11.0.0-M15, 10.1.18, 10.1.17, 9.0.85, 9.0.84, 8.5.98, 8.5.97, 11.0.0-M14, 10.1.16, 10.0.16, 10.0.10, 9.0.73, 9.0.59, 9.0.56, 9.0.54, 9.0.48, 9.0.41, 9.0.26, 9.0.21, 9.0.12, 9.0.5, 9.0.0.M22, 9.0.0.M20, 9.0.14, 8.5.86, 11.0.0-M6, 8.5.83, 10.1.6, 10.1.0-M16, 10.1.0-M5, 10.0.26, 9.0.69, 10.0.0-M8, 9.0.53, 9.0.43, 9.0.13, 9.0.0.M8, 9.0.33, 9.0.35, 9.0.22, 9.0.16, 9.0.10, 9.0.8, 10.1.10, 9.0.78, 9.0.70, 9.0.29, 9.0.24, 9.0.17, 9.0.11, 9.0.1, 9.0.0.M17, 8.5.91, 8.5.85, 8.5.75, 8.5.72, 8.5.50, 8.5.23, 8.5.12, 8.5.6, 10.1.9, 10.0.27, 10.0.8, 7.0.77, 7.0.50, 8.5.89, 7.0.84, 7.0.90, 8.0.41, 8.0.45, 8.0.49, 8.5.20, 8.5.27, 8.5.29, 8.5.31, 8.5.37, 8.5.47, 8.5.49, 8.5.53, 8.5.55, 8.5.65, 8.5.68, 9.0.55, 9.0.63, 9.0.65, 9.0.67, 9.0.71, 10.0.0-M3, 10.0.0-M4, 10.0.0-M6, 10.0.7, 10.0.13, 10.0.17, 10.0.20, 10.0.21, 10.0.22, 10.1.0-M7, 10.1.0-M14, 10.1.5, 10.1.7, 8.0.12, 8.0.15, 8.0.20, 8.0.32, 8.0.38, 8.5.34, 8.5.35, 8.5.40, 8.5.46, 8.5.56, 8.5.57, 8.5.59, 8.5.60, 8.5.71, 8.5.73, 8.5.77, 8.5.84, 8.5.88, 9.0.0.M11, 9.0.0.M21, 7.0.88, 9.0.0.M19, 9.0.34, 10.0.14, 7.0.70, 7.0.69, 7.0.62, 7.0.56, 7.0.41, 7.0.37, 9.0.2, 9.0.4, 9.0.7, 9.0.40, 8.5.81, 9.0.0.M3, 9.0.0.M13, 9.0.0.M15, 9.0.0.M18, 9.0.31, 9.0.36, 9.0.38, 9.0.39, 9.0.44, 9.0.45, 9.0.46, 9.0.50, 9.0.52, 10.0.18, 10.1.1, 10.1.2, 7.0.78, 7.0.61, 7.0.75, 7.0.63, 10.1.4, 10.1.0-M1, 7.0.79, 7.0.54, 7.0.52, 7.0.108, 8.5.13, 10.1.0-M10, 10.1.0-M15, 8.5.33, 8.5.42, 9.0.0.M4, 8.0.44, 8.0.0-RC3, 8.0.5, 7.0.82, 8.0.17, 9.0.0.M10, 9.0.0.M6, 9.0.0.M9, 7.0.35, 8.0.0-RC1, 7.0.39, 8.0.0-RC10, 8.0.27, 8.0.26, 10.0.11, 10.1.0-M4, 7.0.76, 7.0.67, 8.5.32, 7.0.103, 8.0.42, 8.0.48, 7.0.93, 8.5.41, 9.0.19, 8.0.36, 8.5.3, 9.0.0.M25, 8.5.61, 10.0.0-M10, 10.0.0-M9, 10.0.0-M5, 10.0.12, 10.1.0-M6, 7.0.73, 7.0.72
(Show all)
|
Patch → NO_SAFE_VERSION |
| CVE-2005-4836 |
The HTTP/1.1 connector in Apache Tomcat 4.1.15 through 4.1.40 does not reject NULL bytes in a URL when allowLinking is configured, which allows remote attackers to read JSP source files and obtain sensitive information. |
9.0.68,
11.0.0-M1,
11.0.0-M16,
10.0.0-M1,
11.0.0,
10.1.31,
9.0.96,
9.0.64
, 10.1.30, 11.0.0-M13, 11.0.0-M26, 8.0.28, 10.1.29, 9.0.95, 11.0.0-M25, 9.0.94, 10.1.11, 11.0.0-M9, 11.0.0-M7, 11.0.0-M24, 10.1.28, 9.0.93, 10.1.0-M17, 11.0.0-M22, 10.1.26, 9.0.91, 10.1.0-M8, 10.1.0-M11, 11.0.0-M21, 10.1.25, 9.0.90, 11.0.0-M20, 10.1.24, 11.0.0-M10, 9.0.89, 11.0.0-M4, 10.1.20, 11.0.0-M19, 10.1.23, 9.0.88, 9.0.0.M1, 8.5.100, 8.5.99, 9.0.87, 9.0.76, 9.0.83, 8.5.96, 9.0.62, 11.0.0-M12, 11.0.0-M11, 10.1.15, 10.1.14, 10.1.13, 10.1.12, 9.0.82, 9.0.80, 9.0.81, 9.0.79, 8.5.95, 8.5.94, 8.5.93, 8.5.92, 8.5.82, 8.5.78, 8.5.79, 8.5.76, 8.5.69, 8.5.66, 8.5.58, 8.5.54, 8.5.38, 8.5.30, 8.5.8, 8.5.24, 8.5.28, 8.5.5, 8.0.33, 8.0.21, 8.0.0-RC5, 7.0.104, 8.0.24, 8.0.18, 8.5.64, 8.5.11, 8.5.9, 8.5.4, 8.0.51, 8.0.23, 8.0.22, 8.0.11, 8.0.8, 7.0.81, 7.0.68, 7.0.65, 7.0.59, 7.0.47, 7.0.40, 11.0.0-M3, 10.1.0-M2, 10.1.0-M12, 9.0.0.M26, 8.5.70, 8.0.35, 8.0.37, 8.0.29, 8.0.3, 8.0.1, 10.1.0, 10.0.0, 9.0.72, 9.0.60, 9.0.37, 9.0.30, 9.0.0.M27, 8.5.90, 8.5.45, 8.5.39, 8.5.21, 8.0.52, 8.5.16, 7.0.86, 8.5.2, 8.0.53, 8.0.50, 8.0.47, 8.0.39, 8.0.14, 7.0.106, 7.0.99, 7.0.94, 7.0.92, 7.0.85, 7.0.53, 7.0.42, 10.0.4, 9.0.74, 9.0.58, 9.0.6, 8.5.87, 8.5.63, 8.5.51, 8.5.43, 8.5.19, 8.5.15, 8.5.14, 8.5.0, 8.0.46, 8.0.43, 8.0.30, 8.0.9, 7.0.91, 7.0.57, 7.0.96, 7.0.100, 7.0.105, 7.0.107, 7.0.109, 9.0.20, 9.0.27, 9.0.75, 10.0.0-M7, 10.0.2, 10.0.5, 10.0.6, 10.0.23, 10.1.8, 11.0.0-M5, 7.0.64, 7.0.55, 11.0.0-M18, 10.1.19, 11.0.0-M17, 9.0.86, 11.0.0-M15, 10.1.18, 10.1.17, 9.0.85, 9.0.84, 8.5.98, 8.5.97, 11.0.0-M14, 10.1.16, 10.0.16, 10.0.10, 9.0.73, 9.0.59, 9.0.56, 9.0.54, 9.0.48, 9.0.41, 9.0.26, 9.0.21, 9.0.12, 9.0.5, 9.0.0.M22, 9.0.0.M20, 9.0.14, 8.5.86, 11.0.0-M6, 8.5.83, 10.1.6, 10.1.0-M16, 10.1.0-M5, 10.0.26, 9.0.69, 10.0.0-M8, 9.0.53, 9.0.43, 9.0.13, 9.0.0.M8, 9.0.33, 9.0.35, 9.0.22, 9.0.16, 9.0.10, 9.0.8, 10.1.10, 9.0.78, 9.0.70, 9.0.29, 9.0.24, 9.0.17, 9.0.11, 9.0.1, 9.0.0.M17, 8.5.91, 8.5.85, 8.5.75, 8.5.72, 8.5.50, 8.5.23, 8.5.12, 8.5.6, 10.1.9, 10.0.27, 10.0.8, 7.0.77, 7.0.50, 8.5.89, 7.0.84, 7.0.90, 8.0.41, 8.0.45, 8.0.49, 8.5.20, 8.5.27, 8.5.29, 8.5.31, 8.5.37, 8.5.47, 8.5.49, 8.5.53, 8.5.55, 8.5.65, 8.5.68, 9.0.55, 9.0.63, 9.0.65, 9.0.67, 9.0.71, 10.0.0-M3, 10.0.0-M4, 10.0.0-M6, 10.0.7, 10.0.13, 10.0.17, 10.0.20, 10.0.21, 10.0.22, 10.1.0-M7, 10.1.0-M14, 10.1.5, 10.1.7, 8.0.12, 8.0.15, 8.0.20, 8.0.32, 8.0.38, 8.5.34, 8.5.35, 8.5.40, 8.5.46, 8.5.56, 8.5.57, 8.5.59, 8.5.60, 8.5.71, 8.5.73, 8.5.77, 8.5.84, 8.5.88, 9.0.0.M11, 9.0.0.M21, 7.0.88, 9.0.0.M19, 9.0.34, 10.0.14, 7.0.70, 7.0.69, 7.0.62, 7.0.56, 7.0.41, 7.0.37, 9.0.2, 9.0.4, 9.0.7, 9.0.40, 8.5.81, 9.0.0.M3, 9.0.0.M13, 9.0.0.M15, 9.0.0.M18, 9.0.31, 9.0.36, 9.0.38, 9.0.39, 9.0.44, 9.0.45, 9.0.46, 9.0.50, 9.0.52, 10.0.18, 10.1.1, 10.1.2, 7.0.78, 7.0.61, 7.0.75, 7.0.63, 10.1.4, 10.1.0-M1, 7.0.79, 7.0.54, 7.0.52, 7.0.108, 8.5.13, 10.1.0-M10, 10.1.0-M15, 8.5.33, 8.5.42, 9.0.0.M4, 8.0.44, 8.0.0-RC3, 8.0.5, 7.0.82, 8.0.17, 9.0.0.M10, 9.0.0.M6, 9.0.0.M9, 7.0.35, 8.0.0-RC1, 7.0.39, 8.0.0-RC10, 8.0.27, 8.0.26, 10.0.11, 10.1.0-M4, 7.0.76, 7.0.67, 8.5.32, 7.0.103, 8.0.42, 8.0.48, 7.0.93, 8.5.41, 9.0.19, 8.0.36, 8.5.3, 9.0.0.M25, 8.5.61, 10.0.0-M10, 10.0.0-M9, 10.0.0-M5, 10.0.12, 10.1.0-M6, 7.0.73, 7.0.72
(Show all)
|
Patch → NO_SAFE_VERSION |
| CVE-2005-4703 |
Apache Tomcat 4.0.3, when running on Windows, allows remote attackers to obtain sensitive information via a request for a file that contains an MS-DOS device name such as lpt9, which leaks the pathname in an error message, as demonstrated by lpt9.xtp using Nikto. |
9.0.68,
11.0.0-M1,
11.0.0-M16,
10.0.0-M1,
11.0.0,
10.1.31,
9.0.96,
9.0.64
, 10.1.30, 11.0.0-M13, 11.0.0-M26, 8.0.28, 10.1.29, 9.0.95, 11.0.0-M25, 9.0.94, 10.1.11, 11.0.0-M9, 11.0.0-M7, 11.0.0-M24, 10.1.28, 9.0.93, 10.1.0-M17, 11.0.0-M22, 10.1.26, 9.0.91, 10.1.0-M8, 10.1.0-M11, 11.0.0-M21, 10.1.25, 9.0.90, 11.0.0-M20, 10.1.24, 11.0.0-M10, 9.0.89, 11.0.0-M4, 10.1.20, 11.0.0-M19, 10.1.23, 9.0.88, 9.0.0.M1, 8.5.100, 8.5.99, 9.0.87, 9.0.76, 9.0.83, 8.5.96, 9.0.62, 11.0.0-M12, 11.0.0-M11, 10.1.15, 10.1.14, 10.1.13, 10.1.12, 9.0.82, 9.0.80, 9.0.81, 9.0.79, 8.5.95, 8.5.94, 8.5.93, 8.5.92, 8.5.82, 8.5.78, 8.5.79, 8.5.76, 8.5.69, 8.5.66, 8.5.58, 8.5.54, 8.5.38, 8.5.30, 8.5.8, 8.5.24, 8.5.28, 8.5.5, 8.0.33, 8.0.21, 8.0.0-RC5, 7.0.104, 8.0.24, 8.0.18, 8.5.64, 8.5.11, 8.5.9, 8.5.4, 8.0.51, 8.0.23, 8.0.22, 8.0.11, 8.0.8, 7.0.81, 7.0.68, 7.0.65, 7.0.59, 7.0.47, 7.0.40, 11.0.0-M3, 10.1.0-M2, 10.1.0-M12, 9.0.0.M26, 8.5.70, 8.0.35, 8.0.37, 8.0.29, 8.0.3, 8.0.1, 10.1.0, 10.0.0, 9.0.72, 9.0.60, 9.0.37, 9.0.30, 9.0.0.M27, 8.5.90, 8.5.45, 8.5.39, 8.5.21, 8.0.52, 8.5.16, 7.0.86, 8.5.2, 8.0.53, 8.0.50, 8.0.47, 8.0.39, 8.0.14, 7.0.106, 7.0.99, 7.0.94, 7.0.92, 7.0.85, 7.0.53, 7.0.42, 10.0.4, 9.0.74, 9.0.58, 9.0.6, 8.5.87, 8.5.63, 8.5.51, 8.5.43, 8.5.19, 8.5.15, 8.5.14, 8.5.0, 8.0.46, 8.0.43, 8.0.30, 8.0.9, 7.0.91, 7.0.57, 7.0.96, 7.0.100, 7.0.105, 7.0.107, 7.0.109, 9.0.20, 9.0.27, 9.0.75, 10.0.0-M7, 10.0.2, 10.0.5, 10.0.6, 10.0.23, 10.1.8, 11.0.0-M5, 7.0.64, 7.0.55, 11.0.0-M18, 10.1.19, 11.0.0-M17, 9.0.86, 11.0.0-M15, 10.1.18, 10.1.17, 9.0.85, 9.0.84, 8.5.98, 8.5.97, 11.0.0-M14, 10.1.16, 10.0.16, 10.0.10, 9.0.73, 9.0.59, 9.0.56, 9.0.54, 9.0.48, 9.0.41, 9.0.26, 9.0.21, 9.0.12, 9.0.5, 9.0.0.M22, 9.0.0.M20, 9.0.14, 8.5.86, 11.0.0-M6, 8.5.83, 10.1.6, 10.1.0-M16, 10.1.0-M5, 10.0.26, 9.0.69, 10.0.0-M8, 9.0.53, 9.0.43, 9.0.13, 9.0.0.M8, 9.0.33, 9.0.35, 9.0.22, 9.0.16, 9.0.10, 9.0.8, 10.1.10, 9.0.78, 9.0.70, 9.0.29, 9.0.24, 9.0.17, 9.0.11, 9.0.1, 9.0.0.M17, 8.5.91, 8.5.85, 8.5.75, 8.5.72, 8.5.50, 8.5.23, 8.5.12, 8.5.6, 10.1.9, 10.0.27, 10.0.8, 7.0.77, 7.0.50, 8.5.89, 7.0.84, 7.0.90, 8.0.41, 8.0.45, 8.0.49, 8.5.20, 8.5.27, 8.5.29, 8.5.31, 8.5.37, 8.5.47, 8.5.49, 8.5.53, 8.5.55, 8.5.65, 8.5.68, 9.0.55, 9.0.63, 9.0.65, 9.0.67, 9.0.71, 10.0.0-M3, 10.0.0-M4, 10.0.0-M6, 10.0.7, 10.0.13, 10.0.17, 10.0.20, 10.0.21, 10.0.22, 10.1.0-M7, 10.1.0-M14, 10.1.5, 10.1.7, 8.0.12, 8.0.15, 8.0.20, 8.0.32, 8.0.38, 8.5.34, 8.5.35, 8.5.40, 8.5.46, 8.5.56, 8.5.57, 8.5.59, 8.5.60, 8.5.71, 8.5.73, 8.5.77, 8.5.84, 8.5.88, 9.0.0.M11, 9.0.0.M21, 7.0.88, 9.0.0.M19, 9.0.34, 10.0.14, 7.0.70, 7.0.69, 7.0.62, 7.0.56, 7.0.41, 7.0.37, 9.0.2, 9.0.4, 9.0.7, 9.0.40, 8.5.81, 9.0.0.M3, 9.0.0.M13, 9.0.0.M15, 9.0.0.M18, 9.0.31, 9.0.36, 9.0.38, 9.0.39, 9.0.44, 9.0.45, 9.0.46, 9.0.50, 9.0.52, 10.0.18, 10.1.1, 10.1.2, 7.0.78, 7.0.61, 7.0.75, 7.0.63, 10.1.4, 10.1.0-M1, 7.0.79, 7.0.54, 7.0.52, 7.0.108, 8.5.13, 10.1.0-M10, 10.1.0-M15, 8.5.33, 8.5.42, 9.0.0.M4, 8.0.44, 8.0.0-RC3, 8.0.5, 7.0.82, 8.0.17, 9.0.0.M10, 9.0.0.M6, 9.0.0.M9, 7.0.35, 8.0.0-RC1, 7.0.39, 8.0.0-RC10, 8.0.27, 8.0.26, 10.0.11, 10.1.0-M4, 7.0.76, 7.0.67, 8.5.32, 7.0.103, 8.0.42, 8.0.48, 7.0.93, 8.5.41, 9.0.19, 8.0.36, 8.5.3, 9.0.0.M25, 8.5.61, 10.0.0-M10, 10.0.0-M9, 10.0.0-M5, 10.0.12, 10.1.0-M6, 7.0.73, 7.0.72
(Show all)
|
Patch → NO_SAFE_VERSION |
| CVE-2001-0829 |
A cross-site scripting vulnerability in Apache Tomcat 3.2.1 allows a malicious webmaster to embed Javascript in a request for a .JSP file, which causes the Javascript to be inserted into an error message. |
9.0.68,
11.0.0-M1,
11.0.0-M16,
10.0.0-M1,
11.0.0,
10.1.31,
9.0.96,
9.0.64
, 10.1.30, 11.0.0-M13, 11.0.0-M26, 8.0.28, 10.1.29, 9.0.95, 11.0.0-M25, 9.0.94, 10.1.11, 11.0.0-M9, 11.0.0-M7, 11.0.0-M24, 10.1.28, 9.0.93, 10.1.0-M17, 11.0.0-M22, 10.1.26, 9.0.91, 10.1.0-M8, 10.1.0-M11, 11.0.0-M21, 10.1.25, 9.0.90, 11.0.0-M20, 10.1.24, 11.0.0-M10, 9.0.89, 11.0.0-M4, 10.1.20, 11.0.0-M19, 10.1.23, 9.0.88, 9.0.0.M1, 8.5.100, 8.5.99, 9.0.87, 9.0.76, 9.0.83, 8.5.96, 9.0.62, 11.0.0-M12, 11.0.0-M11, 10.1.15, 10.1.14, 10.1.13, 10.1.12, 9.0.82, 9.0.80, 9.0.81, 9.0.79, 8.5.95, 8.5.94, 8.5.93, 8.5.92, 8.5.82, 8.5.78, 8.5.79, 8.5.76, 8.5.69, 8.5.66, 8.5.58, 8.5.54, 8.5.38, 8.5.30, 8.5.8, 8.5.24, 8.5.28, 8.5.5, 8.0.33, 8.0.21, 8.0.0-RC5, 7.0.104, 8.0.24, 8.0.18, 8.5.64, 8.5.11, 8.5.9, 8.5.4, 8.0.51, 8.0.23, 8.0.22, 8.0.11, 8.0.8, 7.0.81, 7.0.68, 7.0.65, 7.0.59, 7.0.47, 7.0.40, 11.0.0-M3, 10.1.0-M2, 10.1.0-M12, 9.0.0.M26, 8.5.70, 8.0.35, 8.0.37, 8.0.29, 8.0.3, 8.0.1, 10.1.0, 10.0.0, 9.0.72, 9.0.60, 9.0.37, 9.0.30, 9.0.0.M27, 8.5.90, 8.5.45, 8.5.39, 8.5.21, 8.0.52, 8.5.16, 7.0.86, 8.5.2, 8.0.53, 8.0.50, 8.0.47, 8.0.39, 8.0.14, 7.0.106, 7.0.99, 7.0.94, 7.0.92, 7.0.85, 7.0.53, 7.0.42, 10.0.4, 9.0.74, 9.0.58, 9.0.6, 8.5.87, 8.5.63, 8.5.51, 8.5.43, 8.5.19, 8.5.15, 8.5.14, 8.5.0, 8.0.46, 8.0.43, 8.0.30, 8.0.9, 7.0.91, 7.0.57, 7.0.96, 7.0.100, 7.0.105, 7.0.107, 7.0.109, 9.0.20, 9.0.27, 9.0.75, 10.0.0-M7, 10.0.2, 10.0.5, 10.0.6, 10.0.23, 10.1.8, 11.0.0-M5, 7.0.64, 7.0.55, 11.0.0-M18, 10.1.19, 11.0.0-M17, 9.0.86, 11.0.0-M15, 10.1.18, 10.1.17, 9.0.85, 9.0.84, 8.5.98, 8.5.97, 11.0.0-M14, 10.1.16, 10.0.16, 10.0.10, 9.0.73, 9.0.59, 9.0.56, 9.0.54, 9.0.48, 9.0.41, 9.0.26, 9.0.21, 9.0.12, 9.0.5, 9.0.0.M22, 9.0.0.M20, 9.0.14, 8.5.86, 11.0.0-M6, 8.5.83, 10.1.6, 10.1.0-M16, 10.1.0-M5, 10.0.26, 9.0.69, 10.0.0-M8, 9.0.53, 9.0.43, 9.0.13, 9.0.0.M8, 9.0.33, 9.0.35, 9.0.22, 9.0.16, 9.0.10, 9.0.8, 10.1.10, 9.0.78, 9.0.70, 9.0.29, 9.0.24, 9.0.17, 9.0.11, 9.0.1, 9.0.0.M17, 8.5.91, 8.5.85, 8.5.75, 8.5.72, 8.5.50, 8.5.23, 8.5.12, 8.5.6, 10.1.9, 10.0.27, 10.0.8, 7.0.77, 7.0.50, 8.5.89, 7.0.84, 7.0.90, 8.0.41, 8.0.45, 8.0.49, 8.5.20, 8.5.27, 8.5.29, 8.5.31, 8.5.37, 8.5.47, 8.5.49, 8.5.53, 8.5.55, 8.5.65, 8.5.68, 9.0.55, 9.0.63, 9.0.65, 9.0.67, 9.0.71, 10.0.0-M3, 10.0.0-M4, 10.0.0-M6, 10.0.7, 10.0.13, 10.0.17, 10.0.20, 10.0.21, 10.0.22, 10.1.0-M7, 10.1.0-M14, 10.1.5, 10.1.7, 8.0.12, 8.0.15, 8.0.20, 8.0.32, 8.0.38, 8.5.34, 8.5.35, 8.5.40, 8.5.46, 8.5.56, 8.5.57, 8.5.59, 8.5.60, 8.5.71, 8.5.73, 8.5.77, 8.5.84, 8.5.88, 9.0.0.M11, 9.0.0.M21, 7.0.88, 9.0.0.M19, 9.0.34, 10.0.14, 7.0.70, 7.0.69, 7.0.62, 7.0.56, 7.0.41, 7.0.37, 9.0.2, 9.0.4, 9.0.7, 9.0.40, 8.5.81, 9.0.0.M3, 9.0.0.M13, 9.0.0.M15, 9.0.0.M18, 9.0.31, 9.0.36, 9.0.38, 9.0.39, 9.0.44, 9.0.45, 9.0.46, 9.0.50, 9.0.52, 10.0.18, 10.1.1, 10.1.2, 7.0.78, 7.0.61, 7.0.75, 7.0.63, 10.1.4, 10.1.0-M1, 7.0.79, 7.0.54, 7.0.52, 7.0.108, 8.5.13, 10.1.0-M10, 10.1.0-M15, 8.5.33, 8.5.42, 9.0.0.M4, 8.0.44, 8.0.0-RC3, 8.0.5, 7.0.82, 8.0.17, 9.0.0.M10, 9.0.0.M6, 9.0.0.M9, 7.0.35, 8.0.0-RC1, 7.0.39, 8.0.0-RC10, 8.0.27, 8.0.26, 10.0.11, 10.1.0-M4, 7.0.76, 7.0.67, 8.5.32, 7.0.103, 8.0.42, 8.0.48, 7.0.93, 8.5.41, 9.0.19, 8.0.36, 8.5.3, 9.0.0.M25, 8.5.61, 10.0.0-M10, 10.0.0-M9, 10.0.0-M5, 10.0.12, 10.1.0-M6, 7.0.73, 7.0.72
(Show all)
|
Patch → NO_SAFE_VERSION |
| CVE-2000-1210 |
Directory traversal vulnerability in source.jsp of Apache Tomcat before 3.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the argument to source.jsp. |
9.0.68,
11.0.0-M1,
11.0.0-M16,
10.0.0-M1,
11.0.0,
10.1.31,
9.0.96,
9.0.64
, 10.1.30, 11.0.0-M13, 11.0.0-M26, 8.0.28, 10.1.29, 9.0.95, 11.0.0-M25, 9.0.94, 10.1.11, 11.0.0-M9, 11.0.0-M7, 11.0.0-M24, 10.1.28, 9.0.93, 10.1.0-M17, 11.0.0-M22, 10.1.26, 9.0.91, 10.1.0-M8, 10.1.0-M11, 11.0.0-M21, 10.1.25, 9.0.90, 11.0.0-M20, 10.1.24, 11.0.0-M10, 9.0.89, 11.0.0-M4, 10.1.20, 11.0.0-M19, 10.1.23, 9.0.88, 9.0.0.M1, 8.5.100, 8.5.99, 9.0.87, 9.0.76, 9.0.83, 8.5.96, 9.0.62, 11.0.0-M12, 11.0.0-M11, 10.1.15, 10.1.14, 10.1.13, 10.1.12, 9.0.82, 9.0.80, 9.0.81, 9.0.79, 8.5.95, 8.5.94, 8.5.93, 8.5.92, 8.5.82, 8.5.78, 8.5.79, 8.5.76, 8.5.69, 8.5.66, 8.5.58, 8.5.54, 8.5.38, 8.5.30, 8.5.8, 8.5.24, 8.5.28, 8.5.5, 8.0.33, 8.0.21, 8.0.0-RC5, 7.0.104, 8.0.24, 8.0.18, 8.5.64, 8.5.11, 8.5.9, 8.5.4, 8.0.51, 8.0.23, 8.0.22, 8.0.11, 8.0.8, 7.0.81, 7.0.68, 7.0.65, 7.0.59, 7.0.47, 7.0.40, 11.0.0-M3, 10.1.0-M2, 10.1.0-M12, 9.0.0.M26, 8.5.70, 8.0.35, 8.0.37, 8.0.29, 8.0.3, 8.0.1, 10.1.0, 10.0.0, 9.0.72, 9.0.60, 9.0.37, 9.0.30, 9.0.0.M27, 8.5.90, 8.5.45, 8.5.39, 8.5.21, 8.0.52, 8.5.16, 7.0.86, 8.5.2, 8.0.53, 8.0.50, 8.0.47, 8.0.39, 8.0.14, 7.0.106, 7.0.99, 7.0.94, 7.0.92, 7.0.85, 7.0.53, 7.0.42, 10.0.4, 9.0.74, 9.0.58, 9.0.6, 8.5.87, 8.5.63, 8.5.51, 8.5.43, 8.5.19, 8.5.15, 8.5.14, 8.5.0, 8.0.46, 8.0.43, 8.0.30, 8.0.9, 7.0.91, 7.0.57, 7.0.96, 7.0.100, 7.0.105, 7.0.107, 7.0.109, 9.0.20, 9.0.27, 9.0.75, 10.0.0-M7, 10.0.2, 10.0.5, 10.0.6, 10.0.23, 10.1.8, 11.0.0-M5, 7.0.64, 7.0.55, 11.0.0-M18, 10.1.19, 11.0.0-M17, 9.0.86, 11.0.0-M15, 10.1.18, 10.1.17, 9.0.85, 9.0.84, 8.5.98, 8.5.97, 11.0.0-M14, 10.1.16, 10.0.16, 10.0.10, 9.0.73, 9.0.59, 9.0.56, 9.0.54, 9.0.48, 9.0.41, 9.0.26, 9.0.21, 9.0.12, 9.0.5, 9.0.0.M22, 9.0.0.M20, 9.0.14, 8.5.86, 11.0.0-M6, 8.5.83, 10.1.6, 10.1.0-M16, 10.1.0-M5, 10.0.26, 9.0.69, 10.0.0-M8, 9.0.53, 9.0.43, 9.0.13, 9.0.0.M8, 9.0.33, 9.0.35, 9.0.22, 9.0.16, 9.0.10, 9.0.8, 10.1.10, 9.0.78, 9.0.70, 9.0.29, 9.0.24, 9.0.17, 9.0.11, 9.0.1, 9.0.0.M17, 8.5.91, 8.5.85, 8.5.75, 8.5.72, 8.5.50, 8.5.23, 8.5.12, 8.5.6, 10.1.9, 10.0.27, 10.0.8, 7.0.77, 7.0.50, 8.5.89, 7.0.84, 7.0.90, 8.0.41, 8.0.45, 8.0.49, 8.5.20, 8.5.27, 8.5.29, 8.5.31, 8.5.37, 8.5.47, 8.5.49, 8.5.53, 8.5.55, 8.5.65, 8.5.68, 9.0.55, 9.0.63, 9.0.65, 9.0.67, 9.0.71, 10.0.0-M3, 10.0.0-M4, 10.0.0-M6, 10.0.7, 10.0.13, 10.0.17, 10.0.20, 10.0.21, 10.0.22, 10.1.0-M7, 10.1.0-M14, 10.1.5, 10.1.7, 8.0.12, 8.0.15, 8.0.20, 8.0.32, 8.0.38, 8.5.34, 8.5.35, 8.5.40, 8.5.46, 8.5.56, 8.5.57, 8.5.59, 8.5.60, 8.5.71, 8.5.73, 8.5.77, 8.5.84, 8.5.88, 9.0.0.M11, 9.0.0.M21, 7.0.88, 9.0.0.M19, 9.0.34, 10.0.14, 7.0.70, 7.0.69, 7.0.62, 7.0.56, 7.0.41, 7.0.37, 9.0.2, 9.0.4, 9.0.7, 9.0.40, 8.5.81, 9.0.0.M3, 9.0.0.M13, 9.0.0.M15, 9.0.0.M18, 9.0.31, 9.0.36, 9.0.38, 9.0.39, 9.0.44, 9.0.45, 9.0.46, 9.0.50, 9.0.52, 10.0.18, 10.1.1, 10.1.2, 7.0.78, 7.0.61, 7.0.75, 7.0.63, 10.1.4, 10.1.0-M1, 7.0.79, 7.0.54, 7.0.52, 7.0.108, 8.5.13, 10.1.0-M10, 10.1.0-M15, 8.5.33, 8.5.42, 9.0.0.M4, 8.0.44, 8.0.0-RC3, 8.0.5, 7.0.82, 8.0.17, 9.0.0.M10, 9.0.0.M6, 9.0.0.M9, 7.0.35, 8.0.0-RC1, 7.0.39, 8.0.0-RC10, 8.0.27, 8.0.26, 10.0.11, 10.1.0-M4, 7.0.76, 7.0.67, 8.5.32, 7.0.103, 8.0.42, 8.0.48, 7.0.93, 8.5.41, 9.0.19, 8.0.36, 8.5.3, 9.0.0.M25, 8.5.61, 10.0.0-M10, 10.0.0-M9, 10.0.0-M5, 10.0.12, 10.1.0-M6, 7.0.73, 7.0.72
(Show all)
|
Patch → NO_SAFE_VERSION |
| CVE-2000-0759 |
Jakarta Tomcat 3.1 under Apache reveals physical path information when a remote attacker requests a URL that does not exist, which generates an error message that includes the physical path. |
9.0.68,
11.0.0-M1,
11.0.0-M16,
10.0.0-M1,
11.0.0,
10.1.31,
9.0.96,
9.0.64
, 10.1.30, 11.0.0-M13, 11.0.0-M26, 8.0.28, 10.1.29, 9.0.95, 11.0.0-M25, 9.0.94, 10.1.11, 11.0.0-M9, 11.0.0-M7, 11.0.0-M24, 10.1.28, 9.0.93, 10.1.0-M17, 11.0.0-M22, 10.1.26, 9.0.91, 10.1.0-M8, 10.1.0-M11, 11.0.0-M21, 10.1.25, 9.0.90, 11.0.0-M20, 10.1.24, 11.0.0-M10, 9.0.89, 11.0.0-M4, 10.1.20, 11.0.0-M19, 10.1.23, 9.0.88, 9.0.0.M1, 8.5.100, 8.5.99, 9.0.87, 9.0.76, 9.0.83, 8.5.96, 9.0.62, 11.0.0-M12, 11.0.0-M11, 10.1.15, 10.1.14, 10.1.13, 10.1.12, 9.0.82, 9.0.80, 9.0.81, 9.0.79, 8.5.95, 8.5.94, 8.5.93, 8.5.92, 8.5.82, 8.5.78, 8.5.79, 8.5.76, 8.5.69, 8.5.66, 8.5.58, 8.5.54, 8.5.38, 8.5.30, 8.5.8, 8.5.24, 8.5.28, 8.5.5, 8.0.33, 8.0.21, 8.0.0-RC5, 7.0.104, 8.0.24, 8.0.18, 8.5.64, 8.5.11, 8.5.9, 8.5.4, 8.0.51, 8.0.23, 8.0.22, 8.0.11, 8.0.8, 7.0.81, 7.0.68, 7.0.65, 7.0.59, 7.0.47, 7.0.40, 11.0.0-M3, 10.1.0-M2, 10.1.0-M12, 9.0.0.M26, 8.5.70, 8.0.35, 8.0.37, 8.0.29, 8.0.3, 8.0.1, 10.1.0, 10.0.0, 9.0.72, 9.0.60, 9.0.37, 9.0.30, 9.0.0.M27, 8.5.90, 8.5.45, 8.5.39, 8.5.21, 8.0.52, 8.5.16, 7.0.86, 8.5.2, 8.0.53, 8.0.50, 8.0.47, 8.0.39, 8.0.14, 7.0.106, 7.0.99, 7.0.94, 7.0.92, 7.0.85, 7.0.53, 7.0.42, 10.0.4, 9.0.74, 9.0.58, 9.0.6, 8.5.87, 8.5.63, 8.5.51, 8.5.43, 8.5.19, 8.5.15, 8.5.14, 8.5.0, 8.0.46, 8.0.43, 8.0.30, 8.0.9, 7.0.91, 7.0.57, 7.0.96, 7.0.100, 7.0.105, 7.0.107, 7.0.109, 9.0.20, 9.0.27, 9.0.75, 10.0.0-M7, 10.0.2, 10.0.5, 10.0.6, 10.0.23, 10.1.8, 11.0.0-M5, 7.0.64, 7.0.55, 11.0.0-M18, 10.1.19, 11.0.0-M17, 9.0.86, 11.0.0-M15, 10.1.18, 10.1.17, 9.0.85, 9.0.84, 8.5.98, 8.5.97, 11.0.0-M14, 10.1.16, 10.0.16, 10.0.10, 9.0.73, 9.0.59, 9.0.56, 9.0.54, 9.0.48, 9.0.41, 9.0.26, 9.0.21, 9.0.12, 9.0.5, 9.0.0.M22, 9.0.0.M20, 9.0.14, 8.5.86, 11.0.0-M6, 8.5.83, 10.1.6, 10.1.0-M16, 10.1.0-M5, 10.0.26, 9.0.69, 10.0.0-M8, 9.0.53, 9.0.43, 9.0.13, 9.0.0.M8, 9.0.33, 9.0.35, 9.0.22, 9.0.16, 9.0.10, 9.0.8, 10.1.10, 9.0.78, 9.0.70, 9.0.29, 9.0.24, 9.0.17, 9.0.11, 9.0.1, 9.0.0.M17, 8.5.91, 8.5.85, 8.5.75, 8.5.72, 8.5.50, 8.5.23, 8.5.12, 8.5.6, 10.1.9, 10.0.27, 10.0.8, 7.0.77, 7.0.50, 8.5.89, 7.0.84, 7.0.90, 8.0.41, 8.0.45, 8.0.49, 8.5.20, 8.5.27, 8.5.29, 8.5.31, 8.5.37, 8.5.47, 8.5.49, 8.5.53, 8.5.55, 8.5.65, 8.5.68, 9.0.55, 9.0.63, 9.0.65, 9.0.67, 9.0.71, 10.0.0-M3, 10.0.0-M4, 10.0.0-M6, 10.0.7, 10.0.13, 10.0.17, 10.0.20, 10.0.21, 10.0.22, 10.1.0-M7, 10.1.0-M14, 10.1.5, 10.1.7, 8.0.12, 8.0.15, 8.0.20, 8.0.32, 8.0.38, 8.5.34, 8.5.35, 8.5.40, 8.5.46, 8.5.56, 8.5.57, 8.5.59, 8.5.60, 8.5.71, 8.5.73, 8.5.77, 8.5.84, 8.5.88, 9.0.0.M11, 9.0.0.M21, 7.0.88, 9.0.0.M19, 9.0.34, 10.0.14, 7.0.70, 7.0.69, 7.0.62, 7.0.56, 7.0.41, 7.0.37, 9.0.2, 9.0.4, 9.0.7, 9.0.40, 8.5.81, 9.0.0.M3, 9.0.0.M13, 9.0.0.M15, 9.0.0.M18, 9.0.31, 9.0.36, 9.0.38, 9.0.39, 9.0.44, 9.0.45, 9.0.46, 9.0.50, 9.0.52, 10.0.18, 10.1.1, 10.1.2, 7.0.78, 7.0.61, 7.0.75, 7.0.63, 10.1.4, 10.1.0-M1, 7.0.79, 7.0.54, 7.0.52, 7.0.108, 8.5.13, 10.1.0-M10, 10.1.0-M15, 8.5.33, 8.5.42, 9.0.0.M4, 8.0.44, 8.0.0-RC3, 8.0.5, 7.0.82, 8.0.17, 9.0.0.M10, 9.0.0.M6, 9.0.0.M9, 7.0.35, 8.0.0-RC1, 7.0.39, 8.0.0-RC10, 8.0.27, 8.0.26, 10.0.11, 10.1.0-M4, 7.0.76, 7.0.67, 8.5.32, 7.0.103, 8.0.42, 8.0.48, 7.0.93, 8.5.41, 9.0.19, 8.0.36, 8.5.3, 9.0.0.M25, 8.5.61, 10.0.0-M10, 10.0.0-M9, 10.0.0-M5, 10.0.12, 10.1.0-M6, 7.0.73, 7.0.72
(Show all)
|
Patch → NO_SAFE_VERSION |
CVE (Latest)
CVE (Oldest)
