Tomcat Security Vulnerabilities and Issues — Tomcat CVE List

Lucene search

ApacheTomcat

9 matches found

CVE•added 2008/08/13 12:41 a.m.•173 views

CVE-2008-2938

Directory traversal vulnerability in Apache Tomcat 4.1.0 through 4.1.37, 5.5.0 through 5.5.26, and 6.0.0 through 6.0.16, when allowLinking and UTF-8 are enabled, allows remote attackers to read arbitrary files via encoded directory traversal sequences in the URI, a different vulnerability than CVE-...

4.3CVSS7.5AI score0.92931EPSS

CVE•added 2008/02/12 1:0 a.m.•132 views

CVE-2007-5333

Apache Tomcat 6.0.0 through 6.0.14, 5.5.0 through 5.5.25, and 4.1.0 through 4.1.36 does not properly handle (1) double quote (") characters or (2) %5C (encoded backslash) sequences in a cookie value, which might cause sensitive information such as session IDs to be leaked to remote attackers and en...

5CVSS4.7AI score0.83044EPSS

CVE•added 2008/08/04 1:41 a.m.•110 views

CVE-2008-2370

Apache Tomcat 4.1.0 through 4.1.37, 5.5.0 through 5.5.26, and 6.0.0 through 6.0.16, when a RequestDispatcher is used, performs path normalization before removing the query string from the URI, which allows remote attackers to conduct directory traversal attacks and read arbitrary files via a .. (do...

5CVSS7.3AI score0.88991EPSS

CVE•added 2008/08/04 1:41 a.m.•109 views

CVE-2008-1232

Cross-site scripting (XSS) vulnerability in Apache Tomcat 4.1.0 through 4.1.37, 5.5.0 through 5.5.26, and 6.0.0 through 6.0.16 allows remote attackers to inject arbitrary web script or HTML via a crafted string that is used in the message argument to the HttpServletResponse.sendError method.

4.3CVSS6.5AI score0.38225EPSS

CVE•added 2008/06/04 7:32 p.m.•92 views

CVE-2008-1947

Cross-site scripting (XSS) vulnerability in Apache Tomcat 5.5.9 through 5.5.26 and 6.0.0 through 6.0.16 allows remote attackers to inject arbitrary web script or HTML via the name parameter (aka the hostname attribute) to host-manager/html/add.

4.3CVSS6.6AI score0.49114EPSS

CVE•added 2008/01/23 2:0 a.m.•82 views

CVE-2008-0128

The SingleSignOn Valve (org.apache.catalina.authenticator.SingleSignOn) in Apache Tomcat before 5.5.21 does not set the secure flag for the JSESSIONIDSSO cookie in an https session, which can cause the cookie to be sent in http requests and make it easier for remote attackers to capture this cookie...

5CVSS9AI score0.02898EPSS

CVE•added 2008/02/12 1:0 a.m.•77 views

CVE-2008-0002

Apache Tomcat 6.0.0 through 6.0.15 processes parameters in the context of the wrong request when an exception occurs during parameter processing, which might allow remote attackers to obtain sensitive information, as demonstrated by disconnecting during this processing in order to trigger the excep...

5.8CVSS7.3AI score0.04097EPSS

CVE•added 2008/02/12 1:0 a.m.•68 views

CVE-2007-6286

Apache Tomcat 5.5.11 through 5.5.25 and 6.0.0 through 6.0.15, when the native APR connector is used, does not properly handle an empty request to the SSL port, which allows remote attackers to trigger handling of "a duplicate copy of one of the recent requests," as demonstrated by using netcat to s...

4.3CVSS5.7AI score0.1187EPSS

CVE•added 2008/10/13 8:0 p.m.•53 views

CVE-2008-3271

Apache Tomcat 5.5.0 and 4.1.0 through 4.1.31 allows remote attackers to bypass an IP address restriction and obtain sensitive information via a request that is processed concurrently with another request but in a different thread, leading to an instance-variable overwrite associated with a "synchro...

4.3CVSS5.9AI score0.043EPSS