Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

apache tomcat 8.0.22 vulnerabilities and exploits

(subscribe to this query)

6.8
CVSSv2
CVE-2015-5346
A vulnerability in Apache Tomcat could allow an unauthenticated, remote attacker to manipulate the session ID on a targeted system. The vulnerability is due to improper handling of request objects by the affected software. An attacker could exploit this vulnerability by reusing...
4
CVSSv2
CVE-2016-0706
Apache Tomcat 6.x before 6.0.45, 7.x before 7.0.68, 8.x before 8.0.31, and 9.x before 9.0.0.M2 does not place org.apache.catalina.manager.StatusManagerServlet on the org/apache/catalina/core/RestrictedServlets.properties list, which allows remote authenticated users to bypass...
Canonical Ubuntu Linux 12.04Canonical Ubuntu Linux 16.04Canonical Ubuntu Linux 15.10Canonical Ubuntu Linux 14.04Debian Debian Linux 8.0Debian Debian Linux 7.0Apache Tomcat 7.0.2Apache Tomcat 6.0.33Apache Tomcat 6.0.0Apache Tomcat 8.0.30Apache Tomcat 6.0.39Apache Tomcat 7.0.12Apache Tomcat 7.0.62Apache Tomcat 8.0.17Apache Tomcat 7.0.53Apache Tomcat 6.0.4Apache Tomcat 7.0.20Apache Tomcat 6.0.11Apache Tomcat 7.0.34Apache Tomcat 8.0.26Apache Tomcat 7.0.55Apache Tomcat 7.0.4Apache Tomcat 7.0.63Apache Tomcat 8.0.20Apache Tomcat 7.0.22Apache Tomcat 7.0.39Apache Tomcat 7.0.26Apache Tomcat 9.0.0Apache Tomcat 7.0.28Apache Tomcat 8.0.1Apache Tomcat 8.0.0Apache Tomcat 7.0.59Apache Tomcat 7.0.65Apache Tomcat 6.0.44Apache Tomcat 7.0.50Apache Tomcat 7.0.6Apache Tomcat 6.0.20Apache Tomcat 8.0.12Apache Tomcat 7.0.14Apache Tomcat 6.0.10Apache Tomcat 8.0.27Apache Tomcat 8.0.15Apache Tomcat 6.0.29Apache Tomcat 7.0.11Apache Tomcat 7.0.67Apache Tomcat 7.0.23Apache Tomcat 7.0.0Apache Tomcat 6.0.1Apache Tomcat 6.0.24Apache Tomcat 8.0.22Apache Tomcat 8.0.29Apache Tomcat 6.0.37Apache Tomcat 7.0.52Apache Tomcat 7.0.42Apache Tomcat 6.0.32Apache Tomcat 6.0.28Apache Tomcat 7.0.37Apache Tomcat 7.0.29Apache Tomcat 8.0.11Apache Tomcat 8.0.24Apache Tomcat 8.0.23Apache Tomcat 7.0.47Apache Tomcat 7.0.5Apache Tomcat 8.0.21Apache Tomcat 6.0.14Apache Tomcat 7.0.41Apache Tomcat 7.0.30Apache Tomcat 7.0.19Apache Tomcat 7.0.16Apache Tomcat 6.0.41Apache Tomcat 7.0.10Apache Tomcat 8.0.18Apache Tomcat 7.0.25Apache Tomcat 7.0.54Apache Tomcat 7.0.35Apache Tomcat 7.0.61Apache Tomcat 8.0.3Apache Tomcat 6.0.18Apache Tomcat 7.0.57Apache Tomcat 6.0.2Apache Tomcat 8.0.14Apache Tomcat 7.0.32Apache Tomcat 6.0.43Apache Tomcat 7.0.21Apache Tomcat 7.0.27Apache Tomcat 7.0.40Apache Tomcat 6.0.30Apache Tomcat 6.0.13Apache Tomcat 7.0.56Apache Tomcat 6.0.26Apache Tomcat 8.0.28Apache Tomcat 7.0.64Apache Tomcat 6.0.35Apache Tomcat 6.0.16Apache Tomcat 6.0.36Apache Tomcat 7.0.33
6.8
CVSSv2
CVE-2015-5351
The (1) Manager and (2) Host Manager applications in Apache Tomcat 7.x before 7.0.68, 8.x before 8.0.31, and 9.x before 9.0.0.M2 establish sessions and send CSRF tokens for arbitrary new requests, which allows remote attackers to bypass a CSRF protection mechanism by using a...
Apache Tomcat 7.0.2Apache Tomcat 8.0.30Apache Tomcat 7.0.12Apache Tomcat 7.0.62Apache Tomcat 8.0.17Apache Tomcat 7.0.53Apache Tomcat 7.0.20Apache Tomcat 7.0.34Apache Tomcat 8.0.26Apache Tomcat 7.0.55Apache Tomcat 7.0.4Apache Tomcat 7.0.63Apache Tomcat 8.0.20Apache Tomcat 7.0.22Apache Tomcat 7.0.39Apache Tomcat 7.0.26Apache Tomcat 9.0.0Apache Tomcat 7.0.28Apache Tomcat 8.0.1Apache Tomcat 8.0.0Apache Tomcat 7.0.59Apache Tomcat 7.0.65Apache Tomcat 7.0.50Apache Tomcat 7.0.6Apache Tomcat 8.0.12Apache Tomcat 7.0.14Apache Tomcat 8.0.27Apache Tomcat 8.0.15Apache Tomcat 7.0.11Apache Tomcat 7.0.67Apache Tomcat 7.0.23Apache Tomcat 7.0.0Apache Tomcat 8.0.22Apache Tomcat 8.0.29Apache Tomcat 7.0.52Apache Tomcat 7.0.42Apache Tomcat 7.0.37Apache Tomcat 7.0.29Apache Tomcat 8.0.11Apache Tomcat 8.0.24Apache Tomcat 8.0.23Apache Tomcat 7.0.47Apache Tomcat 7.0.5Apache Tomcat 8.0.21Apache Tomcat 7.0.41Apache Tomcat 7.0.30Apache Tomcat 7.0.19Apache Tomcat 7.0.16Apache Tomcat 7.0.10Apache Tomcat 8.0.18Apache Tomcat 7.0.25Apache Tomcat 7.0.54Apache Tomcat 7.0.35Apache Tomcat 7.0.61Apache Tomcat 8.0.3Apache Tomcat 7.0.57Apache Tomcat 8.0.14Apache Tomcat 7.0.32Apache Tomcat 7.0.21Apache Tomcat 7.0.27Apache Tomcat 7.0.40Apache Tomcat 7.0.56Apache Tomcat 8.0.28Apache Tomcat 7.0.64Apache Tomcat 7.0.33Debian Debian Linux 8.0Debian Debian Linux 7.0Canonical Ubuntu Linux 12.04Canonical Ubuntu Linux 16.04Canonical Ubuntu Linux 15.10Canonical Ubuntu Linux 14.04
6.5
CVSSv2
CVE-2016-0763
The setGlobalContext method in org/apache/naming/factory/ResourceLinkFactory.java in Apache Tomcat 7.x before 7.0.68, 8.x before 8.0.31, and 9.x before 9.0.0.M3 does not consider whether ResourceLinkFactory.setGlobalContext callers are authorized, which allows remote...
Debian Debian Linux 8.0Debian Debian Linux 7.0Apache Tomcat 7.0.2Apache Tomcat 8.0.30Apache Tomcat 7.0.12Apache Tomcat 7.0.62Apache Tomcat 8.0.17Apache Tomcat 7.0.53Apache Tomcat 7.0.20Apache Tomcat 7.0.34Apache Tomcat 8.0.26Apache Tomcat 7.0.55Apache Tomcat 7.0.4Apache Tomcat 7.0.63Apache Tomcat 8.0.20Apache Tomcat 7.0.22Apache Tomcat 7.0.39Apache Tomcat 7.0.26Apache Tomcat 9.0.0Apache Tomcat 7.0.28Apache Tomcat 8.0.1Apache Tomcat 8.0.0Apache Tomcat 7.0.59Apache Tomcat 7.0.65Apache Tomcat 7.0.50Apache Tomcat 7.0.6Apache Tomcat 8.0.12Apache Tomcat 7.0.14Apache Tomcat 8.0.27Apache Tomcat 8.0.15Apache Tomcat 7.0.11Apache Tomcat 7.0.67Apache Tomcat 7.0.23Apache Tomcat 7.0.0Apache Tomcat 8.0.22Apache Tomcat 8.0.29Apache Tomcat 7.0.52Apache Tomcat 7.0.42Apache Tomcat 7.0.37Apache Tomcat 7.0.29Apache Tomcat 8.0.11Apache Tomcat 8.0.24Apache Tomcat 8.0.23Apache Tomcat 7.0.47Apache Tomcat 7.0.5Apache Tomcat 8.0.21Apache Tomcat 7.0.41Apache Tomcat 7.0.30Apache Tomcat 7.0.19Apache Tomcat 7.0.16Apache Tomcat 7.0.10Apache Tomcat 8.0.18Apache Tomcat 7.0.25Apache Tomcat 7.0.54Apache Tomcat 7.0.35Apache Tomcat 7.0.61Apache Tomcat 8.0.3Apache Tomcat 7.0.57Apache Tomcat 8.0.14Apache Tomcat 7.0.32Apache Tomcat 7.0.21Apache Tomcat 7.0.27Apache Tomcat 7.0.40Apache Tomcat 7.0.56Apache Tomcat 8.0.28Apache Tomcat 7.0.64Apache Tomcat 7.0.33Canonical Ubuntu Linux 12.04Canonical Ubuntu Linux 16.04Canonical Ubuntu Linux 15.10Canonical Ubuntu Linux 14.04
6.5
CVSSv2
CVE-2016-0714
The session-persistence implementation in Apache Tomcat 6.x before 6.0.45, 7.x before 7.0.68, 8.x before 8.0.31, and 9.x before 9.0.0.M2 mishandles session attributes, which allows remote authenticated users to bypass intended SecurityManager restrictions and execute arbitrary...
Apache Tomcat 7.0.2Apache Tomcat 6.0.33Apache Tomcat 6.0.0Apache Tomcat 8.0.30Apache Tomcat 6.0.39Apache Tomcat 7.0.12Apache Tomcat 7.0.62Apache Tomcat 8.0.17Apache Tomcat 7.0.53Apache Tomcat 6.0.4Apache Tomcat 7.0.20Apache Tomcat 6.0.11Apache Tomcat 7.0.34Apache Tomcat 8.0.26Apache Tomcat 7.0.55Apache Tomcat 7.0.4Apache Tomcat 7.0.63Apache Tomcat 8.0.20Apache Tomcat 7.0.22Apache Tomcat 7.0.39Apache Tomcat 7.0.26Apache Tomcat 9.0.0Apache Tomcat 7.0.28Apache Tomcat 8.0.1Apache Tomcat 8.0.0Apache Tomcat 7.0.59Apache Tomcat 7.0.65Apache Tomcat 6.0.44Apache Tomcat 7.0.50Apache Tomcat 7.0.6Apache Tomcat 6.0.20Apache Tomcat 8.0.12Apache Tomcat 7.0.14Apache Tomcat 6.0.10Apache Tomcat 8.0.27Apache Tomcat 8.0.15Apache Tomcat 6.0.29Apache Tomcat 7.0.11Apache Tomcat 7.0.67Apache Tomcat 7.0.23Apache Tomcat 7.0.0Apache Tomcat 6.0.1Apache Tomcat 6.0.24Apache Tomcat 8.0.22Apache Tomcat 8.0.29Apache Tomcat 6.0.37Apache Tomcat 7.0.52Apache Tomcat 7.0.42Apache Tomcat 6.0.32Apache Tomcat 6.0.28Apache Tomcat 7.0.37Apache Tomcat 7.0.29Apache Tomcat 8.0.11Apache Tomcat 8.0.24Apache Tomcat 8.0.23Apache Tomcat 7.0.47Apache Tomcat 7.0.5Apache Tomcat 8.0.21Apache Tomcat 6.0.14Apache Tomcat 7.0.41Apache Tomcat 7.0.30Apache Tomcat 7.0.19Apache Tomcat 7.0.16Apache Tomcat 6.0.41Apache Tomcat 7.0.10Apache Tomcat 8.0.18Apache Tomcat 7.0.25Apache Tomcat 7.0.54Apache Tomcat 7.0.35Apache Tomcat 7.0.61Apache Tomcat 8.0.3Apache Tomcat 6.0.18Apache Tomcat 7.0.57Apache Tomcat 6.0.2Apache Tomcat 8.0.14Apache Tomcat 7.0.32Apache Tomcat 6.0.43Apache Tomcat 7.0.21Apache Tomcat 7.0.27Apache Tomcat 7.0.40Apache Tomcat 6.0.30Apache Tomcat 6.0.13Apache Tomcat 7.0.56Apache Tomcat 6.0.26Apache Tomcat 8.0.28Apache Tomcat 7.0.64Apache Tomcat 6.0.35Apache Tomcat 6.0.16Apache Tomcat 6.0.36Apache Tomcat 7.0.33Debian Debian Linux 8.0Debian Debian Linux 7.0Canonical Ubuntu Linux 12.04Canonical Ubuntu Linux 16.04Canonical Ubuntu Linux 15.10Canonical Ubuntu Linux 14.04
6.8
CVSSv2
CVE-2016-6816
The code in Apache Tomcat 9.0.0.M1 to 9.0.0.M11, 8.5.0 to 8.5.6, 8.0.0.RC1 to 8.0.38, 7.0.0 to 7.0.72, and 6.0.0 to 6.0.47 that parsed the HTTP request line permitted invalid characters. This could be exploited, in conjunction with a proxy that also permitted the invalid...
Apache Tomcat 6.0.33Apache Tomcat 6.0.39Apache Tomcat 6.0.6Apache Tomcat 6.0.11Apache Tomcat 6.0.34Apache Tomcat 6.0.47Apache Tomcat 6.0.22Apache Tomcat 6.0.25Apache Tomcat 6.0.7Apache Tomcat 6.0.4Apache Tomcat 6.0.15Apache Tomcat 6.0.42Apache Tomcat 6.0.44Apache Tomcat 6.0.20Apache Tomcat 6.0.21Apache Tomcat 6.0.10Apache Tomcat 6.0.31Apache Tomcat 6.0.29Apache Tomcat 6.0.3Apache Tomcat 6.0.9Apache Tomcat 6.0.24Apache Tomcat 6.0.38Apache Tomcat 6.0.23Apache Tomcat 6.0.37Apache Tomcat 6.0.17Apache Tomcat 6.0.32Apache Tomcat 6.0.28Apache Tomcat 6.0.0Apache Tomcat 6.0.14Apache Tomcat 6.0.45Apache Tomcat 6.0.41Apache Tomcat 6.0.1Apache Tomcat 6.0.12Apache Tomcat 6.0.18Apache Tomcat 6.0.46Apache Tomcat 6.0.43Apache Tomcat 6.0.5Apache Tomcat 6.0.30Apache Tomcat 6.0.2Apache Tomcat 6.0.13Apache Tomcat 6.0.40Apache Tomcat 6.0.26Apache Tomcat 6.0.19Apache Tomcat 6.0.27Apache Tomcat 6.0.35Apache Tomcat 6.0.16Apache Tomcat 6.0.36Apache Tomcat 6.0.8Apache Tomcat 7.0.49Apache Tomcat 7.0.12Apache Tomcat 7.0.62Apache Tomcat 7.0.53Apache Tomcat 7.0.20Apache Tomcat 7.0.34Apache Tomcat 7.0.58Apache Tomcat 7.0.8Apache Tomcat 7.0.55Apache Tomcat 7.0.1Apache Tomcat 7.0.2Apache Tomcat 7.0.5Apache Tomcat 7.0.51Apache Tomcat 7.0.63Apache Tomcat 7.0.22Apache Tomcat 7.0.39Apache Tomcat 7.0.26Apache Tomcat 7.0.46Apache Tomcat 7.0.72Apache Tomcat 7.0.71Apache Tomcat 7.0.28Apache Tomcat 7.0.59Apache Tomcat 7.0.65Apache Tomcat 7.0.0Apache Tomcat 7.0.50Apache Tomcat 7.0.6Apache Tomcat 7.0.18Apache Tomcat 7.0.14Apache Tomcat 7.0.48Apache Tomcat 7.0.11Apache Tomcat 7.0.67Apache Tomcat 7.0.23Apache Tomcat 7.0.66Apache Tomcat 7.0.44Apache Tomcat 7.0.69Apache Tomcat 7.0.7Apache Tomcat 7.0.52Apache Tomcat 7.0.42Apache Tomcat 7.0.60Apache Tomcat 7.0.37Apache Tomcat 7.0.29Apache Tomcat 7.0.45Apache Tomcat 7.0.68Apache Tomcat 7.0.13Apache Tomcat 7.0.47Apache Tomcat 7.0.41Apache Tomcat 7.0.31Apache Tomcat 7.0.30Apache Tomcat 7.0.15Apache Tomcat 7.0.19Apache Tomcat 7.0.16Apache Tomcat 7.0.10Apache Tomcat 7.0.36Apache Tomcat 7.0.25Apache Tomcat 7.0.54Apache Tomcat 7.0.35Apache Tomcat 7.0.61Apache Tomcat 7.0.57Apache Tomcat 7.0.43Apache Tomcat 7.0.32Apache Tomcat 7.0.38Apache Tomcat 7.0.21Apache Tomcat 7.0.27Apache Tomcat 7.0.24Apache Tomcat 7.0.17Apache Tomcat 7.0.40Apache Tomcat 7.0.9Apache Tomcat 7.0.4Apache Tomcat 7.0.3Apache Tomcat 7.0.56Apache Tomcat 7.0.64Apache Tomcat 7.0.70Apache Tomcat 7.0.33Apache Tomcat 8.0.4Apache Tomcat 8.0.10Apache Tomcat 8.0.30Apache Tomcat 8.0.0Apache Tomcat 8.0.17Apache Tomcat 8.0.7Apache Tomcat 8.0.26Apache Tomcat 8.0.2Apache Tomcat 8.0.20Apache Tomcat 8.0.31Apache Tomcat 8.0.5Apache Tomcat 8.0.1Apache Tomcat 8.0.19Apache Tomcat 8.0.12Apache Tomcat 8.0.27Apache Tomcat 8.0.15Apache Tomcat 8.0.22Apache Tomcat 8.0.29Apache Tomcat 8.0.11Apache Tomcat 8.0.24Apache Tomcat 8.0.36Apache Tomcat 8.0.23Apache Tomcat 8.0.33Apache Tomcat 8.0.6Apache Tomcat 8.0.21Apache Tomcat 8.0.32Apache Tomcat 8.0.25Apache Tomcat 8.0.18Apache Tomcat 8.0.35Apache Tomcat 8.0.3Apache Tomcat 8.0.38Apache Tomcat 8.0.13Apache Tomcat 8.0.14Apache Tomcat 8.0.9Apache Tomcat 8.0.16Apache Tomcat 8.0.8Apache Tomcat 8.0.34Apache Tomcat 8.0.28Apache Tomcat 8.0.37Apache Tomcat 8.5.2Apache Tomcat 8.5.4Apache Tomcat 8.5.0Apache Tomcat 8.5.5Apache Tomcat 8.5.3Apache Tomcat 8.5.6Apache Tomcat 8.5.1Apache Tomcat 9.0.0
5
CVSSv2
CVE-2015-5345
The Mapper component in Apache Tomcat 6.x before 6.0.45, 7.x before 7.0.68, 8.x before 8.0.30, and 9.x before 9.0.0.M2 processes redirects before considering security constraints and Filters, which allows remote attackers to determine the existence of a directory via a URL that...
Debian Debian Linux 8.0Debian Debian Linux 7.0Apache Tomcat 7.0.2Apache Tomcat 6.0.33Apache Tomcat 6.0.0Apache Tomcat 6.0.39Apache Tomcat 7.0.12Apache Tomcat 7.0.62Apache Tomcat 8.0.17Apache Tomcat 7.0.53Apache Tomcat 6.0.4Apache Tomcat 7.0.20Apache Tomcat 6.0.11Apache Tomcat 7.0.34Apache Tomcat 8.0.26Apache Tomcat 7.0.55Apache Tomcat 7.0.4Apache Tomcat 7.0.63Apache Tomcat 8.0.20Apache Tomcat 7.0.22Apache Tomcat 7.0.39Apache Tomcat 7.0.26Apache Tomcat 9.0.0Apache Tomcat 7.0.28Apache Tomcat 8.0.1Apache Tomcat 8.0.0Apache Tomcat 7.0.59Apache Tomcat 7.0.65Apache Tomcat 6.0.44Apache Tomcat 7.0.50Apache Tomcat 7.0.6Apache Tomcat 6.0.20Apache Tomcat 8.0.12Apache Tomcat 7.0.14Apache Tomcat 6.0.10Apache Tomcat 8.0.27Apache Tomcat 8.0.15Apache Tomcat 6.0.29Apache Tomcat 7.0.11Apache Tomcat 7.0.23Apache Tomcat 7.0.0Apache Tomcat 6.0.1Apache Tomcat 6.0.24Apache Tomcat 8.0.22Apache Tomcat 8.0.29Apache Tomcat 6.0.37Apache Tomcat 7.0.52Apache Tomcat 7.0.42Apache Tomcat 6.0.32Apache Tomcat 6.0.28Apache Tomcat 7.0.37Apache Tomcat 7.0.29Apache Tomcat 8.0.11Apache Tomcat 8.0.24Apache Tomcat 8.0.23Apache Tomcat 7.0.47Apache Tomcat 7.0.5Apache Tomcat 8.0.21Apache Tomcat 6.0.14Apache Tomcat 7.0.41Apache Tomcat 7.0.30Apache Tomcat 7.0.19Apache Tomcat 7.0.16Apache Tomcat 6.0.41Apache Tomcat 7.0.10Apache Tomcat 8.0.18Apache Tomcat 7.0.25Apache Tomcat 7.0.54Apache Tomcat 7.0.35Apache Tomcat 7.0.61Apache Tomcat 8.0.3Apache Tomcat 6.0.18Apache Tomcat 7.0.57Apache Tomcat 6.0.2Apache Tomcat 8.0.14Apache Tomcat 7.0.32Apache Tomcat 6.0.43Apache Tomcat 7.0.21Apache Tomcat 7.0.27Apache Tomcat 7.0.40Apache Tomcat 6.0.30Apache Tomcat 6.0.13Apache Tomcat 7.0.56Apache Tomcat 6.0.26Apache Tomcat 8.0.28Apache Tomcat 7.0.64Apache Tomcat 6.0.35Apache Tomcat 6.0.16Apache Tomcat 6.0.36Apache Tomcat 7.0.33Canonical Ubuntu Linux 12.04Canonical Ubuntu Linux 16.04Canonical Ubuntu Linux 15.10Canonical Ubuntu Linux 14.04
5
CVSSv2
CVE-2016-8745
A bug in the error handling of the send file code for the NIO HTTP connector in Apache Tomcat 9.0.0.M1 to 9.0.0.M13, 8.5.0 to 8.5.8, 8.0.0.RC1 to 8.0.39, 7.0.0 to 7.0.73 and 6.0.16 to 6.0.48 resulted in the current Processor object being added to the Processor cache multiple...
Apache Tomcat 8.0.4Apache Tomcat 8.0.10Apache Tomcat 7.0.49Apache Tomcat 8.0.30Apache Tomcat 7.0.12Apache Tomcat 7.0.62Apache Tomcat 8.0.17Apache Tomcat 7.0.53Apache Tomcat 7.0.20Apache Tomcat 8.0.7Apache Tomcat 7.0.34Apache Tomcat 8.0.26Apache Tomcat 7.0.58Apache Tomcat 8.5.2Apache Tomcat 7.0.8Apache Tomcat 7.0.55Apache Tomcat 8.5.4Apache Tomcat 7.0.1Apache Tomcat 7.0.2Apache Tomcat 7.0.5Apache Tomcat 8.0.2Apache Tomcat 7.0.63Apache Tomcat 9.0.0Apache Tomcat 8.0.20Apache Tomcat 7.0.22Apache Tomcat 8.0.31Apache Tomcat 8.5.0Apache Tomcat 7.0.39Apache Tomcat 7.0.26Apache Tomcat 7.0.46Apache Tomcat 7.0.72Apache Tomcat 8.0.5Apache Tomcat 7.0.71Apache Tomcat 7.0.28Apache Tomcat 8.0.1Apache Tomcat 8.0.0Apache Tomcat 7.0.59Apache Tomcat 7.0.65Apache Tomcat 8.0.19Apache Tomcat 7.0.0Apache Tomcat 7.0.50Apache Tomcat 7.0.6Apache Tomcat 8.0Apache Tomcat 8.0.39Apache Tomcat 7.0.18Apache Tomcat 8.0.12Apache Tomcat 7.0.14Apache Tomcat 8.0.27Apache Tomcat 8.0.15Apache Tomcat 7.0.48Apache Tomcat 7.0.11Apache Tomcat 7.0.67Apache Tomcat 7.0.23Apache Tomcat 7.0.66Apache Tomcat 8.0.22Apache Tomcat 7.0.44Apache Tomcat 7.0.69Apache Tomcat 8.0.29Apache Tomcat 7.0.7Apache Tomcat 7.0.52Apache Tomcat 7.0.42Apache Tomcat 7.0.60Apache Tomcat 7.0.37Apache Tomcat 7.0.29Apache Tomcat 7.0.45Apache Tomcat 8.0.11Apache Tomcat 8.0.24Apache Tomcat 8.0.36Apache Tomcat 7.0.68Apache Tomcat 8.5.5Apache Tomcat 8.0.23Apache Tomcat 8.5.3Apache Tomcat 8.0.33Apache Tomcat 7.0.13Apache Tomcat 7.0.47Apache Tomcat 8.5.6Apache Tomcat 8.0.6Apache Tomcat 8.0.21Apache Tomcat 8.0.32Apache Tomcat 7.0.41Apache Tomcat 7.0.31Apache Tomcat 7.0.30Apache Tomcat 7.0.15Apache Tomcat 7.0.19Apache Tomcat 7.0.16Apache Tomcat 8.0.25Apache Tomcat 7.0.36Apache Tomcat 8.0.18Apache Tomcat 7.0.25Apache Tomcat 7.0.54Apache Tomcat 8.0.35Apache Tomcat 7.0.35Apache Tomcat 7.0.61Apache Tomcat 8.0.3Apache Tomcat 8.0.38Apache Tomcat 7.0.57Apache Tomcat 7.0.43Apache Tomcat 8.0.13Apache Tomcat 8.0.14Apache Tomcat 8.0.9Apache Tomcat 7.0.32Apache Tomcat 7.0.38Apache Tomcat 7.0.21Apache Tomcat 7.0.27Apache Tomcat 8.5.7Apache Tomcat 8.5.8Apache Tomcat 7.0.24Apache Tomcat 7.0.17Apache Tomcat 7.0.40Apache Tomcat 8.0.16Apache Tomcat 7.0.9Apache Tomcat 7.0.4Apache Tomcat 8.0.8Apache Tomcat 7.0.3Apache Tomcat 7.0.56Apache Tomcat 8.0.34Apache Tomcat 8.0.28Apache Tomcat 7.0.64Apache Tomcat 8.0.37Apache Tomcat 7.0.70Apache Tomcat 8.5.1Apache Tomcat 7.0.33Apache Tomcat 7.0.73
5
CVSSv2
CVE-2017-5664
The error page mechanism of the Java Servlet Specification requires that, when an error occurs and an error page is configured for the error that occurred, the original request and response are forwarded to the error page. This means that the request is presented to the error...
Apache Tomcat 7.0.2Apache Tomcat 7.0.49Apache Tomcat 7.0.12Apache Tomcat 7.0.62Apache Tomcat 7.0.20Apache Tomcat 7.0.34Apache Tomcat 7.0.58Apache Tomcat 7.0.8Apache Tomcat 7.0.55Apache Tomcat 7.0.1Apache Tomcat 7.0.5Apache Tomcat 7.0.51Apache Tomcat 7.0.4Apache Tomcat 7.0.63Apache Tomcat 7.0.22Apache Tomcat 7.0.39Apache Tomcat 7.0.26Apache Tomcat 7.0.46Apache Tomcat 7.0.72Apache Tomcat 7.0.76Apache Tomcat 7.0.71Apache Tomcat 7.0.28Apache Tomcat 7.0.59Apache Tomcat 7.0.65Apache Tomcat 7.0.0Apache Tomcat 7.0.50Apache Tomcat 7.0.6Apache Tomcat 7.0.18Apache Tomcat 7.0.14Apache Tomcat 7.0.48Apache Tomcat 7.0.11Apache Tomcat 7.0.67Apache Tomcat 7.0.74Apache Tomcat 7.0.23Apache Tomcat 7.0.66Apache Tomcat 7.0.44Apache Tomcat 7.0.69Apache Tomcat 7.0.7Apache Tomcat 7.0.42Apache Tomcat 7.0.60Apache Tomcat 7.0.37Apache Tomcat 7.0.29Apache Tomcat 7.0.45Apache Tomcat 7.0.68Apache Tomcat 7.0.13Apache Tomcat 7.0.47Apache Tomcat 7.0.41Apache Tomcat 7.0.31Apache Tomcat 7.0.30Apache Tomcat 7.0.15Apache Tomcat 7.0.19Apache Tomcat 7.0.75Apache Tomcat 7.0.16Apache Tomcat 7.0.10Apache Tomcat 7.0.36Apache Tomcat 7.0.25Apache Tomcat 7.0.54Apache Tomcat 7.0.35Apache Tomcat 7.0.61Apache Tomcat 7.0.57Apache Tomcat 7.0.43Apache Tomcat 7.0.32Apache Tomcat 7.0.38Apache Tomcat 7.0.21Apache Tomcat 7.0.27Apache Tomcat 7.0.24Apache Tomcat 7.0.17Apache Tomcat 7.0.40Apache Tomcat 7.0.9Apache Tomcat 7.0.3Apache Tomcat 7.0.77Apache Tomcat 7.0.56Apache Tomcat 7.0.64Apache Tomcat 7.0.70Apache Tomcat 7.0.33Apache Tomcat 7.0.73Apache Tomcat 8.0.4Apache Tomcat 8.0.10Apache Tomcat 8.0.30Apache Tomcat 8.0.17Apache Tomcat 8.0.7Apache Tomcat 8.0.26Apache Tomcat 8.0.40Apache Tomcat 8.0.2Apache Tomcat 8.0.20Apache Tomcat 8.0.31Apache Tomcat 8.0.5Apache Tomcat 8.0.1Apache Tomcat 8.0.0Apache Tomcat 8.0.19Apache Tomcat 8.0.39Apache Tomcat 8.0.12Apache Tomcat 8.0.27Apache Tomcat 8.0.15Apache Tomcat 8.0.22Apache Tomcat 8.0.29Apache Tomcat 8.0.42Apache Tomcat 8.0.11Apache Tomcat 8.0.24Apache Tomcat 8.0.36Apache Tomcat 8.0.23Apache Tomcat 8.0.33Apache Tomcat 8.0.6Apache Tomcat 8.0.21Apache Tomcat 8.0.32Apache Tomcat 8.0.41Apache Tomcat 8.0.25Apache Tomcat 8.0.18Apache Tomcat 8.0.35Apache Tomcat 8.0.3Apache Tomcat 8.0.38Apache Tomcat 8.0.13Apache Tomcat 8.0.14Apache Tomcat 8.0.9Apache Tomcat 8.0.43Apache Tomcat 8.0.16Apache Tomcat 8.0.34Apache Tomcat 8.0.28Apache Tomcat 8.0.37Apache Tomcat 8.5.2Apache Tomcat 8.5.9Apache Tomcat 8.5.4Apache Tomcat 8.5.0Apache Tomcat 8.5.10Apache Tomcat 8.5.13Apache Tomcat 8.5.14Apache Tomcat 8.5.5Apache Tomcat 8.5.3Apache Tomcat 8.5.6Apache Tomcat 8.5.7Apache Tomcat 8.5.8Apache Tomcat 8.5.12Apache Tomcat 8.5.11Apache Tomcat 8.5.1Apache Tomcat 9.0.0
7.5
CVSSv2
CVE-2016-8735
Remote code execution is possible with Apache Tomcat before 6.0.48, 7.x before 7.0.73, 8.x before 8.0.39, 8.5.x before 8.5.7, and 9.x before 9.0.0.M12 if JmxRemoteLifecycleListener is used and an attacker can reach JMX ports. The issue exists because this listener wasn't...
Apache Tomcat 6.0.33Apache Tomcat 6.0.39Apache Tomcat 6.0.6Apache Tomcat 6.0.11Apache Tomcat 6.0.34Apache Tomcat 6.0.47Apache Tomcat 6.0.22Apache Tomcat 6.0.25Apache Tomcat 6.0.7Apache Tomcat 6.0.4Apache Tomcat 6.0.15Apache Tomcat 6.0.42Apache Tomcat 6.0.44Apache Tomcat 6.0.20Apache Tomcat 6.0.21Apache Tomcat 6.0.10Apache Tomcat 6.0.31Apache Tomcat 6.0.29Apache Tomcat 6.0.3Apache Tomcat 6.0.9Apache Tomcat 6.0.24Apache Tomcat 6.0.38Apache Tomcat 6.0.23Apache Tomcat 6.0.37Apache Tomcat 6.0.17Apache Tomcat 6.0.32Apache Tomcat 6.0.28Apache Tomcat 6.0.0Apache Tomcat 6.0.14Apache Tomcat 6.0.45Apache Tomcat 6.0.41Apache Tomcat 6.0.1Apache Tomcat 6.0.12Apache Tomcat 6.0.18Apache Tomcat 6.0.46Apache Tomcat 6.0.43Apache Tomcat 6.0.5Apache Tomcat 6.0.30Apache Tomcat 6.0.2Apache Tomcat 6.0.13Apache Tomcat 6.0.40Apache Tomcat 6.0.26Apache Tomcat 6.0.19Apache Tomcat 6.0.27Apache Tomcat 6.0.35Apache Tomcat 6.0.16Apache Tomcat 6.0.36Apache Tomcat 6.0.8Apache Tomcat 7.0.49Apache Tomcat 7.0.12Apache Tomcat 7.0.62Apache Tomcat 7.0.53Apache Tomcat 7.0.20Apache Tomcat 7.0.34Apache Tomcat 7.0.58Apache Tomcat 7.0.8Apache Tomcat 7.0.55Apache Tomcat 7.0.1Apache Tomcat 7.0.2Apache Tomcat 7.0.5Apache Tomcat 7.0.51Apache Tomcat 7.0.63Apache Tomcat 7.0.22Apache Tomcat 7.0.39Apache Tomcat 7.0.26Apache Tomcat 7.0.46Apache Tomcat 7.0.72Apache Tomcat 7.0.71Apache Tomcat 7.0.28Apache Tomcat 7.0.59Apache Tomcat 7.0.65Apache Tomcat 7.0.0Apache Tomcat 7.0.50Apache Tomcat 7.0.6Apache Tomcat 7.0.18Apache Tomcat 7.0.14Apache Tomcat 7.0.48Apache Tomcat 7.0.11Apache Tomcat 7.0.67Apache Tomcat 7.0.23Apache Tomcat 7.0.66Apache Tomcat 7.0.44Apache Tomcat 7.0.69Apache Tomcat 7.0.7Apache Tomcat 7.0.52Apache Tomcat 7.0.42Apache Tomcat 7.0.60Apache Tomcat 7.0.37Apache Tomcat 7.0.29Apache Tomcat 7.0.45Apache Tomcat 7.0.68Apache Tomcat 7.0.13Apache Tomcat 7.0.47Apache Tomcat 7.0.41Apache Tomcat 7.0.31Apache Tomcat 7.0.30Apache Tomcat 7.0.15Apache Tomcat 7.0.19Apache Tomcat 7.0.16Apache Tomcat 7.0.10Apache Tomcat 7.0.36Apache Tomcat 7.0.25Apache Tomcat 7.0.54Apache Tomcat 7.0.35Apache Tomcat 7.0.61Apache Tomcat 7.0.57Apache Tomcat 7.0.43Apache Tomcat 7.0.32Apache Tomcat 7.0.38Apache Tomcat 7.0.21Apache Tomcat 7.0.27Apache Tomcat 7.0.24Apache Tomcat 7.0.17Apache Tomcat 7.0.40Apache Tomcat 7.0.9Apache Tomcat 7.0.4Apache Tomcat 7.0.3Apache Tomcat 7.0.56Apache Tomcat 7.0.64Apache Tomcat 7.0.70Apache Tomcat 7.0.33Apache Tomcat 8.0.4Apache Tomcat 8.0.10Apache Tomcat 8.0.30Apache Tomcat 8.0.0Apache Tomcat 8.0.17Apache Tomcat 8.0.7Apache Tomcat 8.0.26Apache Tomcat 8.0.2Apache Tomcat 8.0.20Apache Tomcat 8.0.31Apache Tomcat 8.0.5Apache Tomcat 8.0.1Apache Tomcat 8.0.19Apache Tomcat 8.0.12Apache Tomcat 8.0.27Apache Tomcat 8.0.15Apache Tomcat 8.0.22Apache Tomcat 8.0.29Apache Tomcat 8.0.11Apache Tomcat 8.0.24Apache Tomcat 8.0.36Apache Tomcat 8.0.23Apache Tomcat 8.0.33Apache Tomcat 8.0.6Apache Tomcat 8.0.21Apache Tomcat 8.0.32Apache Tomcat 8.0.25Apache Tomcat 8.0.18Apache Tomcat 8.0.35Apache Tomcat 8.0.3Apache Tomcat 8.0.38Apache Tomcat 8.0.13Apache Tomcat 8.0.14Apache Tomcat 8.0.9Apache Tomcat 8.0.16Apache Tomcat 8.0.8Apache Tomcat 8.0.34Apache Tomcat 8.0.28Apache Tomcat 8.0.37Apache Tomcat 8.5.2Apache Tomcat 8.5.4Apache Tomcat 8.5.0Apache Tomcat 8.5.5Apache Tomcat 8.5.3Apache Tomcat 8.5.6Apache Tomcat 8.5.1Apache Tomcat 9.0.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-23397CVE-2023-43472CVE-2023-49103CVE-2023-33022CVE-2023-42563path traversalIDORrace conditionCVE-2023-48316
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook