VYPR
Moderate severityNVD Advisory· Published May 20, 2011· Updated Jun 16, 2026

CVE-2011-1582

CVE-2011-1582

Description

Apache Tomcat 7.0.12 and 7.0.13 processes the first request to a servlet without following security constraints that have been configured through annotations, which allows remote attackers to bypass intended access restrictions via HTTP requests. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-1088, CVE-2011-1183, and CVE-2011-1419.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
org.apache.tomcat:tomcatMaven
>= 7.0.12, < 7.0.147.0.14

Affected products

3
  • Apache/Tomcat2 versions
    cpe:2.3:a:apache:tomcat:7.0.12:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:apache:tomcat:7.0.12:*:*:*:*:*:*:*
    • cpe:2.3:a:apache:tomcat:7.0.13:*:*:*:*:*:*:*
  • ghsa-coords
    Range: >= 7.0.12, < 7.0.14

Patches

Vulnerability mechanics

References

14

News mentions

0

No linked articles in our index yet.