Package impact
Maven / org.apache.tomcat:tomcat-catalina
| CVE | Severity | CVSS | Risk | Published | Description | Impact |
|---|---|---|---|---|---|---|
| CVE-2026-43512 | critical | 9.8 | 9.8 | 16d ago | Apache Tomcat - Digest authenticator will authenticate any unknown user | |
| CVE-2026-41293 | critical | 9.8 | 9.8 | 16d ago | Apache Tomcat - HTTP/2 request headers not validated | |
| CVE-2025-55754 | critical | 9.6 | 9.6 | 10d ago | Apache Tomcat Vulnerable to Improper Neutralization of Escape, Meta, or Control Sequences | |
| CVE-2026-43515 | critical | 9.1 | 9.1 | 16d ago | Apache Tomcat - Security constraints not correctly applied | |
| CVE-2017-5648 | critical | 9.1 | 9.1 | 9y ago | Exposure of Resource to Wrong Sphere in Apache Tomcat | |
| CVE-2025-49124 | unknown | — | — | 1y ago | Apache Tomcat installer for Windows has an untrusted search path vulnerability |