apache tomcat 8.0 vulnerabilities and exploits

(subscribe to this query)

7.2

CVSSv2

The Tomcat init script in the tomcat7 package before 7.0.56-3+deb8u4 and tomcat8 package before 8.0.14-1+deb8u3 on Debian jessie and the tomcat6 and libtomcat6-java packages before 6.0.35-1ubuntu3.8 on Ubuntu 12.04 LTS, the tomcat7 and libtomcat7-java packages before...

Apache Tomcat 6.0 Apache Tomcat 7.0 Apache Tomcat 8.01 EDB exploit available7 Github repositories available

6.8

CVSSv2

Session fixation vulnerability in Apache Tomcat 7.x before 7.0.66, 8.x before 8.0.30, and 9.x before 9.0.0.M2, when different session settings are used for deployments of multiple versions of the same web application, might allow remote attackers to hijack web sessions by...

Apache Tomcat 8.0.29 Apache Tomcat 8.0.28 Apache Tomcat 8.0.11 Apache Tomcat 8.0.12 Apache Tomcat 8.0.23 Apache Tomcat 8.0.24 Apache Tomcat 7.0.14 Apache Tomcat 7.0.16 Apache Tomcat 7.0.25 Apache Tomcat 7.0.26 Apache Tomcat 7.0.35 Apache Tomcat 7.0.37 Apache Tomcat 7.0.5 Apache Tomcat 7.0.50 Apache Tomcat 7.0.59 Apache Tomcat 7.0.6 Apache Tomcat 8.0.27 Apache Tomcat 8.0.0 Apache Tomcat 8.0.14 Apache Tomcat 8.0.15 Apache Tomcat 8.0.26 Apache Tomcat 7.0.65 Apache Tomcat 7.0.19 Apache Tomcat 7.0.2 Apache Tomcat 7.0.27 Apache Tomcat 7.0.28 Apache Tomcat 7.0.39 Apache Tomcat 7.0.4 Apache Tomcat 7.0.52 Apache Tomcat 7.0.53 Apache Tomcat 7.0.61 Apache Tomcat 7.0.62 Apache Tomcat 7.0.63 Apache Tomcat 8.0.17 Apache Tomcat 8.0.18 Apache Tomcat 7.0.0 Apache Tomcat 7.0.10 Apache Tomcat 7.0.20 Apache Tomcat 7.0.21 Apache Tomcat 7.0.29 Apache Tomcat 7.0.30 Apache Tomcat 7.0.32 Apache Tomcat 7.0.40 Apache Tomcat 7.0.41 Apache Tomcat 7.0.54 Apache Tomcat 7.0.55 Apache Tomcat 7.0.64 Apache Tomcat 9.0.0 Apache Tomcat 8.0.3 Apache Tomcat 8.0.1 Apache Tomcat 8.0.20 Apache Tomcat 8.0.21 Apache Tomcat 8.0.22 Apache Tomcat 7.0.11 Apache Tomcat 7.0.12 Apache Tomcat 7.0.22 Apache Tomcat 7.0.23 Apache Tomcat 7.0.33 Apache Tomcat 7.0.34 Apache Tomcat 7.0.42 Apache Tomcat 7.0.47 Apache Tomcat 7.0.56 Apache Tomcat 7.0.57 Canonical Ubuntu Linux 14.04 Canonical Ubuntu Linux 12.04 Canonical Ubuntu Linux 16.04 Canonical Ubuntu Linux 15.10 Debian Debian Linux 8.0 Debian Debian Linux 7.01 Github repository available

4

CVSSv2

Apache Tomcat 6.x before 6.0.45, 7.x before 7.0.68, 8.x before 8.0.31, and 9.x before 9.0.0.M2 does not place org.apache.catalina.manager.StatusManagerServlet on the org/apache/catalina/core/RestrictedServlets.properties list, which allows remote authenticated users to bypass...

Canonical Ubuntu Linux 12.04 Canonical Ubuntu Linux 15.10 Canonical Ubuntu Linux 14.04 Canonical Ubuntu Linux 16.04 Debian Debian Linux 8.0 Debian Debian Linux 7.0 Apache Tomcat 8.0.27 Apache Tomcat 7.0.67 Apache Tomcat 7.0.65 Apache Tomcat 8.0.18 Apache Tomcat 8.0.17 Apache Tomcat 8.0.0 Apache Tomcat 7.0.59 Apache Tomcat 7.0.57 Apache Tomcat 7.0.56 Apache Tomcat 7.0.47 Apache Tomcat 7.0.42 Apache Tomcat 7.0.34 Apache Tomcat 7.0.33 Apache Tomcat 7.0.23 Apache Tomcat 7.0.22 Apache Tomcat 7.0.12 Apache Tomcat 7.0.11 Apache Tomcat 6.0.4 Apache Tomcat 6.0.39 Apache Tomcat 6.0.28 Apache Tomcat 6.0.26 Apache Tomcat 6.0.16 Apache Tomcat 6.0.14 Apache Tomcat 6.0.0 Apache Tomcat 8.0.29 Apache Tomcat 8.0.28 Apache Tomcat 8.0.21 Apache Tomcat 8.0.20 Apache Tomcat 8.0.1 Apache Tomcat 7.0.61 Apache Tomcat 7.0.6 Apache Tomcat 7.0.50 Apache Tomcat 7.0.5 Apache Tomcat 7.0.37 Apache Tomcat 7.0.35 Apache Tomcat 7.0.27 Apache Tomcat 7.0.26 Apache Tomcat 7.0.25 Apache Tomcat 7.0.16 Apache Tomcat 7.0.14 Apache Tomcat 6.0.41 Apache Tomcat 6.0.30 Apache Tomcat 6.0.29 Apache Tomcat 6.0.2 Apache Tomcat 6.0.18 Apache Tomcat 6.0.1 Apache Tomcat 8.0.30 Apache Tomcat 8.0.3 Apache Tomcat 8.0.23 Apache Tomcat 8.0.22 Apache Tomcat 8.0.12 Apache Tomcat 8.0.11 Apache Tomcat 7.0.63 Apache Tomcat 7.0.62 Apache Tomcat 7.0.53 Apache Tomcat 7.0.52 Apache Tomcat 7.0.4 Apache Tomcat 7.0.39 Apache Tomcat 7.0.29 Apache Tomcat 7.0.28 Apache Tomcat 7.0.2 Apache Tomcat 7.0.19 Apache Tomcat 6.0.44 Apache Tomcat 6.0.43 Apache Tomcat 6.0.35 Apache Tomcat 6.0.33 Apache Tomcat 6.0.32 Apache Tomcat 6.0.10 Apache Tomcat 9.0.0 Apache Tomcat 8.0.26 Apache Tomcat 8.0.24 Apache Tomcat 8.0.15 Apache Tomcat 8.0.14 Apache Tomcat 7.0.64 Apache Tomcat 7.0.55 Apache Tomcat 7.0.54 Apache Tomcat 7.0.41 Apache Tomcat 7.0.40 Apache Tomcat 7.0.32 Apache Tomcat 7.0.30 Apache Tomcat 7.0.21 Apache Tomcat 7.0.20 Apache Tomcat 7.0.10 Apache Tomcat 7.0.0 Apache Tomcat 6.0.37 Apache Tomcat 6.0.36 Apache Tomcat 6.0.24 Apache Tomcat 6.0.20 Apache Tomcat 6.0.13 Apache Tomcat 6.0.11

4.3

CVSSv2

The CORS Filter in Apache Tomcat 9.0.0.M1 to 9.0.0.M21, 8.5.0 to 8.5.15, 8.0.0.RC1 to 8.0.44 and 7.0.41 to 7.0.78 did not add an HTTP Vary header indicating that the response varies depending on Origin. This permitted client and server side cache poisoning in some circumstances....

Apache Tomcat 9.0.0 Apache Tomcat 8.5.6 Apache Tomcat 8.5.7 Apache Tomcat 8.5.15 Apache Tomcat 8.0.37 Apache Tomcat 8.0.44 Apache Tomcat 7.0.78 Apache Tomcat 7.0.77 Apache Tomcat 7.0.41 Apache Tomcat 7.0.42 Apache Tomcat 7.0.49 Apache Tomcat 7.0.50 Apache Tomcat 7.0.58 Apache Tomcat 7.0.59 Apache Tomcat 7.0.67 Apache Tomcat 7.0.68 Apache Tomcat 8.0 Apache Tomcat 8.0.1 Apache Tomcat 8.0.8 Apache Tomcat 8.0.9 Apache Tomcat 8.0.17 Apache Tomcat 8.0.18 Apache Tomcat 8.0.25 Apache Tomcat 8.0.26 Apache Tomcat 8.0.33 Apache Tomcat 8.0.34 Apache Tomcat 8.5.11 Apache Tomcat 8.5.12 Apache Tomcat 8.0.40 Apache Tomcat 8.0.41 Apache Tomcat 7.0.73 Apache Tomcat 7.0.74 Apache Tomcat 7.0.45 Apache Tomcat 7.0.46 Apache Tomcat 7.0.54 Apache Tomcat 7.0.55 Apache Tomcat 7.0.62 Apache Tomcat 7.0.63 Apache Tomcat 8.0.0 Apache Tomcat 8.0.4 Apache Tomcat 8.0.5 Apache Tomcat 8.0.12 Apache Tomcat 8.0.13 Apache Tomcat 8.0.14 Apache Tomcat 8.0.21 Apache Tomcat 8.0.22 Apache Tomcat 8.0.29 Apache Tomcat 8.0.30 Apache Tomcat 8.5.0 Apache Tomcat 8.5.1 Apache Tomcat 8.5.2 Apache Tomcat 8.5.8 Apache Tomcat 8.5.9 Apache Tomcat 8.5.10 Apache Tomcat 8.0.38 Apache Tomcat 8.0.39 Apache Tomcat 7.0.71 Apache Tomcat 7.0.72 Apache Tomcat 7.0.43 Apache Tomcat 7.0.44 Apache Tomcat 7.0.52 Apache Tomcat 7.0.53 Apache Tomcat 7.0.60 Apache Tomcat 7.0.61 Apache Tomcat 7.0.69 Apache Tomcat 7.0.70 Apache Tomcat 8.0.2 Apache Tomcat 8.0.3 Apache Tomcat 8.0.10 Apache Tomcat 8.0.11 Apache Tomcat 8.0.19 Apache Tomcat 8.0.20 Apache Tomcat 8.0.27 Apache Tomcat 8.0.28 Apache Tomcat 8.0.35 Apache Tomcat 8.0.36 Apache Tomcat 8.5.5 Apache Tomcat 8.5.13 Apache Tomcat 8.5.14 Apache Tomcat 8.0.42 Apache Tomcat 8.0.43 Apache Tomcat 7.0.75 Apache Tomcat 7.0.76 Apache Tomcat 7.0.47 Apache Tomcat 7.0.48 Apache Tomcat 7.0.56 Apache Tomcat 7.0.57 Apache Tomcat 7.0.64 Apache Tomcat 7.0.65 Apache Tomcat 7.0.66 Apache Tomcat 8.0.6 Apache Tomcat 8.0.7 Apache Tomcat 8.0.15 Apache Tomcat 8.0.16 Apache Tomcat 8.0.23 Apache Tomcat 8.0.24 Apache Tomcat 8.0.31 Apache Tomcat 8.0.32 Apache Tomcat 8.5.3 Apache Tomcat 8.5.42 Github repositories available

5

CVSSv2

A bug in the error handling of the send file code for the NIO HTTP connector in Apache Tomcat 9.0.0.M1 to 9.0.0.M13, 8.5.0 to 8.5.8, 8.0.0.RC1 to 8.0.39, 7.0.0 to 7.0.73 and 6.0.16 to 6.0.48 resulted in the current Processor object being added to the Processor cache multiple...

Apache Tomcat 7.0.33 Apache Tomcat 7.0.34 Apache Tomcat 7.0.22 Apache Tomcat 7.0.23 Apache Tomcat 7.0.30 Apache Tomcat 7.0.11 Apache Tomcat 7.0.18 Apache Tomcat 7.0.19 Apache Tomcat 7.0.7 Apache Tomcat 7.0.8 Apache Tomcat 7.0.45 Apache Tomcat 7.0.46 Apache Tomcat 7.0.54 Apache Tomcat 7.0.55 Apache Tomcat 7.0.63 Apache Tomcat 7.0.64 Apache Tomcat 7.0.71 Apache Tomcat 7.0.72 Apache Tomcat 8.0.1 Apache Tomcat 8.0.2 Apache Tomcat 8.0.3 Apache Tomcat 8.0.10 Apache Tomcat 8.0.11 Apache Tomcat 8.0.18 Apache Tomcat 8.0.19 Apache Tomcat 8.0.27 Apache Tomcat 8.0.28 Apache Tomcat 8.0.35 Apache Tomcat 8.0.36 Apache Tomcat 8.5.3 Apache Tomcat 8.5.4 Apache Tomcat 9.0.0 Apache Tomcat 7.0.35 Apache Tomcat 7.0.36 Apache Tomcat 7.0.24 Apache Tomcat 7.0.25 Apache Tomcat 7.0.12 Apache Tomcat 7.0.13 Apache Tomcat 7.0.20 Apache Tomcat 7.0.1 Apache Tomcat 7.0.9 Apache Tomcat 7.0.0 Apache Tomcat 7.0.47 Apache Tomcat 7.0.48 Apache Tomcat 7.0.56 Apache Tomcat 7.0.57 Apache Tomcat 7.0.58 Apache Tomcat 7.0.65 Apache Tomcat 7.0.66 Apache Tomcat 7.0.73 Apache Tomcat 8.0 Apache Tomcat 8.0.4 Apache Tomcat 8.0.5 Apache Tomcat 8.0.12 Apache Tomcat 8.0.13 Apache Tomcat 8.0.20 Apache Tomcat 8.0.21 Apache Tomcat 8.0.29 Apache Tomcat 8.0.30 Apache Tomcat 8.0.37 Apache Tomcat 8.0.38 Apache Tomcat 8.5.5 Apache Tomcat 8.5.6 Apache Tomcat 7.0.31 Apache Tomcat 7.0.32 Apache Tomcat 7.0.40 Apache Tomcat 7.0.21 Apache Tomcat 7.0.28 Apache Tomcat 7.0.29 Apache Tomcat 7.0.16 Apache Tomcat 7.0.17 Apache Tomcat 7.0.5 Apache Tomcat 7.0.6 Apache Tomcat 7.0.43 Apache Tomcat 7.0.44 Apache Tomcat 7.0.52 Apache Tomcat 7.0.53 Apache Tomcat 7.0.61 Apache Tomcat 7.0.62 Apache Tomcat 7.0.69 Apache Tomcat 7.0.70 Apache Tomcat 8.0.0 Apache Tomcat 8.0.8 Apache Tomcat 8.0.9 Apache Tomcat 8.0.16 Apache Tomcat 8.0.17 Apache Tomcat 8.0.24 Apache Tomcat 8.0.25 Apache Tomcat 8.0.26 Apache Tomcat 8.0.33 Apache Tomcat 8.0.34 Apache Tomcat 8.5.1 Apache Tomcat 8.5.2 Apache Tomcat 7.0.37 Apache Tomcat 7.0.38 Apache Tomcat 7.0.39 Apache Tomcat 7.0.26 Apache Tomcat 7.0.27 Apache Tomcat 7.0.14 Apache Tomcat 7.0.15 Apache Tomcat 7.0.2 Apache Tomcat 7.0.3 Apache Tomcat 7.0.4 Apache Tomcat 7.0.41 Apache Tomcat 7.0.42 Apache Tomcat 7.0.49 Apache Tomcat 7.0.50 Apache Tomcat 7.0.59 Apache Tomcat 7.0.60 Apache Tomcat 7.0.67 Apache Tomcat 7.0.68 Apache Tomcat 8.0.6 Apache Tomcat 8.0.7 Apache Tomcat 8.0.14 Apache Tomcat 8.0.15 Apache Tomcat 8.0.22 Apache Tomcat 8.0.23 Apache Tomcat 8.0.31 Apache Tomcat 8.0.32 Apache Tomcat 8.0.39 Apache Tomcat 8.5.0 Apache Tomcat 8.5.7 Apache Tomcat 8.5.82 Github repositories available2 Articles available

6.5

CVSSv2

The setGlobalContext method in org/apache/naming/factory/ResourceLinkFactory.java in Apache Tomcat 7.x before 7.0.68, 8.x before 8.0.31, and 9.x before 9.0.0.M3 does not consider whether ResourceLinkFactory.setGlobalContext callers are authorized, which allows remote...

Debian Debian Linux 8.0 Debian Debian Linux 7.0 Apache Tomcat 8.0.30 Apache Tomcat 8.0.3 Apache Tomcat 8.0.24 Apache Tomcat 8.0.23 Apache Tomcat 8.0.12 Apache Tomcat 8.0.11 Apache Tomcat 7.0.63 Apache Tomcat 7.0.62 Apache Tomcat 7.0.54 Apache Tomcat 7.0.53 Apache Tomcat 7.0.4 Apache Tomcat 8.0.27 Apache Tomcat 7.0.67 Apache Tomcat 8.0.20 Apache Tomcat 8.0.18 Apache Tomcat 8.0.17 Apache Tomcat 8.0.0 Apache Tomcat 7.0.59 Apache Tomcat 7.0.57 Apache Tomcat 7.0.47 Apache Tomcat 7.0.42 Apache Tomcat 7.0.34 Apache Tomcat 7.0.33 Apache Tomcat 7.0.25 Apache Tomcat 7.0.23 Apache Tomcat 7.0.12 Apache Tomcat 7.0.11 Apache Tomcat 9.0.0 Apache Tomcat 7.0.65 Apache Tomcat 8.0.26 Apache Tomcat 8.0.15 Apache Tomcat 8.0.14 Apache Tomcat 7.0.64 Apache Tomcat 7.0.56 Apache Tomcat 7.0.55 Apache Tomcat 7.0.41 Apache Tomcat 7.0.40 Apache Tomcat 7.0.32 Apache Tomcat 7.0.30 Apache Tomcat 7.0.22 Apache Tomcat 7.0.21 Apache Tomcat 7.0.10 Apache Tomcat 7.0.0 Apache Tomcat 7.0.39 Apache Tomcat 7.0.29 Apache Tomcat 7.0.28 Apache Tomcat 7.0.20 Apache Tomcat 7.0.2 Apache Tomcat 8.0.29 Apache Tomcat 8.0.28 Apache Tomcat 8.0.22 Apache Tomcat 8.0.21 Apache Tomcat 8.0.1 Apache Tomcat 7.0.61 Apache Tomcat 7.0.6 Apache Tomcat 7.0.52 Apache Tomcat 7.0.50 Apache Tomcat 7.0.5 Apache Tomcat 7.0.37 Apache Tomcat 7.0.35 Apache Tomcat 7.0.27 Apache Tomcat 7.0.26 Apache Tomcat 7.0.19 Apache Tomcat 7.0.16 Apache Tomcat 7.0.14 Canonical Ubuntu Linux 14.04 Canonical Ubuntu Linux 16.04 Canonical Ubuntu Linux 12.04 Canonical Ubuntu Linux 15.10

6.5

CVSSv2

The session-persistence implementation in Apache Tomcat 6.x before 6.0.45, 7.x before 7.0.68, 8.x before 8.0.31, and 9.x before 9.0.0.M2 mishandles session attributes, which allows remote authenticated users to bypass intended SecurityManager restrictions and execute arbitrary...

Apache Tomcat 8.0.29 Apache Tomcat 8.0.28 Apache Tomcat 8.0.20 Apache Tomcat 8.0.18 Apache Tomcat 8.0.0 Apache Tomcat 7.0.6 Apache Tomcat 7.0.59 Apache Tomcat 7.0.5 Apache Tomcat 7.0.47 Apache Tomcat 7.0.35 Apache Tomcat 7.0.34 Apache Tomcat 7.0.26 Apache Tomcat 7.0.25 Apache Tomcat 7.0.23 Apache Tomcat 7.0.14 Apache Tomcat 7.0.12 Apache Tomcat 6.0.4 Apache Tomcat 6.0.29 Apache Tomcat 8.0.27 Apache Tomcat 9.0.0 Apache Tomcat 8.0.17 Apache Tomcat 8.0.15 Apache Tomcat 7.0.57 Apache Tomcat 7.0.56 Apache Tomcat 7.0.55 Apache Tomcat 7.0.42 Apache Tomcat 7.0.41 Apache Tomcat 7.0.33 Apache Tomcat 7.0.32 Apache Tomcat 7.0.22 Apache Tomcat 7.0.21 Apache Tomcat 7.0.11 Apache Tomcat 7.0.10 Apache Tomcat 6.0.39 Apache Tomcat 6.0.37 Apache Tomcat 6.0.26 Apache Tomcat 6.0.24 Apache Tomcat 6.0.14 Apache Tomcat 6.0.13 Apache Tomcat 8.0.30 Apache Tomcat 8.0.3 Apache Tomcat 8.0.22 Apache Tomcat 8.0.21 Apache Tomcat 8.0.11 Apache Tomcat 8.0.1 Apache Tomcat 7.0.62 Apache Tomcat 7.0.61 Apache Tomcat 7.0.52 Apache Tomcat 7.0.50 Apache Tomcat 7.0.39 Apache Tomcat 7.0.37 Apache Tomcat 7.0.28 Apache Tomcat 7.0.27 Apache Tomcat 7.0.19 Apache Tomcat 7.0.16 Apache Tomcat 6.0.43 Apache Tomcat 6.0.41 Apache Tomcat 6.0.33 Apache Tomcat 6.0.32 Apache Tomcat 6.0.30 Apache Tomcat 6.0.2 Apache Tomcat 6.0.1 Apache Tomcat 6.0.28 Apache Tomcat 6.0.18 Apache Tomcat 6.0.16 Apache Tomcat 6.0.0 Apache Tomcat 7.0.67 Apache Tomcat 7.0.65 Apache Tomcat 8.0.26 Apache Tomcat 8.0.24 Apache Tomcat 8.0.23 Apache Tomcat 8.0.14 Apache Tomcat 8.0.12 Apache Tomcat 7.0.64 Apache Tomcat 7.0.63 Apache Tomcat 7.0.54 Apache Tomcat 7.0.53 Apache Tomcat 7.0.40 Apache Tomcat 7.0.4 Apache Tomcat 7.0.30 Apache Tomcat 7.0.29 Apache Tomcat 7.0.20 Apache Tomcat 7.0.2 Apache Tomcat 7.0.0 Apache Tomcat 6.0.44 Apache Tomcat 6.0.36 Apache Tomcat 6.0.35 Apache Tomcat 6.0.20 Apache Tomcat 6.0.11 Apache Tomcat 6.0.10 Debian Debian Linux 8.0 Debian Debian Linux 7.0 Canonical Ubuntu Linux 16.04 Canonical Ubuntu Linux 15.10 Canonical Ubuntu Linux 14.04 Canonical Ubuntu Linux 12.043 Github repositories available

7.8

CVSSv2

The MultipartStream class in Apache Commons Fileupload before 1.3.2, as used in Apache Tomcat 7.x before 7.0.70, 8.x before 8.0.36, 8.5.x before 8.5.3, and 9.x before 9.0.0.M7 and other products, allows remote attackers to cause a denial of service (CPU consumption) via a long...

Hp Icewall Sso Agent Option 10.0 Hp Icewall Identity Manager 5.0 Apache Tomcat 9.0.0 Apache Tomcat 8.0.32 Apache Tomcat 8.0.3 Apache Tomcat 8.0.30 Apache Tomcat 8.0.22 Apache Tomcat 8.0.21 Apache Tomcat 8.0.11 Apache Tomcat 8.0.1 Apache Tomcat 8.0.8 Apache Tomcat 8.0.5 Apache Tomcat 8.0.27 Apache Tomcat 8.0.26 Apache Tomcat 8.0.17 Apache Tomcat 8.0.15 Apache Tomcat 8.0.0 Apache Tomcat 8.0.35 Apache Tomcat 8.0.33 Apache Tomcat 8.0.24 Apache Tomcat 8.0.23 Apache Tomcat 8.0.14 Apache Tomcat 8.0.12 Apache Tomcat 8.0.29 Apache Tomcat 8.0.28 Apache Tomcat 8.0.20 Apache Tomcat 8.0.18 Debian Debian Linux 8.0 Apache Tomcat 8.5.2 Apache Tomcat 8.5.0 Apache Commons Fileupload Canonical Ubuntu Linux 16.04 Canonical Ubuntu Linux 15.10 Canonical Ubuntu Linux 14.04 Canonical Ubuntu Linux 12.04 Apache Tomcat 7.0.65 Apache Tomcat 7.0.64 Apache Tomcat 7.0.55 Apache Tomcat 7.0.54 Apache Tomcat 7.0.53 Apache Tomcat 7.0.52 Apache Tomcat 7.0.61 Apache Tomcat 7.0.6 Apache Tomcat 7.0.59 Apache Tomcat 7.0.5 Apache Tomcat 7.0.47 Apache Tomcat 7.0.37 Apache Tomcat 7.0.35 Apache Tomcat 7.0.26 Apache Tomcat 7.0.25 Apache Tomcat 7.0.19 Apache Tomcat 7.0.16 Apache Tomcat 7.0.0 Apache Tomcat 7.0.8 Apache Tomcat 7.0.67 Apache Tomcat 7.0.57 Apache Tomcat 7.0.56 Apache Tomcat 7.0.42 Apache Tomcat 7.0.41 Apache Tomcat 7.0.34 Apache Tomcat 7.0.33 Apache Tomcat 7.0.23 Apache Tomcat 7.0.22 Apache Tomcat 7.0.14 Apache Tomcat 7.0.12 Apache Tomcat 7.0.40 Apache Tomcat 7.0.4 Apache Tomcat 7.0.32 Apache Tomcat 7.0.30 Apache Tomcat 7.0.21 Apache Tomcat 7.0.20 Apache Tomcat 7.0.11 Apache Tomcat 7.0.10 Apache Tomcat 7.0.69 Apache Tomcat 7.0.68 Apache Tomcat 7.0.63 Apache Tomcat 7.0.62 Apache Tomcat 7.0.50 Apache Tomcat 7.0.39 Apache Tomcat 7.0.29 Apache Tomcat 7.0.28 Apache Tomcat 7.0.27 Apache Tomcat 7.0.2 Apache Tomcat 7.0.1

4

CVSSv2

Directory traversal vulnerability in RequestUtil.java in Apache Tomcat 6.x before 6.0.45, 7.x before 7.0.65, and 8.x before 8.0.27 allows remote authenticated users to bypass intended SecurityManager restrictions and list a parent directory via a /.. (slash dot dot) in a...

Debian Debian Linux 8.0 Debian Debian Linux 7.0 Apache Tomcat 8.0.20 Apache Tomcat 8.0.18 Apache Tomcat 8.0.17 Apache Tomcat 8.0.0 Apache Tomcat 8.0.24 Apache Tomcat 8.0.23 Apache Tomcat 8.0.12 Apache Tomcat 8.0.11 Apache Tomcat 7.0.63 Apache Tomcat 7.0.62 Apache Tomcat 7.0.54 Apache Tomcat 7.0.53 Apache Tomcat 7.0.4 Apache Tomcat 7.0.39 Apache Tomcat 7.0.29 Apache Tomcat 7.0.28 Apache Tomcat 7.0.20 Apache Tomcat 7.0.2 Apache Tomcat 7.0.19 Apache Tomcat 6.0.44 Apache Tomcat 6.0.43 Apache Tomcat 6.0.35 Apache Tomcat 6.0.33 Apache Tomcat 6.0.2 Apache Tomcat 6.0.10 Apache Tomcat 6.0.1 Apache Tomcat 8.0.22 Apache Tomcat 8.0.21 Apache Tomcat 8.0.1 Apache Tomcat 7.0.61 Apache Tomcat 7.0.6 Apache Tomcat 7.0.52 Apache Tomcat 7.0.50 Apache Tomcat 7.0.5 Apache Tomcat 7.0.37 Apache Tomcat 7.0.35 Apache Tomcat 7.0.27 Apache Tomcat 7.0.26 Apache Tomcat 7.0.16 Apache Tomcat 7.0.14 Apache Tomcat 6.0.41 Apache Tomcat 6.0.4 Apache Tomcat 6.0.32 Apache Tomcat 6.0.30 Apache Tomcat 6.0.18 Apache Tomcat 6.0.0 Apache Tomcat 8.0.26 Apache Tomcat 8.0.15 Apache Tomcat 8.0.14 Apache Tomcat 7.0.64 Apache Tomcat 7.0.56 Apache Tomcat 7.0.55 Apache Tomcat 7.0.41 Apache Tomcat 7.0.40 Apache Tomcat 7.0.32 Apache Tomcat 7.0.30 Apache Tomcat 7.0.22 Apache Tomcat 7.0.21 Apache Tomcat 7.0.10 Apache Tomcat 7.0.0 Apache Tomcat 6.0.37 Apache Tomcat 6.0.36 Apache Tomcat 6.0.26 Apache Tomcat 6.0.24 Apache Tomcat 6.0.20 Apache Tomcat 6.0.13 Apache Tomcat 6.0.11 Apache Tomcat 7.0.59 Apache Tomcat 7.0.57 Apache Tomcat 7.0.47 Apache Tomcat 7.0.42 Apache Tomcat 7.0.34 Apache Tomcat 7.0.33 Apache Tomcat 7.0.25 Apache Tomcat 7.0.23 Apache Tomcat 7.0.12 Apache Tomcat 7.0.11 Apache Tomcat 6.0.39 Apache Tomcat 6.0.29 Apache Tomcat 6.0.28 Apache Tomcat 6.0.16 Apache Tomcat 6.0.14 Canonical Ubuntu Linux 14.04 Canonical Ubuntu Linux 12.04 Canonical Ubuntu Linux 16.04 Canonical Ubuntu Linux 15.10

6.8

CVSSv2

The (1) Manager and (2) Host Manager applications in Apache Tomcat 7.x before 7.0.68, 8.x before 8.0.31, and 9.x before 9.0.0.M2 establish sessions and send CSRF tokens for arbitrary new requests, which allows remote attackers to bypass a CSRF protection mechanism by using a...

Apache Tomcat 7.0.65 Apache Tomcat 7.0.0 Apache Tomcat 7.0.2 Apache Tomcat 7.0.20 Apache Tomcat 7.0.28 Apache Tomcat 7.0.29 Apache Tomcat 7.0.30 Apache Tomcat 7.0.4 Apache Tomcat 7.0.40 Apache Tomcat 7.0.53 Apache Tomcat 7.0.54 Apache Tomcat 7.0.63 Apache Tomcat 7.0.64 Apache Tomcat 9.0.0 Apache Tomcat 8.0.30 Apache Tomcat 8.0.3 Apache Tomcat 7.0.10 Apache Tomcat 7.0.11 Apache Tomcat 7.0.21 Apache Tomcat 7.0.22 Apache Tomcat 7.0.32 Apache Tomcat 7.0.33 Apache Tomcat 7.0.41 Apache Tomcat 7.0.42 Apache Tomcat 7.0.55 Apache Tomcat 7.0.56 Apache Tomcat 8.0.0 Apache Tomcat 8.0.15 Apache Tomcat 8.0.17 Apache Tomcat 8.0.26 Apache Tomcat 8.0.29 Apache Tomcat 8.0.28 Apache Tomcat 7.0.12 Apache Tomcat 7.0.14 Apache Tomcat 7.0.23 Apache Tomcat 7.0.25 Apache Tomcat 7.0.34 Apache Tomcat 7.0.35 Apache Tomcat 7.0.47 Apache Tomcat 7.0.5 Apache Tomcat 7.0.57 Apache Tomcat 7.0.59 Apache Tomcat 8.0.18 Apache Tomcat 8.0.20 Apache Tomcat 8.0.12 Apache Tomcat 8.0.14 Apache Tomcat 8.0.23 Apache Tomcat 8.0.24 Apache Tomcat 8.0.27 Apache Tomcat 7.0.67 Apache Tomcat 7.0.16 Apache Tomcat 7.0.19 Apache Tomcat 7.0.26 Apache Tomcat 7.0.27 Apache Tomcat 7.0.37 Apache Tomcat 7.0.39 Apache Tomcat 7.0.50 Apache Tomcat 7.0.52 Apache Tomcat 7.0.6 Apache Tomcat 7.0.61 Apache Tomcat 7.0.62 Apache Tomcat 8.0.1 Apache Tomcat 8.0.11 Apache Tomcat 8.0.21 Apache Tomcat 8.0.22 Debian Debian Linux 8.0 Debian Debian Linux 7.0 Canonical Ubuntu Linux 14.04 Canonical Ubuntu Linux 12.04 Canonical Ubuntu Linux 16.04 Canonical Ubuntu Linux 15.10

Get Started

1 2 3 4 NEXT »

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook