VIR Vulnerability Intelligence Relay

Package impact

java Maven / org.apache.tomcat:tomcat-coyote

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Published Description Impact
CVE-2023-44487 high 7.5 9.0 3y ago Important: nodejs:20 security update rockylinuxredhatdebiansuse+11
CVE-2026-29129 high 8.0 2mo ago Apache Tomcat: Configured cipher preference order not preserved susedebianjava
CVE-2026-24880 high 8.0 2mo ago Apache Tomcat has an HTTP Request/Response Smuggling vulnerability susedebianjava
CVE-2025-53506 high 8.0 9mo ago Important: tomcat security update redhatrockylinuxsusedebian+1
CVE-2025-31650 high 8.0 11mo ago Apache Tomcat Denial of Service via invalid HTTP priority header archredhatrockylinuxsuse+2
CVE-2024-34750 high 8.0 2y ago Important: tomcat security update redhatrockylinuxsusedebian+1
CVE-2024-24549 high 8.0 2y ago Apache Tomcat Denial of Service due to improper input validation vulnerability for HTTP/2 requests redhatsuserockylinuxdebian+1
CVE-2020-13934 high 8.0 4y ago Improper Restriction of Operations within the Bounds of a Memory Buffer in Apache Tomcat archsusedebianjava
CVE-2019-0199 high 8.0 6y ago Apache Tomcat Denial of Service vulnerability susedebianjava
CVE-2025-48989 high 7.5 7.5 9mo ago Important: tomcat security update redhatrockylinuxsusedebian+2
CVE-2016-6816 high 7.1 7.1 9y ago The code in Apache Tomcat 9.0.0.M1 to 9.0.0.M11, 8.5.0 to 8.5.6, 8.0.0.RC1 to 8.0.38, 7.0.0 to 7.0.72, and 6.0.0 to 6.0.47 that parsed the HTTP request line permitted invalid characters. This could b… susedebianjavaapache
CVE-2023-42795 medium 5.5 2y ago Moderate: tomcat security update redhatsusedebianjava
CVE-2023-42794 medium 5.5 2y ago Moderate: tomcat security update redhatsusedebianjava
CVE-2023-28709 medium 5.5 3y ago Moderate: tomcat security and bug fix update redhatsusedebianjava
CVE-2023-24998 medium 5.5 3y ago Moderate: tomcat security and bug fix update redhatarchsusedebian+1
CVE-2020-17527 medium 5.5 4y ago While investigating bug 64830 it was discovered that Apache Tomcat 10.0.0-M1 to 10.0.0-M9, 9.0.0-M1 to 9.0.39 and 8.5.0 to 8.5.59 could re-use an HTTP request header value from the previous stream re… archsusedebianjava
CVE-2014-0095 medium 5.0 12y ago Denial of service in Apache Tomcat javaapache
CVE-2014-0075 medium 5.0 12y ago Integer Overflow or Wraparound in Apache Tomcat javaapache
CVE-2026-32990 unknown 2mo ago Apache Tomcat has an Improper Input Validation vulnerability debianjava