Package impact

Maven / org.apache.tomcat:tomcat-catalina

critical high medium low unknown

0

KEV Has exploit

CVE	Severity	CVSS	Risk	Published	Description	Impact
CVE-2025-24813	medium	—	7.0	1y ago	Apache Tomcat: Potential RCE and/or information disclosure and/or information corruption with partial PUT	+1
CVE-2024-50379	medium	—	5.5	11mo ago	Apache Tomcat Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability	+1
CVE-2023-28708	medium	—	5.5	3y ago	Apache Tomcat vulnerable to Unprotected Transport of Credentials
CVE-2025-61795	medium	5.3	5.3	7mo ago	Apache Tomcat Vulnerable to Improper Resource Shutdown or Release
CVE-2012-5886	medium	—	5.0	14y ago	Improper Authentication in Apache Tomcat
CVE-2014-0119	medium	—	4.3	12y ago	Missing XML Validation in Apache Tomcat
CVE-2014-0096	medium	—	4.3	12y ago	Improper Input Validation in Apache Tomcat
CVE-2026-43514	low	3.7	3.7	16d ago	Apache Tomcat - AJP secret compared in non-constant time
CVE-2024-54677	low	—	2.5	2y ago	Apache Tomcat Uncontrolled Resource Consumption vulnerability
CVE-2017-12617	unknown	—	1.5	4y ago	Unrestricted Upload of File with Dangerous Type Apache Tomcat
CVE-2016-8735	unknown	—	1.5	4y ago	Apache Tomcat Improper Access Control vulnerability
CVE-2026-34487	unknown	—	—	2mo ago	Apache Tomcat vulnerable to Insertion of Sensitive Information into Log File
CVE-2026-34483	unknown	—	—	2mo ago	Apache Tomcat has an Improper Encoding or Escaping of Output vulnerability in the JsonAccessLogValve
CVE-2026-25854	unknown	—	—	2mo ago	Apache Tomcat has an Open Redirect vulnerability
CVE-2025-66614	unknown	—	—	3mo ago	Apache Tomcat - Client certificate verification bypass
CVE-2026-24733	unknown	—	—	3mo ago	Apache Tomcat - Security constraint bypass with HTTP/0.9
CVE-2025-49124	unknown	—	—	1y ago	Apache Tomcat installer for Windows has an untrusted search path vulnerability
CVE-2024-52316	unknown	—	—	2y ago	Apache Tomcat - Authentication Bypass
CVE-2022-45143	unknown	—	—	3y ago	Apache Tomcat improperly escapes input from JsonErrorReportValve