Lucene search

K
ApacheTomcat

231 matches found

CVE
CVE
added 2023/03/22 11:15 a.m.401 views

CVE-2023-28708

When using the RemoteIpFilter with requests received from a reverse proxy via HTTP that include the X-Forwarded-Proto header set to https, session cookies created by Apache Tomcat 11.0.0-M1 to 11.0.0.-M2, 10.1.0-M1 to 10.1.5, 9.0.0-M1 to 9.0.71 and 8.5.0 to 8.5.85 did not include the secure attribu...

4.3CVSS7.1AI score0.00162EPSS
CVE
CVE
added 2023/10/10 6:15 p.m.398 views

CVE-2023-42795

Incomplete Cleanup vulnerability in Apache Tomcat.When recycling various internal objects in Apache Tomcat from 11.0.0-M1 through 11.0.0-M11, from 10.1.0-M1 through 10.1.13, from 9.0.0-M1 through 9.0.80 and from 8.5.0 through 8.5.93, an error couldcause Tomcat to skip some parts of the recycling pr...

5.3CVSS7.6AI score0.0051EPSS
CVE
CVE
added 2022/01/27 1:15 p.m.396 views

CVE-2022-23181

The fix for bug CVE-2020-9484 introduced a time of check, time of use vulnerability into Apache Tomcat 10.1.0-M1 to 10.1.0-M8, 10.0.0-M5 to 10.0.14, 9.0.35 to 9.0.56 and 8.5.55 to 8.5.73 that allowed a local attacker to perform actions with the privileges of the user that the Tomcat process is usin...

7CVSS7.2AI score0.93247EPSS
CVE
CVE
added 2024/11/18 12:15 p.m.396 views

CVE-2024-52316

Unchecked Error Condition vulnerability in Apache Tomcat. If Tomcat is configured to use a custom Jakarta Authentication (formerly JASPIC) ServerAuthContext component which may throw an exception during the authentication process without explicitly setting an HTTP status to indicate failure, the au...

9.8CVSS8.4AI score0.00989EPSS
CVE
CVE
added 2025/04/28 8:15 p.m.393 views

CVE-2025-31651

Improper Neutralization of Escape, Meta, or Control Sequences vulnerability in Apache Tomcat. For a subset of unlikely rewrite rule configurations, it was possiblefor a specially crafted request to bypass some rewrite rules. If thoserewrite rules effectively enforced security constraints, thosecons...

9.8CVSS7.3AI score0.00051EPSS
CVE
CVE
added 2025/05/29 7:15 p.m.387 views

CVE-2025-46701

Improper Handling of Case Sensitivity vulnerability in Apache Tomcat's GCI servlet allows security constraint bypass of security constraints that apply to the pathInfo component of a URI mapped to the CGI servlet. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.6, from 10.1.0-M1 throu...

7.3CVSS7.7AI score0.0003EPSS
CVE
CVE
added 2023/10/10 7:15 p.m.384 views

CVE-2023-45648

Improper Input Validation vulnerability in Apache Tomcat.Tomcat from 11.0.0-M1 through 11.0.0-M11, from 10.1.0-M1 through 10.1.13, from 9.0.0-M1 through 9.0.81 and from 8.5.0 through 8.5.93 did not correctly parse HTTP trailer headers. A speciallycrafted, invalid trailer header could cause Tomcat t...

5.3CVSS7.6AI score0.0054EPSS
CVE
CVE
added 2016/07/04 10:59 p.m.380 views

CVE-2016-3092

The MultipartStream class in Apache Commons Fileupload before 1.3.2, as used in Apache Tomcat 7.x before 7.0.70, 8.x before 8.0.36, 8.5.x before 8.5.3, and 9.x before 9.0.0.M7 and other products, allows remote attackers to cause a denial of service (CPU consumption) via a long boundary string.

7.8CVSS7.5AI score0.40246EPSS
CVE
CVE
added 2022/05/12 8:15 a.m.366 views

CVE-2022-29885

The documentation of Apache Tomcat 10.1.0-M1 to 10.1.0-M14, 10.0.0-M1 to 10.0.20, 9.0.13 to 9.0.62 and 8.5.38 to 8.5.78 for the EncryptInterceptor incorrectly stated it enabled Tomcat clustering to run over an untrusted network. This was not correct. While the EncryptInterceptor does provide confid...

7.5CVSS7.5AI score0.6581EPSS
CVE
CVE
added 2018/02/28 8:29 p.m.362 views

CVE-2018-1304

The URL pattern of "" (the empty string) which exactly maps to the context root was not correctly handled in Apache Tomcat 9.0.0.M1 to 9.0.4, 8.5.0 to 8.5.27, 8.0.0.RC1 to 8.0.49 and 7.0.0 to 7.0.84 when used as part of a security constraint definition. This caused the constraint to be ignored. It ...

5.9CVSS6.7AI score0.02075EPSS
CVE
CVE
added 2017/04/17 4:59 p.m.346 views

CVE-2017-5647

A bug in the handling of the pipelined requests in Apache Tomcat 9.0.0.M1 to 9.0.0.M18, 8.5.0 to 8.5.12, 8.0.0.RC1 to 8.0.42, 7.0.0 to 7.0.76, and 6.0.0 to 6.0.52, when send file was used, results in the pipelined request being lost when send file processing of the previous request completed. This ...

7.5CVSS8.3AI score0.03077EPSS
CVE
CVE
added 2022/09/28 2:15 p.m.346 views

CVE-2021-43980

The simplified implementation of blocking reads and writes introduced in Tomcat 10 and back-ported to Tomcat 9.0.47 onwards exposed a long standing (but extremely hard to trigger) concurrency bug in Apache Tomcat 10.1.0 to 10.1.0-M12, 10.0.0-M1 to 10.0.18, 9.0.0-M1 to 9.0.60 and 8.5.0 to 8.5.77 tha...

3.7CVSS5.6AI score0.00162EPSS
CVE
CVE
added 2017/04/17 4:59 p.m.343 views

CVE-2017-5648

While investigating bug 60718, it was noticed that some calls to application listeners in Apache Tomcat 9.0.0.M1 to 9.0.0.M17, 8.5.0 to 8.5.11, 8.0.0.RC1 to 8.0.41, and 7.0.0 to 7.0.75 did not use the appropriate facade object. When running an untrusted application under a SecurityManager, it was t...

9.1CVSS9.1AI score0.06455EPSS
In wild
CVE
CVE
added 2023/01/03 7:15 p.m.343 views

CVE-2022-45143

The JsonErrorReportValve in Apache Tomcat 8.5.83, 9.0.40 to 9.0.68 and 10.1.0-M1 to 10.1.1 did not escape the type, message or description values. In some circumstances these are constructed from user provided data and it was therefore possible for users to supply values that invalidated or manipul...

7.5CVSS7.5AI score0.00875EPSS
CVE
CVE
added 2017/08/10 10:29 p.m.336 views

CVE-2016-8745

A bug in the error handling of the send file code for the NIO HTTP connector in Apache Tomcat 9.0.0.M1 to 9.0.0.M13, 8.5.0 to 8.5.8, 8.0.0.RC1 to 8.0.39, 7.0.0 to 7.0.73 and 6.0.16 to 6.0.48 resulted in the current Processor object being added to the Processor cache multiple times. This in turn mea...

7.5CVSS7.5AI score0.1738EPSS
CVE
CVE
added 2007/03/16 10:19 p.m.335 views

CVE-2007-0450

Directory traversal vulnerability in Apache HTTP Server and Tomcat 5.x before 5.5.22 and 6.x before 6.0.10, when using certain proxy modules (mod_proxy, mod_rewrite, mod_jk), allows remote attackers to read arbitrary files via a .. (dot dot) sequence with combinations of (1) "/" (slash), (2) "" (ba...

5CVSS6.2AI score0.85693EPSS
CVE
CVE
added 2018/02/23 11:29 p.m.331 views

CVE-2018-1305

Security constraints defined by annotations of Servlets in Apache Tomcat 9.0.0.M1 to 9.0.4, 8.5.0 to 8.5.27, 8.0.0.RC1 to 8.0.49 and 7.0.0 to 7.0.84 were only applied once a Servlet had been loaded. Because security constraints defined in this way apply to the URL pattern and any URLs below that po...

6.5CVSS6.3AI score0.17655EPSS
CVE
CVE
added 2021/09/16 3:15 p.m.325 views

CVE-2021-41079

Apache Tomcat 8.5.0 to 8.5.63, 9.0.0-M1 to 9.0.43 and 10.0.0-M1 to 10.0.2 did not properly validate incoming TLS packets. When Tomcat was configured to use NIO+OpenSSL or NIO2+OpenSSL for TLS, a specially crafted packet could be used to trigger an infinite loop resulting in a denial of service.

7.5CVSS7.5AI score0.00037EPSS
CVE
CVE
added 2024/11/07 8:15 a.m.323 views

CVE-2024-38286

Allocation of Resources Without Limits or Throttling vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M20, from 10.1.0-M1 through 10.1.24, from 9.0.13 through 9.0.89. The following versions were EOL at the time the CVE was created but areknown to be af...

8.6CVSS8.7AI score0.01356EPSS
CVE
CVE
added 2016/10/13 2:59 p.m.322 views

CVE-2016-6325

The Tomcat package on Red Hat Enterprise Linux (RHEL) 5 through 7, JBoss Web Server 3.0, and JBoss EWS 2 uses weak permissions for (1) /etc/sysconfig/tomcat and (2) /etc/tomcat/tomcat.conf, which allows local users to gain privileges by leveraging membership in the tomcat group.

7.8CVSS8AI score0.00095EPSS
CVE
CVE
added 2017/06/06 2:29 p.m.322 views

CVE-2017-5664

The error page mechanism of the Java Servlet Specification requires that, when an error occurs and an error page is configured for the error that occurred, the original request and response are forwarded to the error page. This means that the request is presented to the error page with the original...

7.5CVSS7.5AI score0.17291EPSS
CVE
CVE
added 2017/08/11 2:29 a.m.319 views

CVE-2017-7674

The CORS Filter in Apache Tomcat 9.0.0.M1 to 9.0.0.M21, 8.5.0 to 8.5.15, 8.0.0.RC1 to 8.0.44 and 7.0.41 to 7.0.78 did not add an HTTP Vary header indicating that the response varies depending on Origin. This permitted client and server side cache poisoning in some circumstances.

4.3CVSS5.8AI score0.04091EPSS
CVE
CVE
added 2017/03/20 6:59 p.m.305 views

CVE-2016-6816

The code in Apache Tomcat 9.0.0.M1 to 9.0.0.M11, 8.5.0 to 8.5.6, 8.0.0.RC1 to 8.0.38, 7.0.0 to 7.0.72, and 6.0.0 to 6.0.47 that parsed the HTTP request line permitted invalid characters. This could be exploited, in conjunction with a proxy that also permitted the invalid characters but with a diffe...

7.1CVSS7.9AI score0.02781EPSS
Web
CVE
CVE
added 2017/09/19 1:29 p.m.305 views

CVE-2017-12616

When using a VirtualDirContext with Apache Tomcat 7.0.0 to 7.0.80 it was possible to bypass security constraints and/or view the source code of JSPs for resources served by the VirtualDirContext using a specially crafted request.

7.5CVSS5.8AI score0.91499EPSS
In wild
CVE
CVE
added 2018/08/02 2:29 p.m.301 views

CVE-2018-8037

If an async request was completed by the application at the same time as the container triggered the async timeout, a race condition existed that could result in a user seeing a response intended for a different user. An additional issue was present in the NIO and NIO2 connectors that did not corre...

5.9CVSS6.3AI score0.04601EPSS
CVE
CVE
added 2016/10/13 2:59 p.m.281 views

CVE-2016-5425

The Tomcat package on Red Hat Enterprise Linux (RHEL) 7, Fedora, CentOS, Oracle Linux, and possibly other Linux distributions uses weak permissions for /usr/lib/tmpfiles.d/tomcat.conf, which allows local users to gain root privileges by leveraging membership in the tomcat group.

7.8CVSS7.5AI score0.14472EPSS
Web
CVE
CVE
added 2023/10/10 6:15 p.m.278 views

CVE-2023-42794

Incomplete Cleanup vulnerability in Apache Tomcat. The internal fork of Commons FileUpload packaged with Apache Tomcat 9.0.70 through 9.0.80 and 8.5.85 through 8.5.93 included an unreleased,in progress refactoring that exposed a potential denial of service onWindows if a web application opened a st...

5.9CVSS6.1AI score0.00239EPSS
CVE
CVE
added 2007/10/18 10:0 a.m.263 views

CVE-2002-2272

Tomcat 4.0 through 4.1.12, using mod_jk 1.2.1 module on Apache 1.3 through 1.3.27, allows remote attackers to cause a denial of service (desynchronized communications) via an HTTP GET request with a Transfer-Encoding chunked field with invalid values.

7.8CVSS6.7AI score0.20744EPSS
CVE
CVE
added 2016/07/19 2:0 a.m.262 views

CVE-2016-5388

Apache Tomcat 7.x through 7.0.70 and 8.x through 8.5.4, when the CGI Servlet is enabled, follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an a...

8.1CVSS6.8AI score0.69064EPSS
CVE
CVE
added 2016/02/25 1:59 a.m.261 views

CVE-2016-0714

The session-persistence implementation in Apache Tomcat 6.x before 6.0.45, 7.x before 7.0.68, 8.x before 8.0.31, and 9.x before 9.0.0.M2 mishandles session attributes, which allows remote authenticated users to bypass intended SecurityManager restrictions and execute arbitrary code in a privileged ...

8.8CVSS8.1AI score0.0787EPSS
CVE
CVE
added 2017/08/10 4:29 p.m.259 views

CVE-2016-5018

In Apache Tomcat 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 and 6.0.0 to 6.0.45 a malicious web application was able to bypass a configured SecurityManager via a Tomcat utility method that was accessible to web applications.

9.1CVSS8.3AI score0.00907EPSS
CVE
CVE
added 2016/02/25 1:59 a.m.254 views

CVE-2015-5346

Session fixation vulnerability in Apache Tomcat 7.x before 7.0.66, 8.x before 8.0.30, and 9.x before 9.0.0.M2, when different session settings are used for deployments of multiple versions of the same web application, might allow remote attackers to hijack web sessions by leveraging use of a reques...

8.1CVSS8.1AI score0.39277EPSS
CVE
CVE
added 2024/01/19 11:15 a.m.253 views

CVE-2024-21733

Generation of Error Message Containing Sensitive Information vulnerability in Apache Tomcat.This issue affects Apache Tomcat: from 8.5.7 through 8.5.63, from 9.0.0-M11 through 9.0.43. Users are recommended to upgrade to version 8.5.64 onwards or 9.0.44 onwards, which contain a fix for the issue.

5.3CVSS6AI score0.67586EPSS
Web
CVE
CVE
added 2023/06/21 11:15 a.m.234 views

CVE-2023-34981

A regression in the fix for bug 66512 in Apache Tomcat 11.0.0-M5, 10.1.8, 9.0.74 and 8.5.88 meant that, if a response did not include any HTTP headers no AJP SEND_HEADERS messare woudl be sent for the response which in turn meant that at least one AJP proxy (mod_proxy_ajp) would use the response he...

7.5CVSS7.4AI score0.00231EPSS
CVE
CVE
added 2015/06/07 11:59 p.m.225 views

CVE-2014-0230

Apache Tomcat 6.x before 6.0.44, 7.x before 7.0.55, and 8.x before 8.0.9 does not properly handle cases where an HTTP response occurs before finishing the reading of an entire request body, which allows remote attackers to cause a denial of service (thread consumption) via a series of aborted uploa...

7.8CVSS5.5AI score0.06203EPSS
CVE
CVE
added 2005/07/05 4:0 a.m.214 views

CVE-2005-2090

Jakarta Tomcat 5.0.19 (Coyote/1.1) and Tomcat 4.1.24 (Coyote/1.0) allows remote attackers to poison the web cache, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with both a "Transfer-Encoding: chunked" header and a Content-Length header, which causes Tomcat...

4.3CVSS3.6AI score0.8199EPSS
CVE
CVE
added 2025/06/16 3:15 p.m.211 views

CVE-2025-49125

Authentication Bypass Using an Alternate Path or Channel vulnerability in Apache Tomcat. When using PreResources or PostResources mounted other than at the root of the web application, it was possible to access those resources via an unexpected path. That path was likely not to be protected by the ...

7.5CVSS7.6AI score0.0007EPSS
CVE
CVE
added 2025/06/16 3:15 p.m.209 views

CVE-2025-48988

Allocation of Resources Without Limits or Throttling vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.7, from 10.1.0-M1 through 10.1.41, from 9.0.0.M1 through 9.0.105.The following versions were EOL at the time the CVE was created but areknown to be affe...

7.5CVSS7.5AI score0.00072EPSS
CVE
CVE
added 2007/05/10 12:19 a.m.205 views

CVE-2007-1858

The default SSL cipher configuration in Apache Tomcat 4.1.28 through 4.1.31, 5.0.0 through 5.0.30, and 5.5.0 through 5.5.17 uses certain insecure ciphers, including the anonymous cipher, which allows remote attackers to obtain sensitive information or have other, unspecified impacts.

2.6CVSS5.9AI score0.06282EPSS
CVE
CVE
added 2021/07/12 3:15 p.m.202 views

CVE-2021-30639

A vulnerability in Apache Tomcat allows an attacker to remotely trigger a denial of service. An error introduced as part of a change to improve error handling during non-blocking I/O meant that the error flag associated with the Request object was not reset between requests. This meant that once a ...

7.5CVSS7.4AI score0.00343EPSS
CVE
CVE
added 2016/02/25 1:59 a.m.201 views

CVE-2015-5174

Directory traversal vulnerability in RequestUtil.java in Apache Tomcat 6.x before 6.0.45, 7.x before 7.0.65, and 8.x before 8.0.27 allows remote authenticated users to bypass intended SecurityManager restrictions and list a parent directory via a /.. (slash dot dot) in a pathname used by a web appl...

4.3CVSS6.2AI score0.00903EPSS
CVE
CVE
added 2017/08/10 10:29 p.m.195 views

CVE-2016-6797

The ResourceLinkFactory implementation in Apache Tomcat 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 and 6.0.0 to 6.0.45 did not limit web application access to global JNDI resources to those resources explicitly linked to the web application. Therefore, it was possibl...

7.5CVSS8.4AI score0.00399EPSS
CVE
CVE
added 2024/11/18 12:15 p.m.193 views

CVE-2024-52317

Incorrect object re-cycling and re-use vulnerability in Apache Tomcat. Incorrect recycling of the request and response used by HTTP/2 requestscould lead to request and/or response mix-up between users. This issue affects Apache Tomcat: from 11.0.0-M23 through 11.0.0-M26, from 10.1.27 through 10.1.3...

6.5CVSS6.4AI score0.06945EPSS
CVE
CVE
added 2015/06/07 11:59 p.m.191 views

CVE-2014-7810

The Expression Language (EL) implementation in Apache Tomcat 6.x before 6.0.44, 7.x before 7.0.58, and 8.x before 8.0.16 does not properly consider the possibility of an accessible interface implemented by an inaccessible class, which allows attackers to bypass a SecurityManager protection mechanis...

5CVSS6.4AI score0.08418EPSS
CVE
CVE
added 2013/06/01 2:21 p.m.188 views

CVE-2012-3544

Apache Tomcat 6.x before 6.0.37 and 7.x before 7.0.30 does not properly handle chunk extensions in chunked transfer coding, which allows remote attackers to cause a denial of service by streaming data.

5CVSS8.9AI score0.44479EPSS
CVE
CVE
added 2016/02/25 1:59 a.m.185 views

CVE-2015-5345

The Mapper component in Apache Tomcat 6.x before 6.0.45, 7.x before 7.0.68, 8.x before 8.0.30, and 9.x before 9.0.0.M2 processes redirects before considering security constraints and Filters, which allows remote attackers to determine the existence of a directory via a URL that lacks a trailing / (...

5.3CVSS6.8AI score0.32367EPSS
CVE
CVE
added 2007/10/15 6:17 p.m.184 views

CVE-2007-5461

Absolute path traversal vulnerability in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0, 5.0.0, 5.5.0 through 5.5.25, and 6.0.0 through 6.0.14, under certain configurations, allows remote authenticated users to read arbitrary files via a WebDAV write request that specifies an entity with a SYSTEM tag.

3.5CVSS5.7AI score0.07173EPSS
CVE
CVE
added 2017/08/10 4:29 p.m.183 views

CVE-2016-0762

The Realm implementations in Apache Tomcat versions 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 and 6.0.0 to 6.0.45 did not process the supplied password if the supplied user name did not exist. This made a timing attack possible to determine valid user names. Note th...

5.9CVSS7.3AI score0.00919EPSS
CVE
CVE
added 2024/11/18 1:15 p.m.183 views

CVE-2024-52318

Incorrect object recycling and reuse vulnerability in Apache Tomcat. This issue affects Apache Tomcat: 11.0.0, 10.1.31, 9.0.96. Users are recommended to upgrade to version 11.0.1, 10.1.32 or 9.0.97, which fixes the issue.

6.1CVSS6.2AI score0.03657EPSS
CVE
CVE
added 2014/05/31 11:17 a.m.182 views

CVE-2014-0075

Integer overflow in the parseChunkHeader function in java/org/apache/coyote/http11/filters/ChunkedInputFilter.java in Apache Tomcat before 6.0.40, 7.x before 7.0.53, and 8.x before 8.0.4 allows remote attackers to cause a denial of service (resource consumption) via a malformed chunk size in chunke...

5CVSS7.7AI score0.80198EPSS
Total number of security vulnerabilities231