Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
maven org.apache.tomcat:tomcat Security Advisories
Loading...
Moderate
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 14.0
Published: 3 months ago
GSA_kwCzR0hTQS1mNHFmLW01Z2YtOGptOM4AA4kQ
Apache Tomcat vulnerable to Generation of Error Message Containing Sensitive InformationEcosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 14.0
Published: 3 months ago
Moderate
Ecosystems: maven
Packages: org.apache.tomcat.embed:tomcat-embed-core, org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 22.0
Published: 7 months ago
GSA_kwCzR0hTQS1yNmozLXB4NWctY3EzeM4AA2X8
Apache Tomcat Improper Input Validation vulnerabilityEcosystems: maven
Packages: org.apache.tomcat.embed:tomcat-embed-core, org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 22.0
Published: 7 months ago
Moderate
Ecosystems: maven, swift, go
Packages: com.typesafe.akka:akka-http-core_2.11, com.typesafe.akka:akka-http-core_2.12, com.typesafe.akka:akka-http-core_2.13, com.typesafe.akka:akka-http-core, org.eclipse.jetty.http2:jetty-http2-server, org.eclipse.jetty.http2:jetty-http2-common, org.eclipse.jetty.http2:http2-server, org.eclipse.jetty.http2:http2-common, github.com/apple/swift-nio-http2, org.apache.tomcat.embed:tomcat-embed-core, org.apache.tomcat:tomcat, google.golang.org/grpc, golang.org/x/net
Source: GitHub Advisory Database
Blast Radius: 51.8
Published: 7 months ago
GSA_kwCzR0hTQS1xcHBqLWZtNXItaHhyM84AA2X2
HTTP/2 Stream Cancellation AttackEcosystems: maven, swift, go
Packages: com.typesafe.akka:akka-http-core_2.11, com.typesafe.akka:akka-http-core_2.12, com.typesafe.akka:akka-http-core_2.13, com.typesafe.akka:akka-http-core, org.eclipse.jetty.http2:jetty-http2-server, org.eclipse.jetty.http2:jetty-http2-common, org.eclipse.jetty.http2:http2-server, org.eclipse.jetty.http2:http2-common, github.com/apple/swift-nio-http2, org.apache.tomcat.embed:tomcat-embed-core, org.apache.tomcat:tomcat, google.golang.org/grpc, golang.org/x/net
Source: GitHub Advisory Database
Blast Radius: 51.8
Published: 7 months ago
Moderate
Ecosystems: maven
Packages: org.apache.tomcat.embed:tomcat-embed-core, org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 22.0
Published: 7 months ago
GSA_kwCzR0hTQS1nOHBqLXI1NXEtNWMyds4AA2Wt
Apache Tomcat Incomplete Cleanup vulnerabilityEcosystems: maven
Packages: org.apache.tomcat.embed:tomcat-embed-core, org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 22.0
Published: 7 months ago
Moderate
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 15.6
Published: 7 months ago
GSA_kwCzR0hTQS1qbTdtLThqaDYtMjlocM4AA2Wo
Apache Tomcat Incomplete Cleanup vulnerabilityEcosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 15.6
Published: 7 months ago
Moderate
Ecosystems: maven
Packages: org.apache.tomcat.embed:tomcat-embed-core, org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 25.3
Published: 8 months ago
GSA_kwCzR0hTQS1xM213LXB2cjgtOWdnY84AA1gl
Apache Tomcat Open Redirect vulnerabilityEcosystems: maven
Packages: org.apache.tomcat.embed:tomcat-embed-core, org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 25.3
Published: 8 months ago
High
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 19.8
Published: 10 months ago
GSA_kwCzR0hTQS1jeDZoLTg2eHctOXgzNM4AA0cs
Apache Tomcat - Fix for CVE-2023-24998 was incompleteEcosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 19.8
Published: 10 months ago
High
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 19.8
Published: 10 months ago
GSA_kwCzR0hTQS1tcHB2LTc5Y2gtdnc2cc4AAz98
Apache Tomcat vulnerable to information leakEcosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 19.8
Published: 10 months ago
High
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 19.8
Published: over 1 year ago
GSA_kwCzR0hTQS1ycTJ3LTM3aDktdmc5NM4AAwuy
Apache Tomcat improperly escapes input from JsonErrorReportValveEcosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 19.8
Published: over 1 year ago
High
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 19.8
Published: over 1 year ago
GSA_kwCzR0hTQS1wMjJ4LWc5cHgtMzk0Nc4AAvm5
Apache Tomcat may reject request containing invalid Content-Length headerEcosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 19.8
Published: over 1 year ago
Low
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 9.8
Published: over 1 year ago
GSA_kwCzR0hTQS1qeDdjLTdtajUtOTQzOM4AAvGq
Apache Tomcat Race Condition vulnerabilityEcosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 9.8
Published: over 1 year ago
Moderate
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 16.1
Published: almost 2 years ago
GSA_kwCzR0hTQS02ajg4LTZ3aGcteDY4N84AAs8s
Cross-site Scripting in Apache TomcatEcosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 16.1
Published: almost 2 years ago
Moderate
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1ycDhoLXZyNDgtNGo4cM4AAfx7
Apache Tomcat Exposes IP Addresses and HTTP Headers of RequestsEcosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
High
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS12NmM3LThxeDUtOGdtcM4AAdKG
Deserialization of Untrusted Data in Apache TomcatEcosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Low
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS0zcDVyLTdjdzMtMm02N84AAbli
Exposure of Sensitive Information to an Unauthorized Actor in Apache TomcatEcosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Moderate
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1yN2M4LWhnaGMtMm1wOM4AAblp
Apache Tomcat Allows Replacing of XML ParserEcosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Moderate
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS12Y2g3LTkydmYtam00NM4AAafm
Apache Tomcat does not follow ServletSecurity annotationsEcosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Moderate
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS0yOGNxLTZybXgtcGpxNM4AAZ9M
Improper Authentication in Apache TomcatEcosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Moderate
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1oNmM4LXJnODctZjNwY84AAZEC
Apache Tomcat HTTP BIO Connector Error Discloses Information From Different Requests to Remote UsersEcosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Moderate
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1qZ20yLW01Y2ctZjY2Z84AAY_0
Authentication Bypass in Apache TomcatEcosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Moderate
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS03NnZyLTcybXYtbWYzcc4AAY-C
Cross-Site Request Forgery in Apache TomcatEcosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Moderate
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS05OXJmLTkydjYtY3d4NM4AAY9f
Improper Access Control in Apache TomcatEcosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Moderate
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS13cjNtLWd3OTgtbWMzas4AAXm8
Improper Input Validation in Apache TomcatEcosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
High
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 21.4
Published: almost 2 years ago
GSA_kwCzR0hTQS1qcmNwLWMzOWgtcjI5eM4AAWoL
Improper Neutralization of Input During Web Page Generation in Apache TomcatEcosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 21.4
Published: almost 2 years ago
High
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 23.2
Published: almost 2 years ago
GSA_kwCzR0hTQS13N2NnLTU5NjktNjc4d84AAWoK
Apache Tomcat allows remote attackers to bypass a CSRF protection mechanism by using a tokenEcosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 23.2
Published: almost 2 years ago
High
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 19.8
Published: almost 2 years ago
GSA_kwCzR0hTQS00M3YyLTZncnAtOXBwOc4AAWOM
Apache Tomcat does not enforce the maxHttpHeaderSize limitEcosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 19.8
Published: almost 2 years ago
Moderate
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1tZzR2LXJmOHAtZ2hxcc4AAWNQ
Apache Tomcat allows remote attackers to bypass intended access restrictionsEcosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Moderate
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1wMjZ2LTk3dnAtamN4Ns4AAWNP
Access controll bypass in Apache TomcatEcosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Moderate
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS0zeHBqLWpndjUtcTR2ds4AAWNB
Access restriction bypass in Apache TomcatEcosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Moderate
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1jNzhnLXF3cHctMmpnds4AAV4l
Improper Neutralization of Input During Web Page Generation in Apache TomcatEcosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Moderate
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1wdmpoLTdoOHEtcTU2cs4AAV4S
Apache Tomcat has cookies without HTTPOnly flag in Set-Cookie headerEcosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Moderate
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1ndmdjLXJ4bWgtNWh2d84AAVO9
Apache Tomcat affected by infinite loop in Double.parseDouble method in Java Runtime EnvironmentEcosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Moderate
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 16.6
Published: almost 2 years ago
GSA_kwCzR0hTQS05aGp2LTloNzUteG1wcM4AAT01
Improper Verification of Source of a Communication Channel in Apache TomcatEcosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 16.6
Published: almost 2 years ago
Moderate
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 14.0
Published: almost 2 years ago
GSA_kwCzR0hTQS05NzM3LXFtZ2MtaGZyOc4AATy0
Directory Traversal in Apache TomcatEcosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 14.0
Published: almost 2 years ago
Moderate
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1oZmZtLWZxdjQtdzI3cs4AATyq
Improper Authentication in Apache TomcatEcosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Moderate
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1jNTdwLTN2MmctdzlyZ84AATyv
Insertion of Sensitive Information into Log File in Apache TomcatEcosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Moderate
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS05Z2dtLTc4OTcteDRtZ84AATyx
Improper Input Validation in Apache TomcatEcosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Moderate
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1jeGcyLTQ5cnEtOGdjcs4AATyr
Apache Tomcat does not properly handle an invalid Transfer-Encoding headerEcosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Moderate
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS00ZjdoLTlqMngtY21yNM4AATyu
Improper Authentication in Apache TomcatEcosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Moderate
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS02Y3I0LTdjN3AtcDN4ds4AATyt
Use of Hard-coded Cryptographic Key in Apache TomcatEcosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Moderate
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1xOXhmLWp3cjQtdjQ0Nc4AATyo
Authentication Bypass in Apache TomcatEcosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
High
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1jMzhtLXY0bTItNTI0ds4AATyn
Apache Tomcat Allows Remote Attackers to Spoof AJP RequestsEcosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Low
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1majZjLXByZ2otZ3Izcs4AATys
Improper Limitation of a Pathname to a Restricted Directory in Apache TomcatEcosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Moderate
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1qNDQ4LWo2NTMtcjN2as4AAToT
Apache Tomcat is vulnerable to HTTP request-smugglingEcosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Moderate
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS02bTQ4LWp4d3gtNzZxN84AAToe
Improper Authentication in Apache TomcatEcosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Moderate
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS02Z2pqLWM1bWotNGN2cM4AATod
Improper Input Validation in Apache TomcatEcosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Moderate
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS13cTJwLXE2NnctcThncM4AATof
Apache Tomcat Denial of Service vulnerabilityEcosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Moderate
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS04N3c5LXgyYzMtaHJqas4AAToN
Exposure of Sensitive Information to an Unauthorized Actor in Apache TomcatEcosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Moderate
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS00NzVmLTc0d3AtcHF2Nc4AATn-
Integer Overflow or Wraparound in Apache TomcatEcosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Moderate
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS14aDV4LWo4amYtcGNweM4AATn8
Improper Neutralization of CRLF Sequences in HTTP Headers in Apache TomcatEcosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Moderate
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1wcmMzLTdmNDQtdzQ4as4AATn3
Missing XML Validation in Apache TomcatEcosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
High
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1weGN4LWN4cTgtNG1td84AATn1
Uncontrolled Resource Consumption in Apache TomcatEcosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Moderate
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1xcHJ4LXEycjctM3J4Ns4AATn4
Improper Input Validation in Apache TomcatEcosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Moderate
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS00MmozLTQ5OHEtbTZ2cM4AATn7
Improper Input Validation in Apache TomcatEcosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
High
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 23.2
Published: almost 2 years ago
GSA_kwCzR0hTQS1tdjQyLXB4NTQtODdqd84AATn6
Improper Access Control in Apache TomcatEcosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 23.2
Published: almost 2 years ago
Moderate
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 11.4
Published: almost 2 years ago
GSA_kwCzR0hTQS02dngzLWhyNDMtY2ZyaM4AATnz
Exposure of Sensitive Information to an Unauthorized Actor in Apache TomcatEcosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 11.4
Published: almost 2 years ago
Moderate
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS00YzQzLWN3dngtOWNyaM4AATn2
Improper Access Control in Apache TomcatEcosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
High
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 19.8
Published: almost 2 years ago
GSA_kwCzR0hTQS02OThjLTJ4NGotZzlncc4AAToE
Improper Restriction of Operations within the Bounds of a Memory Buffer in Apache TomcatEcosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 19.8
Published: almost 2 years ago
Moderate
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 11.4
Published: almost 2 years ago
GSA_kwCzR0hTQS02cXI2LXg3am0teDJxNs4AATn5
Improper Limitation of a Pathname to a Restricted Directory in Apache TomcatEcosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 11.4
Published: almost 2 years ago
High
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 19.8
Published: almost 2 years ago
GSA_kwCzR0hTQS13M2o1LXE4ZjItM2Nxcc4AATnx
Concurrent Execution using Shared Resource with Improper Synchronization in Apache TomcatEcosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 19.8
Published: almost 2 years ago
Moderate
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 14.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1yaDhxLXZqZ2YtZ2Y3NM4AATn9
Improper Limitation of a Pathname to a Restricted Directory in Apache TomcatEcosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 14.0
Published: almost 2 years ago
High
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 19.8
Published: almost 2 years ago
GSA_kwCzR0hTQS0zZ3Y3LTNoNjQtNzhjbc4AATny
Exposure of Sensitive Information to an Unauthorized Actor in Apache TomcatEcosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 19.8
Published: almost 2 years ago
High
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 19.8
Published: almost 2 years ago
GSA_kwCzR0hTQS1mandwLXI2Zm0tcTZxd84AAToC
Apache Tomcat allows remote attackers to read data that was intended to be associated with a different requestEcosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 19.8
Published: almost 2 years ago
Moderate
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 14.0
Published: almost 2 years ago
GSA_kwCzR0hTQS0zNzJxLTMzdmgtOG1wY84AAToA
Inconsistent documentation in Apache TomcatEcosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 14.0
Published: almost 2 years ago
Moderate
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 11.4
Published: almost 2 years ago
GSA_kwCzR0hTQS03M3J4LTNmOXIteDk0Oc4AATnv
Insufficient Verification of Data Authenticity in Apache TomcatEcosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 11.4
Published: almost 2 years ago
High
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 21.4
Published: almost 2 years ago
GSA_kwCzR0hTQS14amdoLTg0aHgtNTZjNc4AATjr
Unrestricted Upload of File with Dangerous Type Apache TomcatEcosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 21.4
Published: almost 2 years ago
High
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 19.8
Published: almost 2 years ago
GSA_kwCzR0hTQS02OGc1LThxN2YtbTM4NM4AATX5
Improper Limitation of a Pathname to a Restricted Directory in Apache TomcatEcosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 19.8
Published: almost 2 years ago
High
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 22.7
Published: almost 2 years ago
GSA_kwCzR0hTQS1oM2NoLTVwcDItdmg2d84AATI3
Improper socket reuse in Apache TomcatEcosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 22.7
Published: almost 2 years ago
High
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 19.8
Published: almost 2 years ago
GSA_kwCzR0hTQS1qbXZ2LTUyNGYtaGo1as4AASWl
Improper Handling of Exceptional Conditions in Apache TomcatEcosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 19.8
Published: almost 2 years ago
High
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 19.8
Published: almost 2 years ago
GSA_kwCzR0hTQS05Nzg1LXcyMzMteDZods4AASWD
Improper Resource Shutdown or Release in Apache TomcatEcosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 19.8
Published: almost 2 years ago
Moderate
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1oNmM4LXg1cjMtcG04OM3zoQ
Apache Tomcat Unrestricted file upload vulnerabilityEcosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
High
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 19.8
Published: almost 2 years ago
GSA_kwCzR0hTQS0zbWpwLXA5MzgtNDMyOc3ong
Apache Tomcat vulnerable to SecurityManager bypassEcosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 19.8
Published: almost 2 years ago
Moderate
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 14.0
Published: almost 2 years ago
GSA_kwCzR0hTQS0ycnZmLTMyOWYtcDk5Z83otg
System Property Disclosure in Apache TomcatEcosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 14.0
Published: almost 2 years ago
High
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 19.8
Published: almost 2 years ago
GSA_kwCzR0hTQS1xNng3LWYzM3ItM3d4eM3osg
Incorrect Authorization in Apache TomcatEcosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 19.8
Published: almost 2 years ago
Moderate
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 15.6
Published: almost 2 years ago
GSA_kwCzR0hTQS13eGNwLWYyYzgteDZ4ds3opg
Observable Discrepancy in Apache TomcatEcosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 15.6
Published: almost 2 years ago
High
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 19.8
Published: almost 2 years ago
GSA_kwCzR0hTQS1yODRwLTg4ZzItMnZ4Ms3l_Q
Apache Tomcat EncryptInterceptor error leads to Uncontrolled Resource ConsumptionEcosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 19.8
Published: almost 2 years ago
Moderate
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS04aDJxLXFtOXgtNTVqY83dwA
Denial of Service in Apache TomcatEcosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Moderate
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS0zcDg2LXhncnEtbTZwNs3c3Q
Improper Neutralization of Input During Web Page Generation in Apache TomcatEcosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Moderate
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS13NnE3LXd3MngtN2dtM83WcA
Exposure of Sensitive Information to an Unauthorized Actor in Apache TomcatEcosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Moderate
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1mN3c3LTZwamMtd3dtNs3Mhg
Apache Tomcat affected by vulnerability in TLS and SSL protocolEcosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Moderate
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS04d2NoLTlnY2ctdjJwcs3KCQ
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in Apache TomcatEcosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Moderate
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1oamZoLTdjNHYtN3E4aM3KAw
Improper Authentication in Apache TomcatEcosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Moderate
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1nZ3g5LTQ3MjgtNTg4cs3JTg
Apache Tomcat Directory Traversal vulnerabilityEcosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Moderate
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 11.1
Published: almost 2 years ago
GSA_kwCzR0hTQS1oaGpnLWc4eHEtaGhyM83CSQ
Exposure of Sensitive Information to an Unauthorized Actor in Apache TomcatEcosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 11.1
Published: almost 2 years ago
Moderate
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1qNzg4LWZ4NTctOTl3cM3CQg
Cross-site scripting in Apache TomcatEcosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Moderate
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS13MjI3LXhjZngtM3BqOM3BjA
Exposure of Sensitive Information in Apache TomcatEcosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Moderate
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS01Y3c0LWdneDktMzZ2Z82_fQ
Apache Tomcat Denial of Service via Malformed Request HeadersEcosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Low
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS03ZzU5LWhtOHYtY3dtY82-SA
Apache Tomcat information disclosure vulnerabilityEcosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Moderate
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1tN3hqLWNjcWMtcDRnMs25Vg
Apache Tomcat Directory Traversal vulnerabilityEcosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Moderate
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1tOGg4LTZydmctZjRtZ823Mw
Apache Tomcat Path Traversal VulnerabilityEcosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Moderate
Ecosystems: maven
Packages: org.apache.tomcat.embed:tomcat-embed-core, org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1mOThwLTlwcDYtN3E2Y821nA
Apache Tomcat Cross-site scripting (XSS) vulnerabilityEcosystems: maven
Packages: org.apache.tomcat.embed:tomcat-embed-core, org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Moderate
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1xNzR4LXFxaHItZjhyeM2y9Q
Apache Tomcat Cross-site scripting (XSS) vulnerabilityEcosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Moderate
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS01eDVmLTlyNnEtcTdtaM2uaw
Apache Tomcat Sensitive Information DisclosureEcosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Moderate
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1xcmo0LXJtcWctNGhjcM2skg
Apache Tomcat Does Not Properly Handle Empty RequestsEcosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Low
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS12NXAyLXZnM2MtcG1ycs2psg
Apache Tomcat Path Traversal VulnerabilityEcosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Moderate
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1jd3c0LXZqNXItcng1N82pTQ
Exposure of Sensitive Information in Apache TomcatEcosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Moderate
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1nNzdnLXZqam0teDgzas2nEw
Apache Tomcat Example Application CSRF and XSS VulnerabilitiesEcosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Moderate
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS0zNmhwLTR4M2ctcGhyZ82iLg
Apache Tomcat's CookieExample Vulnerable to XSSEcosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Moderate
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS13andyLTNqY2gtNDc5as2iKg
Apache Tomcat SendMailServlet XSSEcosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Moderate
Ecosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1xZmY4LWc0OGotcHdwd82iMw
Apache Tomcat treats single quotes as delimiters in cookiesEcosystems: maven
Packages: org.apache.tomcat:tomcat
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Statistics
Advisories: 17,583
Packages: 8,150
Repositories: 7
Ecosystems: 12
Packages: 8,150
Repositories: 7
Ecosystems: 12
Filter by Severity
Filter by Ecosystem
Filter by Package
org.jenkins-ci.main:jenkins-core
189
org.apache.tomcat:tomcat
139
com.fasterxml.jackson.core:jackson-databind
69
org.apache.struts:struts2-core
55
com.liferay.portal:release.portal.bom
45
org.keycloak:keycloak-core
45
com.thoughtworks.xstream:xstream
36
com.jfinal:jfinal
36
net.mingsoft:ms-mcms
35
org.xwiki.platform:xwiki-platform-oldcore
34
org.elasticsearch:elasticsearch
32
org.apache.tomcat.embed:tomcat-embed-core
32
org.jenkins-ci.plugins:script-security
30
io.undertow:undertow-core
27
org.keycloak:keycloak-services
27
org.keycloak:keycloak-parent
25
org.apache.solr:solr-core
25
org.springframework.security:spring-security-core
23
org.eclipse.jetty:jetty-server
23
org.apache.nifi:nifi
22
org.apache.openmeetings:openmeetings-parent
21
org.cloudfoundry.identity:cloudfoundry-identity-server
20
org.springframework:spring-core
19
com.liferay.portal:release.dxp.bom
18
org.bouncycastle:bcprov-jdk14
18
com.vaadin:vaadin-bom
18
org.apache.geode:geode-core
17
org.xwiki.platform:xwiki-platform-web-templates
17
org.bouncycastle:bcprov-jdk15
16
org.apache.dubbo:dubbo
16
org.apache.activemq:activemq-client
16
org.apache.jspwiki:jspwiki-main
15
org.apache.struts.xwork:xwork-core
15
org.xwiki.platform:xwiki-platform-web
14
org.apache.cxf:cxf
13
org.apache.hadoop:hadoop-main
13
org.apache.inlong:manager-pojo
13
org.jenkins-ci.plugins.workflow:workflow-cps
12
org.jenkins-ci.plugins:git
12
org.apache.dolphinscheduler:dolphinscheduler
12
com.vaadin:flow-server
12
org.apache.hadoop:hadoop-common
11
org.jeecgframework.boot:jeecg-boot-common
11
org.apache.james:james-server
11
org.apache.ranger:ranger
11
org.mortbay.jetty:jetty
11
org.apache.commons:commons-compress
11
org.igniterealtime.openfire:parent
11
org.jeecgframework.boot:jeecg-boot-parent
11
com.xuxueli:xxl-job
11
org.apache.tika:tika-core
11
org.apache.jspwiki:jspwiki-war
11
org.apache.camel:camel-core
11
org.jenkins-ci.plugins:email-ext
11
org.apache.cxf:cxf-core
11
io.netty:netty
10
org.jboss.netty:netty
10
org.jenkins-ci.plugins.workflow:workflow-cps-global-lib
10
org.xwiki.platform:xwiki-platform-administration-ui
10
org.apache.inlong:manager-service
10
org.apache.hive:hive
9
org.craftercms:crafter-studio
9
org.apache.archiva:archiva
9
org.jenkins-ci.plugins:config-file-provider
9
org.bouncycastle:bcprov-jdk15on
9
org.apache.xmlgraphics:batik
9
org.webjars.npm:jquery
9
cn.hutool:hutool-core
9
org.jenkins-ci.plugins:active-directory
9
org.jenkins-ci.plugins:electricflow
9
io.jenkins:configuration-as-code
9
org.opennms:opennms
9
com.sonyericsson.jenkins.plugins.bfa:build-failure-analyzer
9
org.springframework:spring-webmvc
9
jquery
9
org.opencrx:opencrx-core-models
9
org.apache.tapestry:tapestry-core
9
org.apache.shiro:shiro-core
9
jquery-rails
9
org.apache.santuario:xmlsec
8
org.apache.ambari:ambari
8
org.jenkins-ci.plugins:ec2
8
com.hazelcast:hazelcast
8
jQuery
8
org.apache.hive:hive-exec
8
io.jenkins.blueocean:blueocean
8
org.opencms:opencms-core
8
org.graylog2:graylog2-server
8
org.apache.pdfbox:pdfbox
8
org.yaml:snakeyaml
8
org.apache.zeppelin:zeppelin
8
org.apache.kylin:kylin
8
org.springframework:spring-web
8
org.postgresql:postgresql
8
org.apache.ozone:ozone-main
8
org.apache.tomcat:tomcat-catalina
8
mysql:mysql-connector-java
8
org.jenkins-ci.plugins:artifactory
7
org.apache.hive:hive-service
7
io.jenkins.plugins:warnings-ng
7
org.owasp.esapi:esapi
7
org.apache.cxf:apache-cxf
7
org.apache.derby:derby
7
jQuery.UI.Combined
7
io.jenkins.plugins:miniorange-saml-sp
7
org.webjars.npm:jquery-ui
7
org.owasp.antisamy:antisamy
7
jquery-ui-rails
7
jquery-ui
7
org.apache.inlong:manager-web
7
org.jenkins-ci.plugins:subversion
7
org.silverpeas.core:silverpeas-core-web
7
org.apache.spark:spark-core_2.11
7
org.jboss.resteasy:resteasy-client
7
org.apache.tika:tika
7
org.jenkins-ci.plugins:jobConfigHistory
7
org.jenkins-ci.plugins:mercurial
7
org.jenkins-ci.plugins:rundeck
7
org.apache.atlas:atlas-common
7
org.jenkins-ci.plugins:openshift-deployer
7
org.apache.logging.log4j:log4j-core
7
org.apache.poi:poi
7
rubygems-update
7
org.jruby:jruby-stdlib
7
org.apache.activemq:activemq-parent
7
org.apache.karaf:apache-karaf
7
io.atomix:atomix
7
org.jeecgframework.boot:jeecg-boot-base
7
io.dataease:dataease-plugin-common
7
net.opentsdb:opentsdb
7
io.jenkins.plugins:cavisson-ns-nd-integration
7
org.apache.tomcat:tomcat-coyote
7
org.apache.linkis:linkis
7
org.apache.shenyu:shenyu-common
6
org.jenkins-ci.plugins:repository-connector
6
hudson.plugins:project-inheritance
6
commons-fileupload:commons-fileupload
6
org.apache.axis:axis
6
axis:axis
6
io.netty:netty-codec-http
6
org.xwiki.commons:xwiki-commons-xml
6
com.jflyfox:jflyfox_jfinal
6
org.opencastproject:opencast-kernel
6
org.csanchez.jenkins.plugins:kubernetes
6
de.tum.in.ase:artemis-java-test-sandbox
6
org.opensearch.plugin:opensearch-security
6
io.netty:netty-handler
6
org.apache.httpcomponents:httpclient
6
org.jenkins-ci.plugins:ec2-deployment-dashboard
6
com.sonyericsson.hudson.plugins.gerrit:gerrit-trigger
6
org.apache.mesos:mesos
6
org.apache.solr:solr-parent
6
org.jenkins-ci.plugins:azure-vm-agents
6
org.apache.pulsar:pulsar-broker
6
org.jenkins-ci.plugins:fortify-on-demand-uploader
6
org.apache.struts:struts2-rest-plugin
6
org.jenkins-ci.plugins:gitlab-oauth
6
com.xebialabs.deployit.ci:deployit-plugin
6
tech.powerjob:powerjob
6
cn.hutool:hutool-json
6
org.apache.syncope:syncope-core
6
org.apache.storm:storm-core
6
org.jenkins-ci.plugins:pipeline-maven
6
org.apache.spark:spark-core_2.10
6
org.jenkins-ci.plugins:ghprb
5
org.apache.zeppelin:zeppelin-server
5
org.apache.cassandra:cassandra-all
5
org.xwiki.platform:xwiki-platform-flamingo-skin-resources
5
org.jboss.resteasy:resteasy-bom
5
org.opennms:opennms-webapp
5
org.jenkins-ci.plugins:azure-ad
5
org.jenkins-ci.plugins:sinatra-chef-builder
5
com.coravy.hudson.plugins.github:github
5
org.jenkins-ci.plugins:openid
5
com.nimbusds:nimbus-jose-jwt
5
org.jenkins-ci.plugins:fortify
5
org.apache.inlong:manager-dao
5
org.apache.ignite:ignite-core
5
org.codehaus.jettison:jettison
5
io.vertx:vertx-web
5
com.google.protobuf:protobuf-java
5
org.jenkins-ci.plugins:scriptler
5
org.jenkins-ci.plugins:websphere-deployer
5
org.jenkins-ci.plugins:mailer
5
com.mabl.integration.jenkins:mabl-integration
5
log4j:log4j
5
info.magnolia:magnolia-core
5
org.zenframework.z8.dependencies.commons:log4j-1.2.17
5
com.vaadin:vaadin-server
5
org.apache.hadoop:hadoop-client
5
com.alibaba:dubbo
5
org.springframework.amqp:spring-amqp
5
org.jenkins-ci.plugins:publish-over-ssh
5
org.springframework.security.oauth:spring-security-oauth2
5
org.jenkins-ci.plugins.m2release:m2release
5
org.apache.druid:druid
5
org.jenkins-ci.plugins:htmlpublisher
5
org.jenkins-ci.plugins:credentials
5
org.bouncycastle:bcprov-ext-jdk15on
5
org.dspace:dspace-jspui
5