VIR Vulnerability Intelligence Relay

Package impact

java Maven / org.apache.tomcat:tomcat

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Published Description Impact
CVE-2009-3555 critical 9.8 10.0 17y ago Apache Tomcat affected by vulnerability in TLS and SSL protocol debianubuntufedorajava+4
CVE-2026-43512 critical 9.8 9.8 16d ago Apache Tomcat - Digest authenticator will authenticate any unknown user susedebianjavaapache
CVE-2026-41293 critical 9.8 9.8 16d ago Apache Tomcat - HTTP/2 request headers not validated susedebianjavaapache
CVE-2025-55754 critical 9.6 9.6 10d ago Apache Tomcat Vulnerable to Improper Neutralization of Escape, Meta, or Control Sequences redhatsusedebianjava+1
CVE-2026-29145 critical 9.5 2mo ago Apache Tomcat: CLIENT_CERT authentication does not fail as expected susedebianjava
CVE-2026-43515 critical 9.1 9.1 16d ago Apache Tomcat - Security constraints not correctly applied susedebianjavaapache
CVE-2026-43514 low 3.7 3.7 16d ago Apache Tomcat - AJP secret compared in non-constant time susedebianjavaapache
CVE-2013-2071 low 2.6 13y ago Exposure of Sensitive Information to an Unauthorized Actor in Apache Tomcat javaapache
CVE-2010-1157 low 2.6 16y ago Exposure of Sensitive Information to an Unauthorized Actor in Apache Tomcat javaapache
CVE-2024-54677 low 2.5 2y ago Apache Tomcat Uncontrolled Resource Consumption vulnerability susedebianjava
CVE-2011-2204 low 1.9 15y ago Insertion of Sensitive Information into Log File in Apache Tomcat javaapache
CVE-2010-3718 low 1.2 16y ago Improper Limitation of a Pathname to a Restricted Directory in Apache Tomcat javaapache
CVE-2026-34487 unknown 2mo ago Apache Tomcat vulnerable to Insertion of Sensitive Information into Log File susedebianjavagcp
CVE-2026-34483 unknown 2mo ago Apache Tomcat has an Improper Encoding or Escaping of Output vulnerability in the JsonAccessLogValve susedebianjava
CVE-2026-25854 unknown 2mo ago Apache Tomcat has an Open Redirect vulnerability susedebianjava
CVE-2026-29146 unknown 2mo ago Apache Tomcat: Padding Oracle vulnerability in EncryptInterceptor susedebianjavagcp
CVE-2026-32990 unknown 2mo ago Apache Tomcat has an Improper Input Validation vulnerability debianjava
CVE-2025-66614 unknown 3mo ago Apache Tomcat - Client certificate verification bypass susedebianjava
CVE-2026-24733 unknown 3mo ago Apache Tomcat - Security constraint bypass with HTTP/0.9 susedebianjava
CVE-2025-49124 unknown 1y ago Apache Tomcat installer for Windows has an untrusted search path vulnerability susedebianjava
CVE-2021-43980 unknown 4y ago Apache Tomcat Race Condition vulnerability susedebianjava
CVE-2022-34305 unknown 4y ago Cross-site Scripting in Apache Tomcat susedebianjava
CVE-2012-5887 unknown 4y ago Improper Authentication in Apache Tomcat java
CVE-2008-5515 unknown 4y ago Directory Traversal in Apache Tomcat java
CVE-2016-8747 unknown 4y ago Apache Tomcat allows remote attackers to read data that was intended to be associated with a different request susejava
CVE-2017-15706 unknown 4y ago Inconsistent documentation in Apache Tomcat susedebianjava
CVE-2022-29885 unknown 4y ago Apache Tomcat EncryptInterceptor error leads to Uncontrolled Resource Consumption susedebianjava
CVE-2009-0783 unknown 4y ago Exposure of Sensitive Information to an Unauthorized Actor in Apache Tomcat java
CVE-2009-0781 unknown 4y ago Cross-site scripting in Apache Tomcat java
CVE-2009-0580 unknown 4y ago Exposure of Sensitive Information in Apache Tomcat java
CVE-2009-0033 unknown 4y ago Apache Tomcat Denial of Service via Malformed Request Headers java
CVE-2008-4308 unknown 4y ago Apache Tomcat information disclosure vulnerability java
CVE-2008-2938 unknown 4y ago Apache Tomcat Directory Traversal vulnerability java
CVE-2008-2370 unknown 4y ago Apache Tomcat Path Traversal Vulnerability java
CVE-2008-1947 unknown 4y ago Apache Tomcat Cross-site scripting (XSS) vulnerability java
CVE-2008-1232 unknown 4y ago Apache Tomcat Cross-site scripting (XSS) vulnerability java
CVE-2008-0002 unknown 4y ago Apache Tomcat Sensitive Information Disclosure java
CVE-2007-6286 unknown 4y ago Apache Tomcat Does Not Properly Handle Empty Requests java
CVE-2007-5461 unknown 4y ago Apache Tomcat Path Traversal Vulnerability java
CVE-2007-5333 unknown 4y ago Exposure of Sensitive Information in Apache Tomcat java
CVE-2007-4724 unknown 4y ago Apache Tomcat Example Application CSRF and XSS Vulnerabilities java
CVE-2007-3384 unknown 4y ago Apache Tomcat's CookieExample Vulnerable to XSS java
CVE-2007-3383 unknown 4y ago Apache Tomcat SendMailServlet XSS java
CVE-2007-3385 unknown 4y ago Apache Tomcat Mishandles Character Sequence in Cookies java
CVE-2007-3382 unknown 4y ago Apache Tomcat treats single quotes as delimiters in cookies java
CVE-2007-2449 unknown 4y ago Apache Tomcat XSS Vulnerabilities in Examples Web Application java
CVE-2007-2450 unknown 4y ago Apache Tomcat vulnerable to Cross-site Scripting java
CVE-2007-1358 unknown 4y ago Apache Tomcat XSS In Accept-Language Headers java
CVE-2007-0450 unknown 4y ago Apache Tomcat Directory Traversal java
CVE-2006-7195 unknown 4y ago Apache Tomcat XSS Vulnerability java
CVE-2006-7197 unknown 4y ago Apache Tomcat Buffer Over-Read java
CVE-2006-7196 unknown 4y ago Cross-site scripting in Apache Tomcat java
CVE-2006-3835 unknown 4y ago Apache Tomcat Reveals Directories java
CVE-2005-4836 unknown 4y ago Apache Tomcat allows remote attackers to read JSP source files java
CVE-2005-4703 unknown 4y ago Apache Tomcat Discloses MS-DOS Pathname java
CVE-2005-3510 unknown 4y ago Apache Tomcat Vulnerable to Denial of Service (DoS) via Simultaneous Requests java
CVE-2005-3164 unknown 4y ago Apache Tomcat AJP Connector Information Leak java
CVE-2005-2090 unknown 4y ago Tomcat Vulnerable to Web Cache Poisoning java
CVE-2002-2272 unknown 4y ago Apache Tomcat DoS via Malicious Get Request java
CVE-2002-2008 unknown 4y ago Apache Tomcat Leaks Information via Error Message java
CVE-2002-2009 unknown 4y ago Apache Tomcat Leaks Pathname Information via Error Message java
CVE-2002-2006 unknown 4y ago Apache Tomcat Default Installation Reveals Sensitive Information java
CVE-2002-1567 unknown 4y ago Apache Tomcat XSS Vulnerability java
CVE-2002-1394 unknown 4y ago Apache Tomcat Source Code Disclosure java
CVE-2002-1148 unknown 4y ago Apache Tomcat Source Code Disclosure java
CVE-2002-0935 unknown 4y ago Apache Tomcat DoS Via Requests Including Null Characters java
CVE-2002-0493 unknown 4y ago Apache Tomcat may be started without proper security settings java
CVE-2001-0917 unknown 4y ago Apache Tomcat Reveals Path through Long URL java
CVE-2001-0829 unknown 4y ago Apache Tomcat allows webmasters to insert xss into error messages java
CVE-2000-1210 unknown 4y ago Apache Tomcat Directory Traversal java
CVE-2000-0759 unknown 4y ago Jakarta Apache Tomcat Reveals Physical Paths java
CVE-2003-0866 unknown 4y ago Apache Tomcat Denial of Service vulnerability in the Catalina package java
CVE-2003-0043 unknown 4y ago Tomcat uses trusted privileges when processing web.xml file java
CVE-2003-0044 unknown 4y ago Jakarta Tomcat cross-site scripting (XSS) vulnerability java
CVE-2003-0045 unknown 4y ago Jakarta Tomcat Denial of Service vulnerability java
CVE-2003-0042 unknown 4y ago Jakarta Tomcat Directory Listing vulnerability java
CVE-2020-8022 unknown 4y ago Incorrect Default Permissions in Apache Tomcat susejava
CVE-2022-23181 unknown 4y ago Race condition in Apache Tomcat susedebianjava
CVE-2021-41079 unknown 5y ago Infinite loop in Tomcat due to parsing error susedebianjava
CVE-2021-30640 unknown 5y ago Authentication Bypass by Alternate Name in Apache Tomcat susedebianjava
CVE-2021-33037 unknown 5y ago HTTP Request Smuggling in Apache Tomcat susedebianjava
CVE-2021-30639 unknown 5y ago Improper Handling of Exceptional Conditions in Apache Tomcat debianjava
CVE-2019-17569 unknown 6y ago Potential HTTP request smuggling in Apache Tomcat debianjava