261 matches found
CVE-2012-3546
CVE-2012-3546 affects Apache Tomcat 6.x (before 6.0.36) and 7.x (before 7.0.30). The flaw, in RealmBase/FormAuthenticator when FORM authentication is used, lets remote attackers bypass security-constraint checks by leveraging a prior setUserPrincipal() and appending /j_security_check to the URL. ...
CVE-2009-2901
The CVE-2009-2901 entry describes an authentication bypass in Apache Tomcat when the autodeployment (autoDeploy) feature is enabled. Affected versions are Tomcat 5.5.0–5.5.28 and 6.0.0–6.0.20, where appBase files left from a failed undeploy can be deployed and used to bypass intended authenticati...
CVE-2010-2227
CVE-2010-2227 : Apache Tomcat versions 5.5.0–5.5.29, 6.0.0–6.0.27, and 7.0.0 beta are affected by improper handling of an invalid Transfer-Encoding header, which can cause a denial of service (outage) or information leakage via a crafted header that interferes with recycling of a buffer. The conn...
CVE-2010-4172
CVE-2010-4172 affects Apache Tomcat 6.0.12–6.0.29 and 7.0.0–7.0.4, with multiple XSS vulnerabilities in the Tomcat Manager app (sessionsList.jsp via orderBy/sort, and input to sessionDetail.jsp or JspHelper.java) exploitable by remote attackers, related to untrusted web applications. The connecte...
CVE-2017-5650
CVE-2017-5650 affects Apache Tomcat 9.0.0.M1–M18 and 8.5.0–8.5.12. The HTTP/2 GOAWAY handling could fail to close streams waiting for a WINDOW_UPDATE, causing those streams to consume threads and enabling a malicious client to exhaust processing threads (DoS). There is no exploitation status in t...
CVE-2025-49124
CVE-2025-49124 : Untrusted Search Path in Apache Tomcat Windows installer. Tomcat’s Windows installer runs icacls.exe without a full path. Affected: Tomcat 11.0.0-M1–11.0.7, 10.1.0–10.1.41, 9.0.23–9.0.105 (plus some EOL versions). Mitigation: upgrade to 11.0.8, 10.1.42 or 9.0.106. CVSSv3.1 base s...
CVE-2026-29145
CVE-2026-29145 describes an authentication bypass in Apache Tomcat mutual TLS (CLIENT_CERT) when OCSP soft-fail is disabled. Affected are Tomcat 11.0.0-M1–11.0.18, 10.1.0-M7–10.1.52, and 9.0.83–9.0.115, plus Tomcat Native 1.1.23–1.1.34, 1.2.0–1.2.39, 1.3.0–1.3.6, and 2.0.0–2.0.13. With OCSP failu...
CVE-2006-7196
Cross-site scripting (XSS) vulnerability in the calendar example (cal2.jsp) of Apache Tomcat affects 4.0.0–4.0.6, 4.1.0–4.1.31, 5.0.0–5.0.30, and 5.5.0–5.5.15. An attacker can inject arbitrary script via the time parameter to cal2.jsp (and possibly other vectors). This enables script execution in...
CVE-2008-1947
CVE-2008-1947 is an XSS vulnerability in Apache Tomcat, affecting 5.5.9–5.5.26 and 6.0.0–6.0.16. It allows remote attackers to inject arbitrary web script or HTML via the name parameter (the hostname attribute) to host-manager/html/add. The connected documents confirm the affected product/version...
CVE-2011-2204
CVE-2011-2204 affects Apache Tomcat when MemoryUserDatabase logs password data on JMX user creation errors. Affected: Tomcat 5.5.x < 5.5.34, 6.x < 6.0.33, 7.x
CVE-2026-24734
CVE-2026-24734 is an Improper Input Validation vulnerability affecting Apache Tomcat Native and Apache Tomcat itself. When using an OCSP responder, Tomcat Native (and the Tomcat Native FFM port) may not perform verification or freshness checks on OCSP responses, potentially allowing certificate r...
CVE-2007-1358
CVE-2007-1358 is an XSS vulnerability affecting Apache Tomcat 4.x. It allows remote attackers to inject arbitrary script or HTML via crafted Accept-Language headers that do not conform to RFC 2616. Affected product ranges include Tomcat 4.0.0–4.0.6 and 4.1.0–4.1.34. The issue is triggered by impr...
CVE-2013-4444
CVE-2013-4444 is an Unrestricted file upload vulnerability in Apache Tomcat 7.x, prior to 7.0.40, where outdated java.io.File handling and a custom JMX config allow remote attackers to upload and access a JSP file, enabling arbitrary code execution on the vulnerable Tomcat instance. Public detail...
CVE-2011-0013
CVE-2011-0013 describes XSS in the HTML Manager Interface of Apache Tomcat: affected are Tomcat 5.5 before 5.5.32, 6.0 before 6.0.30, and 7.0 before 7.0.6. The vulnerability allows remote attackers to inject arbitrary web script or HTML via the display-name tag. Mitigation is upgrading to the fix...
CVE-2014-0033
CVE-2014-0033 affects Apache Tomcat 6.0.33–6.0.37, where the disableURLRewriting setting is not honored when a session ID is in a URL. This could allow remote attackers to hijack a valid user’s session via a crafted link. The vulnerability is documented in IBM advisories and the GHSA entry, which...
CVE-2008-0128
Apache Tomcat 5.x before 5.5.21 is affected by CVE-2008-0128: when the SingleSignOn valve is used over HTTPS, the JSESSIONIDSSO cookie is not marked secure, allowing it to be sent over HTTP and potentially captured by an attacker via a crafted HTTP request. This information is supported by multip...
CVE-2009-2902
CVE-2009-2902 is a directory traversal vulnerability in Apache Tomcat, affecting 5.5.0–5.5.28 and 6.0.0–6.0.20. The issue allows remote attackers to delete work-directory files via directory traversal sequences in a WAR filename (e.g., a crafted entry like ../../... in a WAR). The connected Nessu...
CVE-2026-53434
CVE-2026-53434 affects Apache Tomcat when CRLs are configured for a FFM-based connector. The root cause is a failure to detect an error condition without action, potentially bypassing security checks. Affected versions include Tomcat 11.0.0-M1 through 11.0.22, 10.1.0-M7 through 10.1.55, and 9.0.8...
CVE-2007-3382
The CVE-2007-3382 issue affects multiple Apache Tomcat releases (Tomcat 6.0.0–6.0.13, 5.5.0–5.5.24, 5.0.0–5.0.30, 4.1.0–4.1.36, 3.3–3.3.2). The root cause is that Tomcat treats the single quote (') as a delimiter in cookies, which can lead to leakage of sensitive data such as session IDs and enab...
CVE-2026-43512
CVE-2026-43512 describes an authentication bypass in the Digest authenticator of Apache Tomcat. Affected are Tomcat 11.0.0-M1 to 11.0.21, 10.1.0-M1 to 10.1.54, 9.0.0.M1 to 9.0.117, 8.5.0 to 8.5.100, and older/pre-7.0.0 versions. The issue is fixed in Tomcat 11.0.22, 10.1.55, and 9.0.118. Multiple...
CVE-2007-3386
CVE-2007-3386 is a cross-site scripting (XSS) vulnerability in the Host Manager Servlet of Apache Tomcat, affected in Tomcat 6.0.0–6.0.13 and 5.5.0–5.5.24. An attacker can inject arbitrary HTML/script by sending crafted requests, demonstrated via the aliases parameter to an html/add action. Conne...
CVE-2008-5519
The CVE refers to the mod_jk (JK Connector) for Apache Tomcat, affected in the 1.2.0–1.2.26 range. The root cause is an error in handling certain HTTP requests, enabling an attacker to obtain sensitive information via Content-Length-related scenarios (e.g., a request with Content-Length but no PO...
CVE-2007-2450
CVE-2007-2450 refers to multiple cross-site scripting (XSS) vulnerabilities in the Manager and Host Manager web applications of Apache Tomcat. The description in the initial document states that remote authenticated users can inject arbitrary web script or HTML via a parameter name to /manager/ht...
CVE-2012-5885
Affected software: Apache Tomcat (5.5.x up to 5.5.36, 6.x up to 6.0.36, 7.x up to 7.0.30) using the HTTP Digest Access Authentication replay-countermeasure. Root cause: replay-countermeasure tracks cnonce values instead of server nonce and nonce-count, enabling bypass of access restrictions when ...
CVE-2007-5342
CVE-2007-5342 affects Apache Tomcat versions 5.5.9–5.5.25 and 6.0.0–6.0.15 where the default catalina.policy for the JULI logging component fails to restrict permissions for web applications. The underlying issue is that untrusted web apps can modify logging configuration options and overwrite a...
CVE-2012-4534
The CVE-2012-4534 issue affects Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.28. When using the NIO connector with sendfile over HTTPS, the NioEndpoint can enter an infinite loop if the client terminates the connection while reading a response, causing a denial of service. The root cause is...
CVE-2007-1355
CVE-2007-1355 corresponds to multiple cross-site scripting (XSS) vulnerabilities in the Tomcat sample web app (appdev/sample/web/hello.jsp). Affected are Tomcat versions 4.0.0–4.0.6, 4.1.0–4.1.36, 5.0.0–5.0.30, 5.5.0–5.5.23, and 6.0.0–6.0.10. The issue allows remote attackers to inject arbitrary ...
CVE-2011-0534
CVE-2011-0534 affects Apache Tomcat 7.0.0–7.0.6 and 6.0.0–6.0.30. The issue arises because maxHttpHeaderSize is not enforced for NIO HTTP connector requests, enabling remote attackers to cause a denial of service (OutOfMemoryError) via a crafted request. Affected products are Tomcat 7/6 family as...
CVE-2009-2696
Apache Tomcat contains a cross-site scripting (XSS) vulnerability in the calendar example (jsp/cal/cal2.jsp). A remote attacker can inject script via the time parameter due to improper validation of user input (related to invalid HTML). The issue is documented in a GitHub advisory (GHSA-J788-FX57...
CVE-2011-2526
CVE-2011-2526 affects Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.19. When sendfile is enabled for the HTTP APR or HTTP NIO connector, Tomcat may not validate certain request attributes, allowing a local attacker to bypass file access restrictions or trigger a denial ...
CVE-2011-5064
The vulnerability CVE-2011-5064 affects Apache Tomcat’s HTTP Digest Access Authentication (DigestAuthenticator.java) where Catalina is used as the hard-coded server secret (private key). Affected are Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.12. This weakness enables remot...
CVE-2012-5886
CVE-2012-5886 (Apache Tomcat) is an authentication bypass issue in the Digest Access Authentication implementation. It occurs because the HTTP Digest Auth stores information about the authenticated user in the session state, enabling remote attackers to bypass authentication by exploiting session...
CVE-2025-61795
CVE-2025-61795 is an Apache Tomcat DoS due to improper resource shutdown: when processing multipart uploads, temporary parts on disk may not be cleaned promptly, allowing resource exhaustion. Affects Tomcat 11.x (11.0.0-M1–11.0.11), 10.x (10.1.0-M1–10.1.46), and 9.x (9.0.0.M1–9.0.109); EOL 8.5.x ...
CVE-2011-5063
CVE-2011-5063 describes an issue in Apache Tomcat’s HTTP Digest Access Authentication where the realm values are not checked, enabling bypass of access controls by exploiting a protection space with weaker requirements (distinct from CVE-2011-1184). Related documents (CVE-2011-1184, CVE-2012-5885...
CVE-2006-7195
CVE-2006-7195 is an XSS vulnerability in Apache Tomcat’s implicit-objects.jsp. The initial description states it affects Tomcat 5.0.0–5.0.30 and 5.5.0–5.5.17, allowing remote attackers to inject arbitrary scripts/HTML via certain HTTP header values. The connected documents confirm a Tomcat XSS is...
CVE-2005-4838
CVE-2005-4838 corresponds to cross-site scripting vulnerabilities in Apache Tomcat 5.5.6 and earlier, manifested in the JSP2 example pages (el/functions.jsp, el/implicit-objects.jsp, jspx/textRotate.jspx under examples/jsp2/), exploitable via a crafted request to snp/snoop.jsp. The issue is trigg...
CVE-2026-50229
CVE-2026-50229 describes an XSS flaw in the Apache Tomcat “number guess” example. Affected versions include Tomcat 11.0.0-M1–11.0.22, 10.1.0-M1–10.1.55, 9.0.0.M1–9.0.118, 8.5.0–8.5.100, and 7.0.0–7.0.109. The root cause is improper neutralization of script-related HTML tags in that example web pa...
CVE-2008-0002
CVE-2008-0002 affects Apache Tomcat 6.0.0–6.0.15 and relates to parameter processing during an exception. The issue may disclose sensitive information when parameters are processed in the context of the wrong request, demonstrated by disconnecting during processing to trigger the exception. This ...
CVE-2011-5062
CVE-2011-5062 affects Apache Tomcat’s HTTP Digest Access Authentication. The vulnerability arises because Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.12 do not check qop values, enabling remote attackers to bypass intended integrity protections via a qop=auth value. This is ...
CVE-2026-55957
CVE-2026-55957 describes an authentication bypass in Apache Tomcat when JNDIRealm is configured to authenticate binds using GSSAPI, allowing attackers to authenticate without the correct password. Affected releases include Tomcat 11.0.0-M1–11.0.4, 10.1.0-M1–10.1.36, 9.0.0.M1–9.0.100, 8.5.0–8.5.10...
CVE-2026-41293
Summary: CVE-2026-41293 is an Apache Tomcat vulnerability described as an Improper Input Validation issue. The connected sources confirm impact across multiple Tomcat branches: 11.0.0-M1 to 11.0.21, 10.1.0-M1 to 10.1.54, 9.0.0.M1 to 9.0.117, and 10.0.0-M1 to 10.0.27. The CVSS 3.1 data indicates a...
CVE-2005-4836
CVE-2005-4836 affects Apache Tomcat 4.1.15–4.1.40. The HTTP/1.1 connector may fail to reject NULL bytes in a URL when allowLinking is enabled, enabling a remote attacker to read JSP source files and obtain sensitive information. Multiple connected sources corroborate the same description and clas...
CVE-2011-1088
CVE-2011-1088 affects Apache Tomcat 7.x prior to 7.0.10 (and related entries reference 7.0.11 in follow‑ups). The issue: Tomcat does not follow ServletSecurity annotations when a web.xml has no security constraints, allowing remote attackers to bypass the intended access restrictions via HTTP req...
CVE-2011-2729
CVE-2011-2729 affects the Jakarta Commons Daemon jsvc component in Tomcat runtimes (Tomcat 5.5.32–5.5.33, 6.0.30–6.0.32, and 7.0.x before 7.0.20) where jsvc did not properly drop capabilities. This allows a remote attacker to bypass read permissions for files via an application request. The root ...
CVE-2012-2733
CVE-2012-2733 involves Apache Tomcat’s HTTP NIO connector (java/org/apache/coyote/http11/InternalNioInputBuffer.java). The flaw does not properly restrict the request-header size in Tomcat 6.x before 6.0.36 and 7.x before 7.0.28, allowing remote attackers to trigger memory consumption and cause a...
CVE-2016-9774
The CVE-2016-9774 issue affects the postinst scripts of tomcat6, tomcat7, and tomcat8 across multiple Debian/Ubuntu releases (e.g., Debian wheezy, Ubuntu 12.04/14.04, Debian jessie, Ubuntu 16.04/16.10, and Ubuntu 17.04). The root cause is a symlink attack on the Catalina localhost directory durin...
CVE-2025-66614
CVE-2025-66614 is an improper input validation issue in Apache Tomcat. The vulnerability affects Tomcat versions 11.0.0-M1 through 11.0.14, 10.1.0-M1 through 10.1.49, and 9.0.0-M1 through 9.0.112, with older EOL versions (8.5.0–8.5.100) also listed as affected. The root cause is failure to verify...
CVE-2026-43515
The CVE-2026-43515 issue is an Improper Authorization flaw in Apache Tomcat caused by multiple method constraints defining the HTTP method for the same extension. Affected versions include Tomcat 11.0.0-M1–11.0.21, 10.1.0-M1–10.1.54, 9.0.0.M1–9.0.117, 8.5.0–8.5.100, and 7.0.0–7.0.109. Mitigation ...
CVE-2011-1183
CVE-2011-1183 affects Apache Tomcat 7.0.11 and related 7.x releases where, if web.xml has no login configuration, security constraints are not followed. This allows remote attackers to bypass intended access restrictions via HTTP requests to a web application. The issue is noted as a consequence ...
CVE-2026-55956
CVE-2026-55956 is an improper authorization vulnerability in Apache Tomcat. The issue causes the security constraints configured for the default servlet to ignore certain methods or method omissions, potentially bypassing intended access controls. Affected product ranges include Tomcat versions 1...