Ecosyste.ms: Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

maven org.apache.tomcat:tomcat Security Advisories

Loading...
Moderate
GSA_kwCzR0hTQS1yNmozLXB4NWctY3EzeM4AA2X8
Apache Tomcat Improper Input Validation vulnerability
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Published: about 2 months ago
Moderate
GSA_kwCzR0hTQS1nOHBqLXI1NXEtNWMyds4AA2Wt
Apache Tomcat Incomplete Cleanup vulnerability
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Published: about 2 months ago
High
GSA_kwCzR0hTQS1qbTdtLThqaDYtMjlocM4AA2Wo
Apache Tomcat Incomplete Cleanup vulnerability
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Published: about 2 months ago
Moderate
GSA_kwCzR0hTQS1xM213LXB2cjgtOWdnY84AA1gl
Apache Tomcat Open Redirect vulnerability
Ecosystems: maven
Packages: org.apache.tomcat.embed:tomcat-embed-core, org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Published: 3 months ago
High
GSA_kwCzR0hTQS1jeDZoLTg2eHctOXgzNM4AA0cs
Apache Tomcat - Fix for CVE-2023-24998 was incomplete
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Published: 5 months ago
High
GSA_kwCzR0hTQS1tcHB2LTc5Y2gtdnc2cc4AAz98
Apache Tomcat vulnerable to information leak
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Published: 6 months ago
High
GSA_kwCzR0hTQS1ycTJ3LTM3aDktdmc5NM4AAwuy
Apache Tomcat improperly escapes input from JsonErrorReportValve
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Published: 11 months ago
High
GSA_kwCzR0hTQS1wMjJ4LWc5cHgtMzk0Nc4AAvm5
Apache Tomcat may reject request containing invalid Content-Length header
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Published: about 1 year ago
Low
GSA_kwCzR0hTQS1qeDdjLTdtajUtOTQzOM4AAvGq
Apache Tomcat Race Condition vulnerability
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Published: about 1 year ago
Moderate
GSA_kwCzR0hTQS02ajg4LTZ3aGcteDY4N84AAs8s
Cross-site Scripting in Apache Tomcat
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Published: over 1 year ago
High
GSA_kwCzR0hTQS12NmM3LThxeDUtOGdtcM4AAdKG
Deserialization of Untrusted Data in Apache Tomcat
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS1yN2M4LWhnaGMtMm1wOM4AAblp
Apache Tomcat Allows Replacing of XML Parser
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Published: over 1 year ago
Low
GSA_kwCzR0hTQS0zcDVyLTdjdzMtMm02N84AAbli
Exposure of Sensitive Information to an Unauthorized Actor in Apache Tomcat
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS0yOGNxLTZybXgtcGpxNM4AAZ9M
Improper Authentication in Apache Tomcat
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS1qZ20yLW01Y2ctZjY2Z84AAY_0
Authentication Bypass in Apache Tomcat
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS03NnZyLTcybXYtbWYzcc4AAY-C
Cross-Site Request Forgery in Apache Tomcat
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS05OXJmLTkydjYtY3d4NM4AAY9f
Improper Access Control in Apache Tomcat
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS13cjNtLWd3OTgtbWMzas4AAXm8
Improper Input Validation in Apache Tomcat
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Published: over 1 year ago
High
GSA_kwCzR0hTQS1qcmNwLWMzOWgtcjI5eM4AAWoL
Improper Neutralization of Input During Web Page Generation in Apache Tomcat
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS1wMjZ2LTk3dnAtamN4Ns4AAWNP
Access controll bypass in Apache Tomcat
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS0zeHBqLWpndjUtcTR2ds4AAWNB
Access restriction bypass in Apache Tomcat
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS1jNzhnLXF3cHctMmpnds4AAV4l
Improper Neutralization of Input During Web Page Generation in Apache Tomcat
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS05aGp2LTloNzUteG1wcM4AAT01
Improper Verification of Source of a Communication Channel in Apache Tomcat
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS05NzM3LXFtZ2MtaGZyOc4AATy0
Directory Traversal in Apache Tomcat
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS00ZjdoLTlqMngtY21yNM4AATyu
Improper Authentication in Apache Tomcat
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS02Y3I0LTdjN3AtcDN4ds4AATyt
Use of Hard-coded Cryptographic Key in Apache Tomcat
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS05Z2dtLTc4OTcteDRtZ84AATyx
Improper Input Validation in Apache Tomcat
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS1jNTdwLTN2MmctdzlyZ84AATyv
Insertion of Sensitive Information into Log File in Apache Tomcat
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS1oZmZtLWZxdjQtdzI3cs4AATyq
Improper Authentication in Apache Tomcat
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Published: over 1 year ago
Low
GSA_kwCzR0hTQS1majZjLXByZ2otZ3Izcs4AATys
Improper Limitation of a Pathname to a Restricted Directory in Apache Tomcat
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS1xOXhmLWp3cjQtdjQ0Nc4AATyo
Authentication Bypass in Apache Tomcat
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS1qNDQ4LWo2NTMtcjN2as4AAToT
Apache Tomcat is vulnerable to HTTP request-smuggling
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS13cTJwLXE2NnctcThncM4AATof
Apache Tomcat Denial of Service vulnerability
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS02bTQ4LWp4d3gtNzZxN84AAToe
Improper Authentication in Apache Tomcat
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS04N3c5LXgyYzMtaHJqas4AAToN
Exposure of Sensitive Information to an Unauthorized Actor in Apache Tomcat
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS02Z2pqLWM1bWotNGN2cM4AATod
Improper Input Validation in Apache Tomcat
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS00NzVmLTc0d3AtcHF2Nc4AATn-
Integer Overflow or Wraparound in Apache Tomcat
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS1wcmMzLTdmNDQtdzQ4as4AATn3
Missing XML Validation in Apache Tomcat
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Published: over 1 year ago
High
GSA_kwCzR0hTQS1weGN4LWN4cTgtNG1td84AATn1
Uncontrolled Resource Consumption in Apache Tomcat
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS1xcHJ4LXEycjctM3J4Ns4AATn4
Improper Input Validation in Apache Tomcat
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS14aDV4LWo4amYtcGNweM4AATn8
Improper Neutralization of CRLF Sequences in HTTP Headers in Apache Tomcat
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS00MmozLTQ5OHEtbTZ2cM4AATn7
Improper Input Validation in Apache Tomcat
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS00YzQzLWN3dngtOWNyaM4AATn2
Improper Access Control in Apache Tomcat
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Published: over 1 year ago
High
GSA_kwCzR0hTQS1tdjQyLXB4NTQtODdqd84AATn6
Improper Access Control in Apache Tomcat
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS02dngzLWhyNDMtY2ZyaM4AATnz
Exposure of Sensitive Information to an Unauthorized Actor in Apache Tomcat
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS02cXI2LXg3am0teDJxNs4AATn5
Improper Limitation of a Pathname to a Restricted Directory in Apache Tomcat
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Published: over 1 year ago
High
GSA_kwCzR0hTQS02OThjLTJ4NGotZzlncc4AAToE
Improper Restriction of Operations within the Bounds of a Memory Buffer in Apache Tomcat
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS1yaDhxLXZqZ2YtZ2Y3NM4AATn9
Improper Limitation of a Pathname to a Restricted Directory in Apache Tomcat
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Published: over 1 year ago
High
GSA_kwCzR0hTQS0zZ3Y3LTNoNjQtNzhjbc4AATny
Exposure of Sensitive Information to an Unauthorized Actor in Apache Tomcat
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS03M3J4LTNmOXIteDk0Oc4AATnv
Insufficient Verification of Data Authenticity in Apache Tomcat
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Published: over 1 year ago
Low
GSA_kwCzR0hTQS0zNzJxLTMzdmgtOG1wY84AAToA
Inconsistent documentation in Apache Tomcat
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Published: over 1 year ago
High
GSA_kwCzR0hTQS14amdoLTg0aHgtNTZjNc4AATjr
Unrestricted Upload of File with Dangerous Type Apache Tomcat
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Published: over 1 year ago
High
GSA_kwCzR0hTQS02OGc1LThxN2YtbTM4NM4AATX5
Improper Limitation of a Pathname to a Restricted Directory in Apache Tomcat
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Published: over 1 year ago
High
GSA_kwCzR0hTQS1oM2NoLTVwcDItdmg2d84AATI3
Improper socket reuse in Apache Tomcat
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Published: over 1 year ago
High
GSA_kwCzR0hTQS1qbXZ2LTUyNGYtaGo1as4AASWl
Improper Handling of Exceptional Conditions in Apache Tomcat
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Published: over 1 year ago
Critical
GSA_kwCzR0hTQS05aGcyLTM5NWotODNybc4AASV-
Expected Behavior Violation in Apache Tomcat
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Published: over 1 year ago
High
GSA_kwCzR0hTQS05Nzg1LXcyMzMteDZods4AASWD
Improper Resource Shutdown or Release in Apache Tomcat
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Published: over 1 year ago
Critical
GSA_kwCzR0hTQS0zdngzLXhmNnEtcjV4cM4AAQYR
Exposure of Resource to Wrong Sphere in Apache Tomcat
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS1oNmM4LXg1cjMtcG04OM3zoQ
Apache Tomcat Unrestricted file upload vulnerability
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS0ycnZmLTMyOWYtcDk5Z83otg
System Property Disclosure in Apache Tomcat
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS13eGNwLWYyYzgteDZ4ds3opg
Observable Discrepancy in Apache Tomcat
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS04aDJxLXFtOXgtNTVqY83dwA
Denial of Service in Apache Tomcat
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS0zcDg2LXhncnEtbTZwNs3c3Q
Improper Neutralization of Input During Web Page Generation in Apache Tomcat
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS13NnE3LXd3MngtN2dtM83WcA
Exposure of Sensitive Information to an Unauthorized Actor in Apache Tomcat
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS04d2NoLTlnY2ctdjJwcs3KCQ
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in Apache Tomcat
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS1oamZoLTdjNHYtN3E4aM3KAw
Improper Authentication in Apache Tomcat
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS1oaGpnLWc4eHEtaGhyM83CSQ
Exposure of Sensitive Information to an Unauthorized Actor in Apache Tomcat
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS1qNzg4LWZ4NTctOTl3cM3CQg
Cross-site scripting in Apache Tomcat
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS13MjI3LXhjZngtM3BqOM3BjA
Exposure of Sensitive Information in Apache Tomcat
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS1xNzR4LXFxaHItZjhyeM2y9Q
Apache Tomcat Cross-site scripting (XSS) vulnerability
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS1xcmo0LXJtcWctNGhjcM2skg
Apache Tomcat Does Not Properly Handle Empty Requests
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Published: over 1 year ago
Low
GSA_kwCzR0hTQS12NXAyLXZnM2MtcG1ycs2psg
Apache Tomcat Path Traversal Vulnerability
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS1jd3c0LXZqNXItcng1N82pTQ
Exposure of Sensitive Information in Apache Tomcat
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS1nNzdnLXZqam0teDgzas2nEw
Apache Tomcat Example Application CSRF and XSS Vulnerabilities
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS0zNmhwLTR4M2ctcGhyZ82iLg
Apache Tomcat's CookieExample Vulnerable to XSS
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS13andyLTNqY2gtNDc5as2iKg
Apache Tomcat SendMailServlet XSS
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS02ajhmLTY2dmgtMzltas2iMA
Apache Tomcat Mishandles Character Sequence in Cookies
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS1xZmY4LWc0OGotcHdwd82iMw
Apache Tomcat treats single quotes as delimiters in cookies
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS1oYzM5LXJqd3AtcWZmcc2eqg
Apache Tomcat XSS Vulnerabilities in Examples Web Application
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Published: over 1 year ago
Low
GSA_kwCzR0hTQS14bWM5LTZwNTYtM2M0ds2ajQ
Apache Tomcat XSS In Accept-Language Headers
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS00cHJoLWdxdzgtcmdoNc2XRQ
Apache Tomcat Directory Traversal
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS1wbTc4LXd4eGYtZnc5OM2Vdg
Cross-site scripting in Apache Tomcat
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Published: over 1 year ago
High
GSA_kwCzR0hTQS1xcmN4LXA0cnItZzQ4aM17Cw
Apache Tomcat allows remote attackers to read JSP source files
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS14ODlyLTJ3anEtbWo3eM16gg
Apache Tomcat Discloses MS-DOS Pathname
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Published: over 1 year ago
Low
GSA_kwCzR0hTQS1xaHF2LXE0eGctZjZnN811Cg
Apache Tomcat AJP Connector Information Leak
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS1mMmdxLXA2cXYtY2N3NM1xPA
Tomcat Vulnerable to Web Cache Poisoning
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS01OGhqLTU3NWctNWoyNc1eeQ
Apache Tomcat allows webmasters to insert xss into error messages
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS00Z3I5LTk5ajMtdnF4ds1bag
Apache Tomcat Directory Traversal
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS1xZzRnLTZqY3Etcnc5M81Z2w
Jakarta Apache Tomcat Reveals Physical Paths
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS03d2oyLTQ4YzQtMjY4NM1Egg
Apache Tomcat Denial of Service vulnerability in the Catalina package
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS01aGdtLXFtNW0tNXZtd81B2g
Jakarta Tomcat cross-site scripting (XSS) vulnerability
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS1xZncyLXd2cnctbXZ3NM1B1Q
Jakarta Tomcat Directory Listing vulnerability
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS13OTd4LXhmeGYtZjl4as1B1g
Jakarta Tomcat Denial of Service vulnerability
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Published: over 1 year ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWdjNTgtdjhoMy14Mmdy
Incorrect Default Permissions in Apache Tomcat
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Published: almost 2 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTUzaHAtanB3cS0yamdx
Uncontrolled Resource Consumption in Apache Tomcat
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Published: almost 2 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW03anYtaHE3aC1tcTdj
Infinite Loop in Apache Tomcat
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Published: almost 2 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXZmNzctOGg3Zy1nZ2hw
Improper Restriction of Operations within the Bounds of a Memory Buffer in Apache Tomcat
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Published: almost 2 years ago
High
GSA_kwCzR0hTQS05ZjNqLXBtNmYtOWZtNc0nLg
Race condition in Apache Tomcat
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Published: almost 2 years ago
High
GSA_kwCzR0hTQS13cGg3LXg1MjctdzNoNc0WkQ
Missing Release of Resource after Effective Lifetime in Apache Tomcat
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Published: about 2 years ago
High
GSA_kwCzR0hTQS01OWc5LTdnZngtYzcycM0V1g
Infinite loop in Tomcat due to parsing error
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Published: about 2 years ago
Filter by Package
org.jenkins-ci.main:jenkins-core 170 org.apache.tomcat:tomcat 106 com.fasterxml.jackson.core:jackson-databind 70 org.apache.struts:struts2-core 48 org.keycloak:keycloak-core 45 com.thoughtworks.xstream:xstream 37 net.mingsoft:ms-mcms 32 org.elasticsearch:elasticsearch 29 org.xwiki.platform:xwiki-platform-oldcore 29 com.liferay.portal:release.portal.bom 27 io.undertow:undertow-core 26 org.keycloak:keycloak-parent 25 org.springframework:spring-core 23 org.jenkins-ci.plugins:script-security 22 org.apache.nifi:nifi 22 org.eclipse.jetty:jetty-server 22 org.apache.tomcat.embed:tomcat-embed-core 22 org.apache.openmeetings:openmeetings-parent 21 org.apache.solr:solr-core 21 org.springframework.security:spring-security-core 21 org.apache.activemq:activemq-client 18 com.vaadin:vaadin-bom 18 org.xwiki.platform:xwiki-platform-web-templates 17 org.bouncycastle:bcprov-jdk14 17 org.apache.geode:geode-core 17 org.bouncycastle:bcprov-jdk15 15 org.apache.jspwiki:jspwiki-main 15 org.keycloak:keycloak-services 15 org.xwiki.platform:xwiki-platform-web 14 org.apache.dubbo:dubbo 14 org.apache.hadoop:hadoop-main 13 org.apache.cxf:cxf 13 com.vaadin:flow-server 12 org.jenkins-ci.plugins:git 11 org.apache.hadoop:hadoop-common 11 org.apache.inlong:manager-pojo 11 org.jeecgframework.boot:jeecg-boot-parent 11 org.apache.jspwiki:jspwiki-war 11 org.apache.tika:tika-core 11 org.apache.ranger:ranger 11 org.jenkins-ci.plugins.workflow:workflow-cps 10 org.apache.camel:camel-core 10 org.apache.inlong:manager-service 10 org.apache.cxf:cxf-core 10 org.jenkins-ci.plugins.workflow:workflow-cps-global-lib 10 org.jboss.netty:netty 10 io.netty:netty 10 com.xuxueli:xxl-job 9 org.springframework:spring-webmvc 9 org.opennms:opennms 9 org.apache.commons:commons-compress 9 org.igniterealtime.openfire:parent 9 com.sonyericsson.jenkins.plugins.bfa:build-failure-analyzer 9 org.apache.tapestry:tapestry-core 9 org.craftercms:crafter-studio 9 org.apache.xmlgraphics:batik 9 org.mortbay.jetty:jetty 9 io.jenkins:configuration-as-code 9 org.apache.hive:hive 9 org.opencrx:opencrx-core-models 9 org.webjars.npm:jquery 9 jquery-rails 9 org.jenkins-ci.plugins:electricflow 9 jquery 9 org.apache.tomcat:tomcat-catalina 9 org.apache.james:james-server 9 org.apache.zeppelin:zeppelin 8 org.jenkins-ci.plugins:email-ext 8 org.jeecgframework.boot:jeecg-boot-common 8 org.apache.santuario:xmlsec 8 io.jenkins.blueocean:blueocean 8 org.apache.shiro:shiro-core 8 mysql:mysql-connector-java 8 org.apache.pdfbox:pdfbox 8 jquery-ui-rails 8 org.webjars.npm:jquery-ui 8 jQuery.UI.Combined 8 jquery-ui 8 org.apache.hive:hive-exec 8 org.yaml:snakeyaml 8 org.apache.kylin:kylin 8 org.jenkins-ci.plugins:ec2 7 org.apache.archiva:archiva 7 io.jenkins.plugins:cavisson-ns-nd-integration 7 org.jenkins-ci.plugins:subversion 7 org.apache.inlong:manager-web 7 org.jenkins-ci.plugins:active-directory 7 org.apache.atlas:atlas-common 7 rubygems-update 7 org.jruby:jruby-stdlib 7 org.apache.dolphinscheduler:dolphinscheduler 7 org.postgresql:postgresql 7 com.jflyfox:jflyfox_jfinal 7 org.apache.tika:tika 7 org.apache.poi:poi 7 org.xwiki.platform:xwiki-platform-administration-ui 7 io.dataease:dataease-plugin-common 7 org.apache.httpcomponents:httpclient 7 org.apache.logging.log4j:log4j-core 7 org.bouncycastle:bcprov-jdk15on 7 org.owasp.esapi:esapi 7 org.apache.karaf:apache-karaf 7 io.netty:netty-handler 7 org.jboss.resteasy:resteasy-client 7 org.apache.ozone:ozone-main 7 jQuery 7 net.opentsdb:opentsdb 7 org.apache.spark:spark-core_2.11 7 org.owasp.antisamy:antisamy 7 org.apache.cxf:apache-cxf 7 cn.hutool:hutool-core 7 org.jeecgframework.boot:jeecg-boot-base 7 io.atomix:atomix 7 org.opencms:opencms-core 7 org.apache.hive:hive-service 7 io.jenkins.plugins:miniorange-saml-sp 7 org.apache.ambari:ambari 7 org.apache.syncope:syncope-core 6 cn.hutool:hutool-json 6 tech.powerjob:powerjob 6 org.xwiki.commons:xwiki-commons-xml 6 org.apache.solr:solr-parent 6 org.graylog2:graylog2-server 6 org.csanchez.jenkins.plugins:kubernetes 6 org.apache.mesos:mesos 6 com.sonyericsson.hudson.plugins.gerrit:gerrit-trigger 6 commons-jxpath:commons-jxpath 6 org.opencastproject:opencast-kernel 6 org.apache.linkis:linkis 6 commons-fileupload:commons-fileupload 6 org.apache.derby:derby 6 com.hazelcast:hazelcast 6 org.springframework:spring-web 6 org.springframework.amqp:spring-amqp 6 org.apache.shenyu:shenyu-common 6 org.apache.spark:spark-core_2.10 6 org.apache.storm:storm-core 6 org.jenkins-ci.plugins:repository-connector 6 org.opensearch.plugin:opensearch-security 6 org.apache.inlong:manager-dao 5 log4j:log4j 5 org.zenframework.z8.dependencies.commons:log4j-1.2.17 5 org.jenkins-ci.plugins:artifactory 5 org.jenkins-ci.plugins:config-file-provider 5 org.jenkins-ci.plugins:pipeline-maven 5 com.google.protobuf:protobuf-java 5 org.jenkins-ci.plugins:fortify 5 com.ruoyi:ruoyi 5 org.biouno:uno-choice 5 org.wildfly:wildfly-parent 5 org.jenkinsci.plugins:octoperf 5 com.xebialabs.deployit.ci:deployit-plugin 5 org.jenkins-ci.plugins:ghprb 5 org.jenkins-ci.plugins:google-compute-engine 5 org.jenkins-ci.plugins:gitlab-oauth 5 com.datapipe.jenkins.plugins:hashicorp-vault-plugin 5 com.synopsys.jenkinsci:ownership 5 xerces:xercesImpl 5 org.jenkins-ci.plugins:extended-choice-parameter 5 org.apache.cassandra:cassandra-all 5 io.vertx:vertx-web 5 io.projectreactor.netty:reactor-netty-http 5 com.fasterxml.woodstox:woodstox-core 5 org.jenkins-ci.plugins:openshift-deployer 5 com.jfinal:jfinal 5 org.jenkins-ci.plugins:rundeck 5 org.neo4j.procedure:apoc 5 org.xwiki.platform:xwiki-platform-appwithinminutes-ui 5 org.dspace:dspace-jspui 5 org.jenkins-ci.plugins:gitlab-plugin 5 org.apache.hadoop:hadoop-client 5 org.jenkins-ci.plugins:ec2-deployment-dashboard 5 org.apache.druid:druid 5 org.opennms:opennms-webapp 5 org.jenkins-ci.plugins:mercurial 5 org.apache.kylin:kylin-server-base 5 info.magnolia:magnolia-core 5 org.jenkins-ci.plugins:mailer 5 org.xwiki.platform:xwiki-platform-flamingo-skin-resources 5 org.jeecgframework.boot:jeecg-boot-base-core 5 com.mabl.integration.jenkins:mabl-integration 5 io.netty:netty-codec-http 5 org.codehaus.jettison:jettison 5 org.apache.ignite:ignite-core 5 com.alibaba:dubbo 5 org.apache.activemq:activemq-parent 5 org.jboss.resteasy:resteasy-bom 5 com.vaadin:vaadin-server 5 org.infinispan:infinispan-core 5 edu.stanford.nlp:stanford-corenlp 5 org.jenkins-ci.plugins:codedx 5 org.apache.axis:axis 5 org.apache.struts:struts2-rest-plugin 4 org.jenkins-ci.plugins:fortify-on-demand-uploader 4 org.springframework.security.oauth:spring-security-oauth2 4 org.restlet.jse:org.restlet 4 pyspark 4 io.jenkins.plugins:warnings-ng 4 aws-iot-device-sdk-v2 4 awsiotsdk 4 software.amazon.awssdk.iotdevicesdk:aws-iot-device-sdk 4 org.jenkins-ci.plugins:gogs-webhook 4 org.jenkins-ci.tools:git-parameter 4 org.jenkins-ci.plugins:teamconcert 4 org.xwiki.platform:xwiki-platform-wiki-ui-mainwiki 4 org.jenkins-ci.plugins:hp-application-automation-tools-plugin 4 com.linecorp.armeria:armeria 4 org.yamcs:yamcs 4 com.bstek.ureport:ureport2-core 4 org.jenkins-ci.plugins:support-core 4 org.jenkins-ci.plugins:junit 4 org.jenkins-ci.plugins:cons3rt 4 org.jenkins-ci.plugins:google-login 4 org.jenkins-ci.plugins:coverity 4 org.jenkins-ci.plugins:libvirt-slave 4 org.jenkins-ci.plugins:ansible 4 org.jenkins-ci.plugins:jira 4 org.jenkins-ci.plugins:rapiddeploy-jenkins 4 org.jenkins-ci.plugins:crx-content-package-deployer 4 com.elasticbox.jenkins-ci.plugins:kubernetes-ci 4 org.jenkins-ci.plugins:build-publisher 4 org.jenkins-ci.plugins:ssh 4 org.jenkins-ci.plugins:ci-with-toad-edge 4 com.surenpi.jenkins:phoenix-autotest 4 org.jenkins-ci.plugins:kubernetes-cd 4 org.jenkins-ci.plugins:publish-over-ssh 4 org.jenkins-ci.plugins:requests 4 com.alibaba.nacos:nacos-common 4 com.nimbusds:nimbus-jose-jwt 4 com.h2database:h2 4 io.hawt:project 4 org.jenkins-ci.plugins:reportportal 4 com.compuware.jenkins:compuware-topaz-for-total-test 4 org.jenkins-ci.plugins:katalon 4 org.apache.pulsar:pulsar-broker 4 org.jenkins-ci.plugins:deployer-framework 4 net.bull.javamelody:javamelody-core 4 org.xerial.snappy:snappy-java 4 org.opensaml:opensaml 4 org.apache.ws.security:wss4j 4 com.convertigo.jenkins.plugins:convertigo-mobile-platform 4 org.apache.cxf.fediz:fediz-spring2 4 org.jolokia:jolokia-core 4 org.apache.zookeeper:zookeeper 4 org.wildfly.security:wildfly-elytron 4 org.apache.thrift:libthrift 4 org.jenkins-ci.plugins:matrix-project 4 org.drools:drools-core 4 org.apache.struts:struts2-parent 4 org.rundeck:rundeck 4 io.jenkins.plugins:macstadium-orka 4 org.jenkins-ci.plugins:jira-steps 4 org.jvnet.hudson.plugins:storable-configs-plugin 4 io.swagger:swagger-codegen 4 org.apache.inlong:inlong 4 org.jenkins-ci.plugins.m2release:m2release 4 org.xwiki.platform:xwiki-platform-attachment-ui 4 org.apache.pulsar:pulsar 4 org.jenkins-ci.plugins:p4 4 com.itextpdf:itext7-core 4 org.jenkins-ci.plugins:tfs 4 org.apache.storm:storm 4 hudson.plugins:project-inheritance 4 org.opencastproject:opencast-common 4 com.typesafe.play:play_2.12 4 org.apache.cxf:cxf-rt-frontend-jaxrs 4 org.jenkins-ci.plugins:azure-ad 4 org.apache.any23:apache-any23 4 org.xwiki.platform:xwiki-platform-livetable-ui 4 org.apache.struts:struts-core 4 org.directwebremoting:dwr 4 org.apache.sling:org.apache.sling.servlets.post 4 io.ratpack:ratpack-core 4 com.epam.reportportal:service-api 4 org.xwiki.platform:xwiki-platform-flamingo-theme-ui 4 com.typesafe.play:play 4 org.apache.kafka:kafka 4 org.apache.ant:ant 4 org.jenkins-ci.plugins:credentials 4 org.apache.qpid:qpid-broker 4 org.jenkins-ci.plugins:wso2id-oauth 4 org.apache.olingo:odata-client-core 3 org.apache.ivy:ivy 3 org.apache.qpid:proton-j 3 io.vertx:vertx-core 3 org.apache.spark:spark-core 3 org.springframework.data:spring-data-commons 3 org.jenkins-ci.plugins:autocomplete-parameter 3 org.apache.tika:tika-parsers 3 com.ctrip.framework.apollo:apollo 3 org.jenkins-ci.plugins:cloudbees-jenkins-advisor 3 net.sf.mpxj:mpxj 3 org.jenkins-ci.plugins:elastest 3 org.jenkins-ci.plugins:zephyr-for-jira-test-management 3 io.apiman:apiman-manager-api-rest-impl 3 org.jenkins-ci.plugins:delphix 3 org.xwiki.platform:xwiki-platform-rest-server 3 org.apache.xmlrpc:xmlrpc 3 org.apache.shenyu:shenyu-admin 3 org.jenkins-ci.plugins:azure-credentials 3