Maven package
org.apache.tomcat/tomcat
pkg:maven/org.apache.tomcat/tomcat
Vulnerabilities (148)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2006-7196 | — | >= 4.0.0, < 4.0.7 | 4.0.7 | May 10, 2007 | Cross-site scripting (XSS) vulnerability in the calendar application example in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0 through 4.1.31, 5.0.0 through 5.0.30, and 5.5.0 through 5.5.15 allows remote attackers to inject arbitrary web script or HTML via the time parameter to cal2.js | ||
| CVE-2006-7195 | — | >= 5.0.0, <= 5.0.30 | — | May 10, 2007 | Cross-site scripting (XSS) vulnerability in implicit-objects.jsp in Apache Tomcat 5.0.0 through 5.0.30 and 5.5.0 through 5.5.17 allows remote attackers to inject arbitrary web script or HTML via certain header values. | ||
| CVE-2006-7197 | — | <= 5.5.15 | — | Apr 25, 2007 | The AJP connector in Apache Tomcat 5.5.15 uses an incorrect length for chunks, which can cause a buffer over-read in the ajp_process_callback in mod_jk, which allows remote attackers to read portions of sensitive memory. | ||
| CVE-2007-0450 | — | >= 5.0, < 5.5.22 | 5.5.22 | Mar 16, 2007 | Directory traversal vulnerability in Apache HTTP Server and Tomcat 5.x before 5.5.22 and 6.x before 6.0.10, when using certain proxy modules (mod_proxy, mod_rewrite, mod_jk), allows remote attackers to read arbitrary files via a .. (dot dot) sequence with combinations of (1) "/" | ||
| CVE-2006-3835 | — | >= 5.0.0, < 5.5.17 | 5.5.17 | Jul 25, 2006 | Apache Tomcat 5 before 5.5.17 allows remote attackers to list directories via a semicolon (;) preceding a filename with a mapped extension, as demonstrated by URLs ending with /;index.jsp and /;help.do. | ||
| CVE-2005-4836 | — | >= 4.1.15, <= 4.1.40 | — | Dec 31, 2005 | The HTTP/1.1 connector in Apache Tomcat 4.1.15 through 4.1.40 does not reject NULL bytes in a URL when allowLinking is configured, which allows remote attackers to read JSP source files and obtain sensitive information. | ||
| CVE-2005-4703 | — | <= 4.0.3 | — | Dec 31, 2005 | Apache Tomcat 4.0.3, when running on Windows, allows remote attackers to obtain sensitive information via a request for a file that contains an MS-DOS device name such as lpt9, which leaks the pathname in an error message, as demonstrated by lpt9.xtp using Nikto. | ||
| CVE-2005-3510 | — | >= 5.5.0, < 5.5.12 | 5.5.12 | Nov 6, 2005 | Apache Tomcat 5.5.0 to 5.5.11 allows remote attackers to cause a denial of service (CPU consumption) via a large number of simultaneous requests to list a web directory that has a large number of files. | ||
| CVE-2005-3164 | — | >= 4.0.1, <= 4.0.6 | — | Oct 6, 2005 | The AJP connector in Apache Tomcat 4.0.1 through 4.0.6 and 4.1.0 through 4.1.36, as used in Hitachi Cosminexus Application Server and standalone, does not properly handle when a connection is broken before request body data is sent in a POST request, which can lead to an informat | ||
| CVE-2005-2090 | — | >= 5.0.0, <= 5.0.19 | — | Jul 5, 2005 | Jakarta Tomcat 5.0.19 (Coyote/1.1) and Tomcat 4.1.24 (Coyote/1.0) allows remote attackers to poison the web cache, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with both a "Transfer-Encoding: chunked" header and a Content-Length header, | ||
| CVE-2003-0866 | — | >= 4.0, < 4.1.0 | 4.1.0 | Nov 17, 2003 | The Catalina org.apache.catalina.connector.http package in Tomcat 4.0.x up to 4.0.3 allows remote attackers to cause a denial of service via several requests that do not follow the HTTP protocol, which causes Tomcat to reject later requests. | ||
| CVE-2002-1567 | — | >= 4.1.0, < 4.1.29 | 4.1.29 | Oct 6, 2003 | Cross-site scripting (XSS) vulnerability in Apache Tomcat 4.1 allows remote attackers to execute arbitrary web script and steal cookies via a URL with encoded newlines followed by a request to a .jsp file whose name contains the script. | ||
| CVE-2003-0045 | — | < 3.3.1a | 3.3.1a | Feb 7, 2003 | Jakarta Tomcat before 3.3.1a on certain Windows systems may allow remote attackers to cause a denial of service (thread hang and resource consumption) via a request for a JSP page containing an MS-DOS device name, such as aux.jsp. | ||
| CVE-2003-0044 | — | >= 3.0, < 3.3.2 | 3.3.2 | Feb 7, 2003 | Multiple cross-site scripting (XSS) vulnerabilities in the (1) examples and (2) ROOT web applications for Jakarta Tomcat 3.x through 3.3.1a allow remote attackers to insert arbitrary web script or HTML. | ||
| CVE-2003-0043 | — | < 3.3.1a | 3.3.1a | Feb 7, 2003 | Jakarta Tomcat before 3.3.1a, when used with JDK 1.3.1 or earlier, uses trusted privileges when processing the web.xml file, which could allow remote attackers to read portions of some files through the web.xml file. | ||
| CVE-2003-0042 | — | < 3.3.1a | 3.3.1a | Feb 7, 2003 | Jakarta Tomcat before 3.3.1a, when used with JDK 1.3.1 or earlier, allows remote attackers to list directories even with an index.html or other file present, or obtain unprocessed source code for a JSP file, via a URL containing a null character. | ||
| CVE-2002-1394 | — | < 4.0.6 | 4.0.6 | Jan 17, 2003 | Apache Tomcat 4.0.5 and earlier, when using both the invoker servlet and the default servlet, allows remote attackers to read source code for server files or bypass certain protections, a variant of CAN-2002-1148. | ||
| CVE-2002-2272 | — | >= 4.0.0, <= 4.1.12 | — | Dec 31, 2002 | Tomcat 4.0 through 4.1.12, using mod_jk 1.2.1 module on Apache 1.3 through 1.3.27, allows remote attackers to cause a denial of service (desynchronized communications) via an HTTP GET request with a Transfer-Encoding chunked field with invalid values. | ||
| CVE-2002-2009 | — | >= 4.0.0, <= 4.0.1 | — | Dec 31, 2002 | Apache Tomcat 4.0.1 allows remote attackers to obtain the web root path via HTTP requests for JSP files preceded by (1) +/, (2) >/, (3) </, and (4) %20/, which leaks the pathname in an error message. | ||
| CVE-2002-2008 | — | < 4.1.3 | 4.1.3 | Dec 31, 2002 | Apache Tomcat 4.0.3 for Windows allows remote attackers to obtain the web root path via an HTTP request for a resource that does not exist, such as lpt9, which leaks the information in an error message. |
- CVE-2006-7196May 10, 2007affected >= 4.0.0, < 4.0.7fixed 4.0.7
Cross-site scripting (XSS) vulnerability in the calendar application example in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0 through 4.1.31, 5.0.0 through 5.0.30, and 5.5.0 through 5.5.15 allows remote attackers to inject arbitrary web script or HTML via the time parameter to cal2.js
- CVE-2006-7195May 10, 2007affected >= 5.0.0, <= 5.0.30
Cross-site scripting (XSS) vulnerability in implicit-objects.jsp in Apache Tomcat 5.0.0 through 5.0.30 and 5.5.0 through 5.5.17 allows remote attackers to inject arbitrary web script or HTML via certain header values.
- CVE-2006-7197Apr 25, 2007affected <= 5.5.15
The AJP connector in Apache Tomcat 5.5.15 uses an incorrect length for chunks, which can cause a buffer over-read in the ajp_process_callback in mod_jk, which allows remote attackers to read portions of sensitive memory.
- CVE-2007-0450Mar 16, 2007affected >= 5.0, < 5.5.22fixed 5.5.22
Directory traversal vulnerability in Apache HTTP Server and Tomcat 5.x before 5.5.22 and 6.x before 6.0.10, when using certain proxy modules (mod_proxy, mod_rewrite, mod_jk), allows remote attackers to read arbitrary files via a .. (dot dot) sequence with combinations of (1) "/"
- CVE-2006-3835Jul 25, 2006affected >= 5.0.0, < 5.5.17fixed 5.5.17
Apache Tomcat 5 before 5.5.17 allows remote attackers to list directories via a semicolon (;) preceding a filename with a mapped extension, as demonstrated by URLs ending with /;index.jsp and /;help.do.
- CVE-2005-4836Dec 31, 2005affected >= 4.1.15, <= 4.1.40
The HTTP/1.1 connector in Apache Tomcat 4.1.15 through 4.1.40 does not reject NULL bytes in a URL when allowLinking is configured, which allows remote attackers to read JSP source files and obtain sensitive information.
- CVE-2005-4703Dec 31, 2005affected <= 4.0.3
Apache Tomcat 4.0.3, when running on Windows, allows remote attackers to obtain sensitive information via a request for a file that contains an MS-DOS device name such as lpt9, which leaks the pathname in an error message, as demonstrated by lpt9.xtp using Nikto.
- CVE-2005-3510Nov 6, 2005affected >= 5.5.0, < 5.5.12fixed 5.5.12
Apache Tomcat 5.5.0 to 5.5.11 allows remote attackers to cause a denial of service (CPU consumption) via a large number of simultaneous requests to list a web directory that has a large number of files.
- CVE-2005-3164Oct 6, 2005affected >= 4.0.1, <= 4.0.6
The AJP connector in Apache Tomcat 4.0.1 through 4.0.6 and 4.1.0 through 4.1.36, as used in Hitachi Cosminexus Application Server and standalone, does not properly handle when a connection is broken before request body data is sent in a POST request, which can lead to an informat
- CVE-2005-2090Jul 5, 2005affected >= 5.0.0, <= 5.0.19
Jakarta Tomcat 5.0.19 (Coyote/1.1) and Tomcat 4.1.24 (Coyote/1.0) allows remote attackers to poison the web cache, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with both a "Transfer-Encoding: chunked" header and a Content-Length header,
- CVE-2003-0866Nov 17, 2003affected >= 4.0, < 4.1.0fixed 4.1.0
The Catalina org.apache.catalina.connector.http package in Tomcat 4.0.x up to 4.0.3 allows remote attackers to cause a denial of service via several requests that do not follow the HTTP protocol, which causes Tomcat to reject later requests.
- CVE-2002-1567Oct 6, 2003affected >= 4.1.0, < 4.1.29fixed 4.1.29
Cross-site scripting (XSS) vulnerability in Apache Tomcat 4.1 allows remote attackers to execute arbitrary web script and steal cookies via a URL with encoded newlines followed by a request to a .jsp file whose name contains the script.
- CVE-2003-0045Feb 7, 2003affected < 3.3.1afixed 3.3.1a
Jakarta Tomcat before 3.3.1a on certain Windows systems may allow remote attackers to cause a denial of service (thread hang and resource consumption) via a request for a JSP page containing an MS-DOS device name, such as aux.jsp.
- CVE-2003-0044Feb 7, 2003affected >= 3.0, < 3.3.2fixed 3.3.2
Multiple cross-site scripting (XSS) vulnerabilities in the (1) examples and (2) ROOT web applications for Jakarta Tomcat 3.x through 3.3.1a allow remote attackers to insert arbitrary web script or HTML.
- CVE-2003-0043Feb 7, 2003affected < 3.3.1afixed 3.3.1a
Jakarta Tomcat before 3.3.1a, when used with JDK 1.3.1 or earlier, uses trusted privileges when processing the web.xml file, which could allow remote attackers to read portions of some files through the web.xml file.
- CVE-2003-0042Feb 7, 2003affected < 3.3.1afixed 3.3.1a
Jakarta Tomcat before 3.3.1a, when used with JDK 1.3.1 or earlier, allows remote attackers to list directories even with an index.html or other file present, or obtain unprocessed source code for a JSP file, via a URL containing a null character.
- CVE-2002-1394Jan 17, 2003affected < 4.0.6fixed 4.0.6
Apache Tomcat 4.0.5 and earlier, when using both the invoker servlet and the default servlet, allows remote attackers to read source code for server files or bypass certain protections, a variant of CAN-2002-1148.
- CVE-2002-2272Dec 31, 2002affected >= 4.0.0, <= 4.1.12
Tomcat 4.0 through 4.1.12, using mod_jk 1.2.1 module on Apache 1.3 through 1.3.27, allows remote attackers to cause a denial of service (desynchronized communications) via an HTTP GET request with a Transfer-Encoding chunked field with invalid values.
- CVE-2002-2009Dec 31, 2002affected >= 4.0.0, <= 4.0.1
Apache Tomcat 4.0.1 allows remote attackers to obtain the web root path via HTTP requests for JSP files preceded by (1) +/, (2) >/, (3) </, and (4) %20/, which leaks the pathname in an error message.
- CVE-2002-2008Dec 31, 2002affected < 4.1.3fixed 4.1.3
Apache Tomcat 4.0.3 for Windows allows remote attackers to obtain the web root path via an HTTP request for a resource that does not exist, such as lpt9, which leaks the information in an error message.
Page 7 of 8