Data

Tools

Indexes

Applications

Experiments

Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

maven

org.apache.tomcat.embed:tomcat-embed-core

maven

Core Tomcat implementation

View on repo1.maven.org

Security Advisories for org.apache.tomcat.embed:tomcat-embed-core in maven

Moderate
4 months ago

Apache Tomcat - Security constraint bypass for pre/post-resources GSA_kwCzR0hTQS13YzRyLXhxM2MtNWNmM84ABJET

maven org.apache.tomcat.embed:tomcat-embed-core, org.apache.tomcat:tomcat-catalina
High
4 months ago

Apache Tomcat - DoS in multipart upload GSA_kwCzR0hTQS1oM2djLXFmcXEtNmg4Zs4ABJER

maven org.apache.tomcat.embed:tomcat-embed-core, org.apache.tomcat:tomcat-catalina
Low
4 months ago

Apache Tomcat - CGI security constraint bypass GSA_kwCzR0hTQS1oMmZ3LXJmaDUtOTVyM84ABIft

maven org.apache.tomcat.embed:tomcat-embed-core, org.apache.tomcat:tomcat-catalina
Moderate
11 months ago

Apache Tomcat Request and/or response mix-up GSA_kwCzR0hTQS1xdmY1LWh2angtd20yN84ABBdF

maven org.apache.tomcat:tomcat-coyote, org.apache.tomcat.embed:tomcat-embed-core
High
over 1 year ago

Apache Tomcat - Denial of Service GSA_kwCzR0hTQS13bTl3LXJqajMtajM1Ns4AA9gV

maven org.apache.tomcat:tomcat-coyote, org.apache.tomcat.embed:tomcat-embed-core
Moderate
over 1 year ago

Apache Tomcat Denial of Service due to improper input validation vulnerability for HTTP/2 requests GSA_kwCzR0hTQS03dzc1LTMyY2ctcjZnMs4AA5-Y

maven org.apache.tomcat.embed:tomcat-embed-core
Moderate
over 1 year ago

Apache Tomcat vulnerable to Generation of Error Message Containing Sensitive Information GSA_kwCzR0hTQS1mNHFmLW01Z2YtOGptOM4AA4kQ

maven org.apache.tomcat.embed:tomcat-embed-core, org.apache.tomcat:tomcat-coyote
Moderate
about 2 years ago

Apache Tomcat Open Redirect vulnerability GSA_kwCzR0hTQS1xM213LXB2cjgtOWdnY84AA1gl

maven org.apache.tomcat.embed:tomcat-embed-core
High
about 2 years ago

Apache Tomcat - Fix for CVE-2023-24998 was incomplete GSA_kwCzR0hTQS1jeDZoLTg2eHctOXgzNM4AA0cs

maven org.apache.tomcat:tomcat-coyote, org.apache.tomcat.embed:tomcat-embed-core
High
over 2 years ago

Apache Tomcat vulnerable to information leak GSA_kwCzR0hTQS1tcHB2LTc5Y2gtdnc2cc4AAz98

maven org.apache.tomcat:tomcat-coyote, org.apache.tomcat.embed:tomcat-embed-core
High
over 2 years ago

Apache Tomcat improperly escapes input from JsonErrorReportValve GSA_kwCzR0hTQS1ycTJ3LTM3aDktdmc5NM4AAwuy

maven org.apache.tomcat:tomcat-util, org.apache.tomcat:tomcat-catalina, org.apache.tomcat.embed:tomcat-embed-core
High
almost 3 years ago

Apache Tomcat may reject request containing invalid Content-Length header GSA_kwCzR0hTQS1wMjJ4LWc5cHgtMzk0Nc4AAvm5

maven org.apache.tomcat:tomcat-coyote, org.apache.tomcat.embed:tomcat-embed-core
Moderate
over 3 years ago

Denial of service in Apache Tomcat GSA_kwCzR0hTQS13ZjV2LWpoeGotcTYzMs4AAYNe

maven org.apache.tomcat.embed:tomcat-embed-core, org.apache.tomcat:tomcat-coyote
Critical
over 3 years ago

Expected Behavior Violation in Apache Tomcat GSA_kwCzR0hTQS05aGcyLTM5NWotODNybc4AASV-

maven org.apache.tomcat.embed:tomcat-embed-core, org.apache.tomcat:tomcat-coyote
Critical
over 3 years ago

Exposure of Resource to Wrong Sphere in Apache Tomcat GSA_kwCzR0hTQS0zdngzLXhmNnEtcjV4cM4AAQYR

maven org.apache.tomcat.embed:tomcat-embed-core, org.apache.tomcat:tomcat-catalina
Moderate
over 3 years ago

Apache Tomcat Cross-site scripting (XSS) vulnerability GSA_kwCzR0hTQS1mOThwLTlwcDYtN3E2Y821nA

maven org.apache.tomcat.embed:tomcat-embed-core, org.apache.tomcat:tomcat
High
over 4 years ago

Exposure of Sensitive Information to an Unauthorized Actor in Apache Tomcat MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWozOWMtYzhoai14NGoz

maven org.apache.tomcat.embed:tomcat-embed-core
Moderate
over 4 years ago

Information Disclosure in Apache Tomcat MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTJydnYtdzlyMi1yZzdt

maven org.apache.tomcat.embed:tomcat-embed-core
High
over 4 years ago

Potential remote code execution in Apache Tomcat MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWpnd3ItM3FtMy0yNmYz

maven org.apache.tomcat.embed:tomcat-embed-core
Critical
over 5 years ago

Improper Privilege Management in Tomcat MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWM5aHctd2Y3eC1qcDlq

maven org.apache.tomcat.embed:tomcat-embed-core
High
over 5 years ago

Apache Tomcat Denial of Service vulnerability MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXFjeGgtdzNqOS01OHFy

maven org.apache.tomcat.embed:tomcat-embed-core
Moderate
over 5 years ago

Potential HTTP request smuggling in Apache Tomcat MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTc2N2otamZoMi1qdnJj

maven org.apache.tomcat:tomcat, org.apache.tomcat.embed:tomcat-embed-core
Moderate
over 5 years ago

Potential HTTP request smuggling in Apache Tomcat MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXF4ZjQtY2h2Zy00cjhy

maven org.apache.tomcat:tomcat, org.apache.tomcat.embed:tomcat-embed-core
High
almost 6 years ago

Insufficiently Protected Credentials in Apache Tomcat MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWhoM2oteDRtYy1nNDhy

maven org.apache.tomcat.embed:tomcat-embed-core
High
almost 6 years ago

In Apache Tomcat, when using FORM authentication there was a narrow window where an attacker could perform a session fixation attack MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTl4Y2otYzhjci04YzNj

maven org.apache.tomcat.embed:tomcat-embed-core
High
over 6 years ago

Improper Locking in Apache Tomcat MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXE0aGctcm1xMi01MnE5

maven org.apache.tomcat.embed:tomcat-embed-core
Moderate
over 6 years ago

Cross-site scripting in Apache Tomcat MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWpqcHEtZ3A1cS04cTZ3

maven org.apache.tomcat.embed:tomcat-embed-core
High
over 6 years ago

Apache Tomcat OS Command Injection vulnerability MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTh2bXgtcW1jaC1tcHFn

maven org.apache.tomcat.embed:tomcat-embed-core
Moderate
almost 7 years ago

Apache Tomcat Race Condition vulnerability MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTZ2NTItbWo1ci03ajJt

maven org.apache.tomcat.embed:tomcat-embed-core
High
almost 7 years ago

The host name verification missing in Apache Tomcat MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTQ2ajMtcjRwai00ODM1

maven org.apache.tomcat.embed:tomcat-embed-core
Critical
almost 7 years ago

The defaults settings for the CORS filter provided in Apache Tomcat are insecure and enable 'supportsCredentials' for all origins MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXI0eDItM2NxNS1ocXZw

maven org.apache.tomcat.embed:tomcat-embed-core
High
almost 7 years ago

In Apache Tomcat there is an improper handing of overflow in the UTF-8 decoder MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW01OWMtanBjOC1tMng0

maven org.apache.tomcat.embed:tomcat-embed-core
Moderate
almost 7 years ago

Apache Tomcat information exposure vulnerability MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWp4NmgtM2ZqeC1jZ3Y1

maven org.apache.tomcat.embed:tomcat-embed-core
Moderate
almost 7 years ago

Apache Tomcat unauthorized access vulnerability MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTZyeGotNThqaC00MzZy

maven org.apache.tomcat.embed:tomcat-embed-core
Moderate
almost 7 years ago

Apache Tomcat Open Redirect vulnerability MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTVxOTktZjM0bS02N2dj

maven org.apache.tomcat.embed:tomcat-embed-core
High
almost 7 years ago

When running Apache Tomcat on Windows with HTTP PUTs enabled it was possible to upload a JSP file to the server MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXBqZnItcWYzcC0zcTI1

maven org.apache.tomcat.embed:tomcat-embed-core

Filter by Severity

High 16 Moderate 15 Critical 4 Low 1