261 matches found
CVE-2000-0672
The CVE-2000-0672 issue concerns the default configuration of Jakarta Tomcat which does not restrict access to the /admin context, enabling a remote attacker to read arbitrary files by invoking administrative servlets to add a context for the root directory. The vulnerability affects the admin co...
CVE-2005-3510
CVE-2005-3510 affects Apache Tomcat 5.5.0–5.5.11, allowing a DoS via a huge number of simultaneous directory-list requests, causing CPU exhaustion. The Red Hat advisory RHSA-2010:0602 notes remediation by upgrading the Tomcat component in Red Hat Certificate System to version 5.5.23. Other OSV en...
CVE-2011-2481
CVE-2011-2481 affects Apache Tomcat 7.0.x prior to 7.0.17. A crafted application loaded earlier than the target can replace the XML parser used by other web applications, allowing local users to read or modify (1) web.xml, (2) context.xml, or (3) tld files of arbitrary web applications. This vuln...
CVE-2016-9775
The CVE-2016-9775 entry concerns the postrm script in the tomcat6, tomcat7, and tomcat8 packages across Debian/Ubuntu releases, where a misconfigured setgid program in the Catalina directory could allow local users with tomcat access to gain root privileges. Specifically, vulnerable versions incl...
CVE-2016-8747
The CVE-2016-8747 issue affects Apache Tomcat 8.5.7–8.5.9 and 9.0.0.M11–9.0.0.M15 in reverse-proxy configurations, where Http11InputBuffer.java can let a remote attacker read data belonging to a different request. The underlying problem is an information-disclosure vulnerability in the Tomcat rev...
CVE-2011-1475
CVE-2011-1475 affects Apache Tomcat 7.0.x prior to 7.0.12. The HTTP BIO connector mishandles HTTP pipelining, allowing remote attackers to read responses intended for other clients by examining HTTP packet data, due to a mix-up of responses for requests from different users. Impact is information...
CVE-2014-0095
CVE-2014-0095 affects Apache Tomcat 8.x, where AbstractAjpProcessor.java improperly handles a Content-Length: 0 AJP request, allowing remote attackers to trigger a denial of service by hanging request processing and consuming threads. Affected version range is Tomcat 8.x prior to 8.0.4. Mitigatio...
CVE-2026-53404
Apache Tomcat vulnerability CVE-2026-53404 describes an Always-Incorrect Control Flow in the RewriteValve. If the first condition in an OR chain matches, subsequent non-OR conditions may be skipped, altering rule evaluation. Affected versions include Tomcat 11.0.0-M1–11.0.22, 10.1.0-M1–10.1.55, 9...
CVE-2008-4308
CVE-2008-4308 affects Apache Tomcat 4.1.32–4.1.34 and 5.5.10–5.5.20. The root cause is improper handling in the doRead method, which does not return -1 to signal a certain error condition, allowing the possibility of POST data from one request being sent to another. The consequence is potential i...
CVE-2001-0590
CVE-2001-0590 affects Apache Tomcat Servlet prior to 3.2.2. A malformed URL request that does not end with a protocol (e.g., HTTP/1.0) can cause a remote attacker to read the source code of arbitrary JSP files, constituting information disclosure. The issue is confirmed in multiple sources tying ...
CVE-2007-3383
CVE-2007-3383 is an XSS flaw in Apache Tomcat’s SendMailServlet (examples/jsp/mail/sendmail.jsp) affecting Tomcat 4.0.0–4.0.6 and 4.1.0–4.1.36. The vulnerability allows remote attackers to inject arbitrary script/HTML via the From field (and possibly other fields) during error-message generation....
CVE-2025-55668
CVE-2025-55668 is a Session Fixation vulnerability in Apache Tomcat via a rewrite valve. Connected sources confirm affected branches: Tomcat 11.0.0-M1 through 11.0.7, 10.1.0-M1 through 10.1.41, and 9.0.0.M1 through 9.0.105 (older EOL versions may be affected). Debian advisories (DSA-6121-1 for to...
CVE-2006-7197
CVE-2006-7197 : The AJP connector in Apache Tomcat 5.5.15 (via mod_jk) has an incorrect chunk length that can cause a buffer over-read in ajp_process_callback, enabling a remote attacker to read memory portions. The linked records (e.g., GHSA-JPQR-VH55-XQXF and RHSA entries) confirm this vulnerab...
CVE-2007-6286
Apache Tomcat 5.5.11–5.5.25 and 6.0.0–6.0.15, when using the native APR connector, fail to properly handle an empty SSL-port request, allowing remote attackers to trigger a duplicate of a recent request (e.g., via netcat). See CVE-2007-6286. NT: Affected versions are confirmed in Nessus/OpenVAS e...
CVE-2002-1394
Apache Tomcat 4.x: vulnerability allows remote disclosure of server source code when using both the invoker servlet and the default servlet (Tomcat 4.0.5 and earlier). Root cause is exposure of server files through misconfigured/default servlet handling; impact is read access to source code and p...
CVE-2013-0346
The set of documents confirms CVE-2013-0346 affects Apache Tomcat 7.x, where the log directory and its files have world-readable permissions, potentially allowing local users to read sensitive information. The Solaris/Nessus plugin reiterates this claim and notes it as a reported vulnerability, w...
CVE-2025-55754
CVE-2025-55754 affects Apache Tomcat: improper neutralization of ANSI escape sequences in log messages could enable console/clipboard manipulation via crafted URLs. Affected: Tomcat 11.x (11.0.0-M1 to 11.0.10), 10.x (10.1.0-M1 to 10.1.44), 9.x (9.0.40 to 9.0.108), plus some EOL versions. Remediat...
CVE-2002-1148
CVE-2002-1148 refers to a vulnerability in Apache Tomcat where the default servlet (org.apache.catalina.servlets.DefaultServlet) on Tomcat 4.0.4, 4.1.10 and earlier allows remote attackers to read source code for server files via a direct request to the servlet. Connected sources (GHSA and OSS/ID...
CVE-2008-3271
CVE-2008-3271 affects Apache Tomcat 5.5.0 and Tomcat 4.1.0 through 4.1.31. The issue is a synchronization-related defect that allows a remote attacker to bypass IP address restrictions and obtain sensitive information when a request is processed concurrently with another in a different thread, re...
CVE-2026-55276
Apache Tomcat vulnerability CVE-2026-55276 is a logging-only issue caused by an always-incorrect control flow in the effective web.xml, leading to special roles and empty authorization constraints not being shown. Affected products include Tomcat 8.5.0–8.5.100, 9.0.0.M1–9.0.118, 10.1.0-M1–10.1.55...
CVE-2002-0682
Apache Tomcat - CVE-2002-0682: a cross-site scripting (XSS) flaw in the /servlet/ mapping allows remote attackers to execute script as other users by injecting script into a URL, triggered when an exception is thrown by the servlet. Affected version in the public record is Tomcat 4.0.3; vulnerabi...
CVE-2011-1419
Affected software: Apache Tomcat 7.x before 7.0.11. Component/behavior: ServletSecurity handling; when web.xml has no security constraints, Tomcat does not follow ServletSecurity annotations, enabling a remote bypass of access controls via HTTP requests. Root cause: incomplete fix for CVE-2011-10...
CVE-2002-0493
CVE-2002-0493 affects Apache Tomcat where the web.xml parsing could proceed with errors and allow Tomcat to start with improper security settings, bypassing intended access restrictions. Affected component: Tomcat startup/security settings during web.xml read. Root cause described across sources ...
CVE-2011-1582
CVE-2011-1582 affects Apache Tomcat 7.0.12 and 7.0.13, where the first request to a servlet is processed without enforcing security constraints configured via annotations, allowing bypass of access restrictions via HTTP requests. The issue is a consequence of an incomplete fix for CVE-2011-1088, ...
CVE-2003-0866
CVE-2003-0866 affects the Catalina org.apache.catalina.connector.http package in Apache Tomcat 4.0.x up to 4.0.6, where malformed HTTP requests can cause the request processing thread pool to become unresponsive, allowing a DoS. Public detail from GHSA confirms Tomcat 4.0.x DoS exposure; remediat...
CVE-2003-0043
Affected software: Jakarta Tomcat prior to 3.3.1a when used with JDK 1.3.1 or earlier. Root cause: processing of web.xml uses trusted privileges, enabling remote attackers to read portions of some files. Impact: information disclosure (partial). Exploitation details are not provided in the suppli...
CVE-2002-2007
The CVE-2002-2007 vulnerability affects Apache Tomcat 3.2.3 and 3.2.4, where remote attackers could obtain sensitive information (directory listings and web root path) via erroneous HTTP requests to JSP-related paths (test/jsp, samples/jsp, examples/jsp) or the test/realPath.jsp servlet, leaking ...
CVE-2010-4312
CVE-2010-4312 affects Apache Tomcat 6.x; the default configuration omits the HTTPOnly flag in Set-Cookie headers, enabling remote session hijacking via script access to cookies. This vulnerability is tied to the standard Tomcat 6.x deployment and is described as a cookie security flag omission th...
CVE-2002-1567
CVE-2002-1567 is an XSS vulnerability in Apache Tomcat 4.1 where an attacker can cause script execution and cookie theft by crafting a URL containing encoded newline characters that precede a .jsp request. The underlying issue is improper sanitization of request strings in Tomcat 4.1 (affecting 4...
CVE-2002-2006
CVE-2002-2006 affects Apache Tomcat 4.0–4.1 and 3.0–3.3.1. The vulnerability is an information disclosure: the default Tomcat distribution exposes installation path and other sensitive info via the Sno o pServlet and TroubleShooter example servlets. The issue is explicitly described as informatio...
CVE-2003-0045
CVE-2003-0045 describes a denial-of-service in Apache Tomcat where requesting a JSP page containing an MS-DOS device name (e.g., aux.jsp) on Windows can cause thread hangs and resource exhaustion. Affected: Tomcat versions prior to 3.3.1a on Windows (notably 3.0–3.3a line). Root cause: the JSP/se...
CVE-2005-3164
CVE-2005-3164 involves the AJP connector in Apache Tomcat (affected versions: 4.0.1–4.0.6 and 4.1.0–4.1.36) as used in Hitachi Cosminexus Application Server and standalone deployments. The vulnerability arises when a connection is broken before POST request body data is sent; this can lead to an ...
CVE-2026-43514
CVE-2026-43514 describes an observable timing discrepancy in comparing the AJP secret in Apache Tomcat. Affected are Tomcat 11.0.0-M1 through 11.0.21, 10.1.0-M1 through 10.1.54, 9.0.0.M1 through 9.0.117, 8.5.0 through 8.5.100, and 7.0.0 through 7.0.109 (older unsupported versions may also be affe...
CVE-2001-0829
Apache Tomcat 3.x is affected by a cross-site scripting vulnerability (CVE-2001-0829) in which a malicious user can craft a request for a JSP file so that the default error page echoes the user-supplied input without proper escaping. The root cause is the error page displaying unvalidated URLs, a...
CVE-2003-0042
CVE-2003-0042 affects Apache Jakarta Tomcat up to version 3.3.1a when used with JDK 1.3.1 or earlier. The vulnerability lets remote attackers cause directory listings and disclose JSP/source via a URL containing a null character, bypassing index.html or other welcome-file safeguards. Root cause i...
CVE-2005-0808
Apache Tomcat before 5.x is affected by a remote denial-of-service vulnerability triggered by a crafted AJP12 packet to TCP port 8007, which can cause the application to crash or stop responding. The vulnerability is attributed to handling of AJP12 input (malformed/input handling). Affected compo...
CVE-2007-3384
Apache Tomcat 3.3.x is affected by CVE-2007-3384: multiple XSS vulnerabilities in the examples/servlet/CookieExample allow remote attackers to inject arbitrary script/HTML via the Name or Value fields, related to error messages, in Tomcat 3.3 through 3.3.2. Exploitation details are described acro...
CVE-2000-1210
CVE-2000-1210 is a directory traversal vulnerability in the Tomcat source.jsp component prior to Apache Tomcat 3.1, allowing remote attackers to read arbitrary files by supplying a .. in the request. The issue affects the Tomcat distribution’s source.jsp endpoint and is caused by insufficient val...
CVE-2002-0936
CVE-2002-0936 affects the Java Server Pages (JSP) engine in Apache Tomcat. A JSP page that calls WPrinterJob().pageSetup(null,null) can cause a denial of service by crashing the web server. The published materials describe the vulnerability and impact but do not provide a listed fix or patch with...
CVE-2003-0044
CVE-2003-0044 covers multiple cross-site scripting (XSS) vulnerabilities in the Jakarta Tomcat 3.x line (through 3.3.1a) affecting the (1) examples and (2) ROOT web applications. Remote attackers could inject arbitrary script/HTML due to XSS in these components. This is documented across sources ...
CVE-2007-4724
CVE-2007-4724 describes a CSRF vulnerability in the Apache Tomcat calendar examples app, specifically in the file cal2.jsp of the calendar example. The issue allows a remote attacker to add events as arbitrary users by supplying the time and description parameters, enabling unauthorized calendar ...
CVE-2026-55955
CVE-2026-55955 describes an improper authentication flaw in Apache Tomcat’s EncryptionInterceptor for Tribes clustering, allowing a replay attack. Affected versions include Tomcat 11.0.0-M1–11.0.22, 10.1.0-M1–10.1.55, 9.0.13–9.0.18, 8.5.38–8.5.100, and 7.0.100–7.0.109. Remediation is to upgrade t...
CVE-2011-3376
CVE-2011-3376 affects Apache Tomcat 7.x before 7.0.22. The issue is in DefaultInstanceManager.java, where ContainerServlets in the Manager application are not properly restricted, enabling local users to gain privileges by using an untrusted web application to access Manager functionality. Impact...
CVE-2002-2008
CVE-2002-2008 concerns Apache Tomcat 4.0.3 for Windows. The vulnerability allows a remote attacker to disclose the web root path by requesting a resource that does not exist (e.g., lpt9), causing the server to leak information in the error page. This is an information-disclosure in the error hand...
CVE-2000-0759
The CVE-2000-0759 entry concerns Jakarta Tomcat 3.1 running under Apache, where requesting a nonexistent URL causes an error page that reveals the full physical path of the webroot. Root cause: information disclosure via error handling that leaks filesystem paths, enabling an attacker to map the ...
CVE-2001-0917
The CVE-2001-0917 entry concerns Apache Tomcat 4.0.1. The provided materials confirm an information-disclosure vulnerability where remote attackers can reveal the full install path of Tomcat by requesting a long URL that ends with a .JSP extension. The issue is tied to path disclosure via crafted...
CVE-2001-1563
CVE-2001-1563 refers to a vulnerability in Tomcat 3.2.1 running on HP Secure OS for Linux 1.0 where attackers could access servlet resources. The vendor advisory is vague about full scope, but a public remediation exists: Apache Tomcat 3.2.4 fixes this issue. While the exact root cause isn’t deta...
CVE-2002-0935
The CVE-2002-0935 issue affects Apache Tomcat 4.0.3 and possibly earlier 4.1.3 beta; it enables remote denial of service through a flood of requests containing null characters, causing server threads to hang due to resource exhaustion. The vulnerability targets the HTTP request handling path, lea...
CVE-2002-1895
The vulnerability CVE-2002-1895 affects the Tomcat servlet engine in versions 3.3 and 4.0.4 when used with IIS and the ajp1.3 connector. Affected component: servlet engine; issue: remote attackers can trigger a denial of service (crash) by issuing a large sequence of HTTP GET requests for MS-DOS ...
CVE-2005-4703
CVE-2005-4703 affects Apache Tomcat 4.0.3 on Windows. When a request targets a file whose name matches an MS-DOS device name (e.g., lpt9), the server may disclose the pathname in an error message (demonstrated by lpt9.xtp, e.g., via Nikto). Root cause: improper handling of MS-DOS device names lea...