Package impact
MAVEN / org.apache.tomcat:tomcat-catalina
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2020-9484 | high | — | 8.0 | 6y ago | Potential remote code execution in Apache Tomcat | |||
| CVE-2026-43513 | high | 7.5 | 7.5 | 17d ago | Apache Tomcat: LockOutRealm treats user names as case-sensitive | |||
| CVE-2026-41284 | high | 7.5 | 7.5 | 17d ago | Apache Tomcat: Unbounded read in WebDAV LOCK and PROPFIND handling | |||
| CVE-2025-55752 | high | 7.5 | 7.5 | 6mo ago | Apache Tomcat Vulnerable to Relative Path Traversal | |||
| CVE-2026-42498 | high | 7.3 | 7.3 | 17d ago | Apache Tomcat - WebSocket authentication header exposure |