CVE-2026-43512 critical 9.8
9.8
16d ago
Apache Tomcat - Digest authenticator will authenticate any unknown user
suse debian java apache
CVE-2026-41293 critical 9.8
9.8
16d ago
Apache Tomcat - HTTP/2 request headers not validated
suse debian java apache
CVE-2025-55754 critical 9.6
9.6
9d ago
Apache Tomcat Vulnerable to Improper Neutralization of Escape, Meta, or Control Sequences
redhat suse debian java +1
CVE-2026-43515 critical 9.1
9.1
16d ago
Apache Tomcat - Security constraints not correctly applied
suse debian java apache
CVE-2017-5648 critical 9.1
9.1
9y ago
While investigating bug 60718, it was noticed that some calls to application listeners in Apache Tomcat 9.0.0.M1 to 9.0.0.M17, 8.5.0 to 8.5.11, 8.0.0.RC1 to 8.0.41, and 7.0.0 to 7.0.75 did not use th…
suse debian java apache
CVE-2026-43514 low 3.7
3.7
16d ago
Apache Tomcat - AJP secret compared in non-constant time
suse debian java apache
CVE-2024-54677 low —
2.5
2y ago
Apache Tomcat Uncontrolled Resource Consumption vulnerability
suse debian java