VIR Vulnerability Intelligence Relay

Package impact

java Maven / org.apache.tomcat:tomcat-catalina

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Published Description Impact
CVE-2026-43512 critical 9.8 9.8 16d ago Apache Tomcat - Digest authenticator will authenticate any unknown user susedebianjavaapache
CVE-2026-41293 critical 9.8 9.8 16d ago Apache Tomcat - HTTP/2 request headers not validated susedebianjavaapache
CVE-2025-55754 critical 9.6 9.6 10d ago Apache Tomcat Vulnerable to Improper Neutralization of Escape, Meta, or Control Sequences redhatsusedebianjava+1
CVE-2026-43515 critical 9.1 9.1 16d ago Apache Tomcat - Security constraints not correctly applied susedebianjavaapache
CVE-2017-5648 critical 9.1 9.1 9y ago Exposure of Resource to Wrong Sphere in Apache Tomcat susedebianjavaapache
CVE-2025-24813 medium 7.0 1y ago Apache Tomcat: Potential RCE and/or information disclosure and/or information corruption with partial PUT redhatrockylinuxsusedebian+1
CVE-2024-50379 medium 5.5 11mo ago Apache Tomcat Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability redhatrockylinuxsusedebian+1
CVE-2023-28708 medium 5.5 3y ago Apache Tomcat vulnerable to Unprotected Transport of Credentials redhatsusedebianjava
CVE-2025-61795 medium 5.3 5.3 7mo ago Apache Tomcat Vulnerable to Improper Resource Shutdown or Release susedebianjavaapache
CVE-2012-5886 medium 5.0 14y ago Improper Authentication in Apache Tomcat javaapache
CVE-2014-0119 medium 4.3 12y ago Missing XML Validation in Apache Tomcat susejavaapache
CVE-2014-0096 medium 4.3 12y ago Improper Input Validation in Apache Tomcat javaapache