Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

apache tomcat 8.5.10 vulnerabilities and exploits

(subscribe to this query)

4.3
CVSSv3
CVE-2020-13943
If an HTTP/2 client connecting to Apache Tomcat 10.0.0-M1 to 10.0.0-M7, 9.0.0.M1 to 9.0.37 or 8.5.0 to 8.5.57 exceeded the agreed maximum number of concurrent streams for a connection (in violation of the HTTP/2 protocol), it was possible that a subsequent request made on that...
Apache Tomcat 8.5.2Apache Tomcat 8.5.9Apache Tomcat 8.5.4Apache Tomcat 8.5.0Apache Tomcat 8.5.15Apache Tomcat 8.5.10Apache Tomcat 8.5.13Apache Tomcat 8.5.14Apache Tomcat 8.5.5Apache Tomcat 8.5.3Apache Tomcat 8.5.6Apache Tomcat 8.5.7Apache Tomcat 8.5.8Apache Tomcat 8.5.12Apache Tomcat 8.5.11Apache Tomcat 8.5.1Apache Tomcat 8.5.16Apache Tomcat 8.5.17Apache Tomcat 8.5.18Apache Tomcat 8.5.19Apache Tomcat 8.5.20Apache Tomcat 8.5.21Apache Tomcat 8.5.22Apache Tomcat 9.0.1Apache Tomcat 9.0.2Apache Tomcat 9.0.3Apache Tomcat 9.0.4Apache Tomcat 9.0.0Apache Tomcat 10.0.0Apache Tomcat 9.0.5Apache Tomcat 9.0.6Apache Tomcat 9.0.7Apache Tomcat 9.0.8Apache Tomcat 9.0.9Apache Tomcat 9.0.10Apache Tomcat 9.0.11Apache Tomcat 9.0.12Apache Tomcat 9.0.13Apache Tomcat 9.0.14Apache Tomcat 9.0.15Apache Tomcat 9.0.16Apache Tomcat 9.0.17Apache Tomcat 9.0.18Apache Tomcat 9.0.19Apache Tomcat 9.0.20Apache Tomcat 9.0.21Apache Tomcat 9.0.22Apache Tomcat 9.0.23Apache Tomcat 9.0.24Apache Tomcat 9.0.25Apache Tomcat 9.0.26Apache Tomcat 9.0.27Apache Tomcat 9.0.28Apache Tomcat 9.0.29Apache Tomcat 9.0.30Apache Tomcat 9.0.31Apache Tomcat 9.0.32Apache Tomcat 9.0.33Apache Tomcat 9.0.34Apache Tomcat 9.0.35Apache Tomcat 9.0.36Apache Tomcat 9.0.37Apache Tomcat 8.5.23Apache Tomcat 8.5.24Apache Tomcat 8.5.25Apache Tomcat 8.5.26Apache Tomcat 8.5.27Apache Tomcat 8.5.28Apache Tomcat 8.5.29Apache Tomcat 8.5.30Apache Tomcat 8.5.31Apache Tomcat 8.5.32Apache Tomcat 8.5.33Apache Tomcat 8.5.34Apache Tomcat 8.5.35Apache Tomcat 8.5.36Apache Tomcat 8.5.37Apache Tomcat 8.5.38Apache Tomcat 8.5.39Apache Tomcat 8.5.40Apache Tomcat 8.5.41Apache Tomcat 8.5.42Apache Tomcat 8.5.43Apache Tomcat 8.5.44Apache Tomcat 8.5.45Apache Tomcat 8.5.46Apache Tomcat 8.5.47Apache Tomcat 8.5.48Apache Tomcat 8.5.49Apache Tomcat 8.5.50Apache Tomcat 8.5.51Apache Tomcat 8.5.52Apache Tomcat 8.5.53Apache Tomcat 8.5.54Apache Tomcat 8.5.55Apache Tomcat 8.5.56Apache Tomcat 8.5.57Debian Debian Linux 9.0Debian Debian Linux 10.0Oracle Instantis Enterprisetrack 17.1Oracle Instantis Enterprisetrack 17.2Oracle Instantis Enterprisetrack 17.3Oracle Sd-wan Edge 9.0
8.1
CVSSv3
CVE-2017-12617
When running Apache Tomcat versions 9.0.0.M1 to 9.0.0, 8.5.0 to 8.5.22, 8.0.0.RC1 to 8.0.46 and 7.0.0 to 7.0.81 with HTTP PUTs enabled (e.g. via setting the readonly initialisation parameter of the Default servlet to false) it was possible to upload a JSP file to the server via...
Apache Tomcat 9.0.0Apache Tomcat 8.5.1Apache Tomcat 8.5.2Apache Tomcat 8.5.9Apache Tomcat 8.5.10Apache Tomcat 8.5.17Apache Tomcat 8.5.18Apache Tomcat 8.0.0Apache Tomcat 8.0.1Apache Tomcat 8.0.11Apache Tomcat 8.0.12Apache Tomcat 8.0.19Apache Tomcat 8.0.20Apache Tomcat 8.0.28Apache Tomcat 8.0.29Apache Tomcat 8.0.36Apache Tomcat 8.0.37Apache Tomcat 8.0.44Apache Tomcat 8.0.45Apache Tomcat 7.0.4Apache Tomcat 7.0.5Apache Tomcat 7.0.11Apache Tomcat 7.0.12Apache Tomcat 7.0.19Apache Tomcat 7.0.20Apache Tomcat 7.0.21Apache Tomcat 7.0.28Apache Tomcat 7.0.29Apache Tomcat 7.0.36Apache Tomcat 7.0.37Apache Tomcat 7.0.45Apache Tomcat 7.0.46Apache Tomcat 7.0.55Apache Tomcat 7.0.56Apache Tomcat 7.0.63Apache Tomcat 7.0.64Apache Tomcat 7.0.72Apache Tomcat 7.0.73Apache Tomcat 7.0.81Apache Tomcat 8.5.5Apache Tomcat 8.5.6Apache Tomcat 8.5.13Apache Tomcat 8.5.14Apache Tomcat 8.5.21Apache Tomcat 8.5.22Apache Tomcat 8.0.6Apache Tomcat 8.0.7Apache Tomcat 8.0.15Apache Tomcat 8.0.16Apache Tomcat 8.0.23Apache Tomcat 8.0.24Apache Tomcat 8.0.25Apache Tomcat 8.0.32Apache Tomcat 8.0.33Apache Tomcat 8.0.40Apache Tomcat 8.0.41Apache Tomcat 7.0.2Apache Tomcat 7.0.7Apache Tomcat 7.0.8Apache Tomcat 7.0.15Apache Tomcat 7.0.16Apache Tomcat 7.0.24Apache Tomcat 7.0.25Apache Tomcat 7.0.32Apache Tomcat 7.0.33Apache Tomcat 7.0.40Apache Tomcat 7.0.41Apache Tomcat 7.0.49Apache Tomcat 7.0.50Apache Tomcat 7.0.59Apache Tomcat 7.0.60Apache Tomcat 7.0.67Apache Tomcat 7.0.68Apache Tomcat 7.0.76Apache Tomcat 7.0.77Apache Tomcat 8.5.0Apache Tomcat 8.5.7Apache Tomcat 8.5.8Apache Tomcat 8.5.15Apache Tomcat 8.5.16Apache Tomcat 8.0.9Apache Tomcat 8.0.10Apache Tomcat 8.0.17Apache Tomcat 8.0.18Apache Tomcat 8.0.26Apache Tomcat 8.0.27Apache Tomcat 8.0.34Apache Tomcat 8.0.35Apache Tomcat 8.0.42Apache Tomcat 8.0.43Apache Tomcat 7.0.3Apache Tomcat 7.0.9Apache Tomcat 7.0.10Apache Tomcat 7.0.17Apache Tomcat 7.0.18Apache Tomcat 7.0.26Apache Tomcat 7.0.27Apache Tomcat 7.0.34Apache Tomcat 7.0.35Apache Tomcat 7.0.42Apache Tomcat 7.0.43Apache Tomcat 7.0.44Apache Tomcat 7.0.51Apache Tomcat 7.0.54Apache Tomcat 7.0.61Apache Tomcat 7.0.62Apache Tomcat 7.0.69Apache Tomcat 7.0.70Apache Tomcat 7.0.71Apache Tomcat 7.0.79Apache Tomcat 7.0.80Apache Tomcat 8.5.3Apache Tomcat 8.5.4Apache Tomcat 8.5.11Apache Tomcat 8.5.12Apache Tomcat 8.5.19Apache Tomcat 8.5.20Apache Tomcat 8.0.2Apache Tomcat 8.0.4Apache Tomcat 8.0.13Apache Tomcat 8.0.14Apache Tomcat 8.0.21Apache Tomcat 8.0.22Apache Tomcat 8.0.30Apache Tomcat 8.0.31Apache Tomcat 8.0.38Apache Tomcat 8.0.39Apache Tomcat 8.0.46Apache Tomcat 7.0.0Apache Tomcat 7.0.1Apache Tomcat 7.0.6Apache Tomcat 7.0.13Apache Tomcat 7.0.14Apache Tomcat 7.0.22Apache Tomcat 7.0.23Apache Tomcat 7.0.30Apache Tomcat 7.0.31Apache Tomcat 7.0.38Apache Tomcat 7.0.39Apache Tomcat 7.0.47Apache Tomcat 7.0.48Apache Tomcat 7.0.57Apache Tomcat 7.0.58Apache Tomcat 7.0.65Apache Tomcat 7.0.66Apache Tomcat 7.0.74Apache Tomcat 7.0.75
7.5
CVSSv3
CVE-2017-7675
The HTTP/2 implementation in Apache Tomcat 9.0.0.M1 to 9.0.0.M21 and 8.5.0 to 8.5.15 bypassed a number of security checks that prevented directory traversal attacks. It was therefore possible to bypass security constraints using a specially crafted URL....
Apache Tomcat 8.5.6Apache Tomcat 8.5.7Apache Tomcat 8.5.15Apache Tomcat 9.0.0Apache Tomcat 8.5.2Apache Tomcat 8.5.3Apache Tomcat 8.5.11Apache Tomcat 8.5.12Apache Tomcat 8.5.0Apache Tomcat 8.5.1Apache Tomcat 8.5.8Apache Tomcat 8.5.9Apache Tomcat 8.5.10Apache Tomcat 8.5.4Apache Tomcat 8.5.5Apache Tomcat 8.5.13Apache Tomcat 8.5.14
4.3
CVSSv3
CVE-2017-7674
The CORS Filter in Apache Tomcat 9.0.0.M1 to 9.0.0.M21, 8.5.0 to 8.5.15, 8.0.0.RC1 to 8.0.44 and 7.0.41 to 7.0.78 did not add an HTTP Vary header indicating that the response varies depending on Origin. This permitted client and server side cache poisoning in some circumstances....
Apache Tomcat 9.0.0Apache Tomcat 8.5.6Apache Tomcat 8.5.7Apache Tomcat 8.5.15Apache Tomcat 8.0.37Apache Tomcat 8.0.44Apache Tomcat 7.0.78Apache Tomcat 7.0.77Apache Tomcat 7.0.41Apache Tomcat 7.0.42Apache Tomcat 7.0.49Apache Tomcat 7.0.50Apache Tomcat 7.0.58Apache Tomcat 7.0.59Apache Tomcat 7.0.67Apache Tomcat 7.0.68Apache Tomcat 8.0Apache Tomcat 8.0.1Apache Tomcat 8.0.8Apache Tomcat 8.0.9Apache Tomcat 8.0.17Apache Tomcat 8.0.18Apache Tomcat 8.0.25Apache Tomcat 8.0.26Apache Tomcat 8.0.33Apache Tomcat 8.0.34Apache Tomcat 8.5.11Apache Tomcat 8.5.12Apache Tomcat 8.0.40Apache Tomcat 8.0.41Apache Tomcat 7.0.73Apache Tomcat 7.0.74Apache Tomcat 7.0.45Apache Tomcat 7.0.46Apache Tomcat 7.0.54Apache Tomcat 7.0.55Apache Tomcat 7.0.62Apache Tomcat 7.0.63Apache Tomcat 8.0.0Apache Tomcat 8.0.4Apache Tomcat 8.0.5Apache Tomcat 8.0.12Apache Tomcat 8.0.13Apache Tomcat 8.0.14Apache Tomcat 8.0.21Apache Tomcat 8.0.22Apache Tomcat 8.0.29Apache Tomcat 8.0.30Apache Tomcat 8.5.0Apache Tomcat 8.5.1Apache Tomcat 8.5.2Apache Tomcat 8.5.8Apache Tomcat 8.5.9Apache Tomcat 8.5.10Apache Tomcat 8.0.38Apache Tomcat 8.0.39Apache Tomcat 7.0.71Apache Tomcat 7.0.72Apache Tomcat 7.0.43Apache Tomcat 7.0.44Apache Tomcat 7.0.52Apache Tomcat 7.0.53Apache Tomcat 7.0.60Apache Tomcat 7.0.61Apache Tomcat 7.0.69Apache Tomcat 7.0.70Apache Tomcat 8.0.2Apache Tomcat 8.0.3Apache Tomcat 8.0.10Apache Tomcat 8.0.11Apache Tomcat 8.0.19Apache Tomcat 8.0.20Apache Tomcat 8.0.27Apache Tomcat 8.0.28Apache Tomcat 8.0.35Apache Tomcat 8.0.36Apache Tomcat 8.5.5Apache Tomcat 8.5.13Apache Tomcat 8.5.14Apache Tomcat 8.0.42Apache Tomcat 8.0.43Apache Tomcat 7.0.75Apache Tomcat 7.0.76Apache Tomcat 7.0.47Apache Tomcat 7.0.48Apache Tomcat 7.0.56Apache Tomcat 7.0.57Apache Tomcat 7.0.64Apache Tomcat 7.0.65Apache Tomcat 7.0.66Apache Tomcat 8.0.6Apache Tomcat 8.0.7Apache Tomcat 8.0.15Apache Tomcat 8.0.16Apache Tomcat 8.0.23Apache Tomcat 8.0.24Apache Tomcat 8.0.31Apache Tomcat 8.0.32Apache Tomcat 8.5.3Apache Tomcat 8.5.4
7.5
CVSSv3
CVE-2017-5664
The error page mechanism of the Java Servlet Specification requires that, when an error occurs and an error page is configured for the error that occurred, the original request and response are forwarded to the error page. This means that the request is presented to the error...
Apache Tomcat 7.0.4Apache Tomcat 7.0.10Apache Tomcat 7.0.11Apache Tomcat 7.0.18Apache Tomcat 7.0.19Apache Tomcat 7.0.20Apache Tomcat 7.0.27Apache Tomcat 7.0.28Apache Tomcat 7.0.35Apache Tomcat 7.0.36Apache Tomcat 7.0.44Apache Tomcat 7.0.45Apache Tomcat 7.0.54Apache Tomcat 7.0.55Apache Tomcat 7.0.62Apache Tomcat 7.0.63Apache Tomcat 7.0.71Apache Tomcat 7.0.72Apache Tomcat 7.0.1Apache Tomcat 7.0.2Apache Tomcat 7.0.6Apache Tomcat 7.0.7Apache Tomcat 7.0.14Apache Tomcat 7.0.15Apache Tomcat 7.0.23Apache Tomcat 7.0.24Apache Tomcat 7.0.31Apache Tomcat 7.0.32Apache Tomcat 7.0.39Apache Tomcat 7.0.40Apache Tomcat 7.0.48Apache Tomcat 7.0.49Apache Tomcat 7.0.58Apache Tomcat 7.0.59Apache Tomcat 7.0.66Apache Tomcat 7.0.67Apache Tomcat 7.0.75Apache Tomcat 7.0.76Apache Tomcat 7.0.3Apache Tomcat 7.0.8Apache Tomcat 7.0.9Apache Tomcat 7.0.16Apache Tomcat 7.0.17Apache Tomcat 7.0.25Apache Tomcat 7.0.26Apache Tomcat 7.0.33Apache Tomcat 7.0.34Apache Tomcat 7.0.41Apache Tomcat 7.0.42Apache Tomcat 7.0.43Apache Tomcat 7.0.50Apache Tomcat 7.0.51Apache Tomcat 7.0.60Apache Tomcat 7.0.61Apache Tomcat 7.0.68Apache Tomcat 7.0.69Apache Tomcat 7.0.70Apache Tomcat 7.0.77Apache Tomcat 7.0.0Apache Tomcat 7.0.5Apache Tomcat 7.0.12Apache Tomcat 7.0.13Apache Tomcat 7.0.21Apache Tomcat 7.0.22Apache Tomcat 7.0.29Apache Tomcat 7.0.30Apache Tomcat 7.0.37Apache Tomcat 7.0.38Apache Tomcat 7.0.46Apache Tomcat 7.0.47Apache Tomcat 7.0.56Apache Tomcat 7.0.57Apache Tomcat 7.0.64Apache Tomcat 7.0.65Apache Tomcat 7.0.73Apache Tomcat 7.0.74Apache Tomcat 8.0.3Apache Tomcat 8.0.4Apache Tomcat 8.0.13Apache Tomcat 8.0.14Apache Tomcat 8.0.21Apache Tomcat 8.0.22Apache Tomcat 8.0.29Apache Tomcat 8.0.30Apache Tomcat 8.0.38Apache Tomcat 8.0.39Apache Tomcat 8.0.0Apache Tomcat 8.0.7Apache Tomcat 8.0.9Apache Tomcat 8.0.17Apache Tomcat 8.0.18Apache Tomcat 8.0.25Apache Tomcat 8.0.26Apache Tomcat 8.0.33Apache Tomcat 8.0.34Apache Tomcat 8.0.42Apache Tomcat 8.0.43Apache Tomcat 8.0.1Apache Tomcat 8.0.2Apache Tomcat 8.0.10Apache Tomcat 8.0.11Apache Tomcat 8.0.12Apache Tomcat 8.0.19Apache Tomcat 8.0.20Apache Tomcat 8.0.27Apache Tomcat 8.0.28Apache Tomcat 8.0.35Apache Tomcat 8.0.36Apache Tomcat 8.0.37Apache Tomcat 8.0.5Apache Tomcat 8.0.6Apache Tomcat 8.0.15Apache Tomcat 8.0.16Apache Tomcat 8.0.23Apache Tomcat 8.0.24Apache Tomcat 8.0.31Apache Tomcat 8.0.32Apache Tomcat 8.0.40Apache Tomcat 8.0.41Apache Tomcat 8.5.1Apache Tomcat 8.5.2Apache Tomcat 8.5.9Apache Tomcat 8.5.10Apache Tomcat 8.5.5Apache Tomcat 8.5.6Apache Tomcat 8.5.13Apache Tomcat 8.5.14Apache Tomcat 8.5.0Apache Tomcat 8.5.7Apache Tomcat 8.5.8Apache Tomcat 8.5.3Apache Tomcat 8.5.4Apache Tomcat 8.5.11Apache Tomcat 8.5.12Apache Tomcat 9.0.0
7.5
CVSSv3
CVE-2017-5650
In Apache Tomcat 9.0.0.M1 to 9.0.0.M18 and 8.5.0 to 8.5.12, the handling of an HTTP/2 GOAWAY frame for a connection did not close streams associated with that connection that were currently waiting for a WINDOW_UPDATE before allowing the application to write more data. These...
Apache Tomcat 8.5.1Apache Tomcat 8.5.2Apache Tomcat 8.5.10Apache Tomcat 8.5.11Apache Tomcat 8.5.5Apache Tomcat 8.5.6Apache Tomcat 8.5.7Apache Tomcat 8.5.8Apache Tomcat 8.5.9Apache Tomcat 8.5.3Apache Tomcat 8.5.4Apache Tomcat 8.5.12Apache Tomcat 8.5.0Apache Tomcat 9.0.0
9.1
CVSSv3
CVE-2017-5648
While investigating bug 60718, it was noticed that some calls to application listeners in Apache Tomcat 9.0.0.M1 to 9.0.0.M17, 8.5.0 to 8.5.11, 8.0.0.RC1 to 8.0.41, and 7.0.0 to 7.0.75 did not use the appropriate facade object. When running an untrusted application under a...
Apache Tomcat 7.0.75Apache Tomcat 7.0.0Apache Tomcat 7.0.1Apache Tomcat 7.0.8Apache Tomcat 7.0.9Apache Tomcat 7.0.16Apache Tomcat 7.0.17Apache Tomcat 7.0.25Apache Tomcat 7.0.26Apache Tomcat 7.0.33Apache Tomcat 7.0.34Apache Tomcat 7.0.41Apache Tomcat 7.0.42Apache Tomcat 7.0.50Apache Tomcat 7.0.51Apache Tomcat 7.0.58Apache Tomcat 7.0.59Apache Tomcat 7.0.66Apache Tomcat 7.0.67Apache Tomcat 7.0.4Apache Tomcat 7.0.5Apache Tomcat 7.0.12Apache Tomcat 7.0.13Apache Tomcat 7.0.20Apache Tomcat 7.0.21Apache Tomcat 7.0.29Apache Tomcat 7.0.30Apache Tomcat 7.0.37Apache Tomcat 7.0.38Apache Tomcat 7.0.45Apache Tomcat 7.0.46Apache Tomcat 7.0.47Apache Tomcat 7.0.54Apache Tomcat 7.0.55Apache Tomcat 7.0.62Apache Tomcat 7.0.63Apache Tomcat 7.0.70Apache Tomcat 7.0.71Apache Tomcat 7.0.72Apache Tomcat 7.0.2Apache Tomcat 7.0.3Apache Tomcat 7.0.10Apache Tomcat 7.0.11Apache Tomcat 7.0.18Apache Tomcat 7.0.19Apache Tomcat 7.0.27Apache Tomcat 7.0.28Apache Tomcat 7.0.35Apache Tomcat 7.0.36Apache Tomcat 7.0.43Apache Tomcat 7.0.44Apache Tomcat 7.0.52Apache Tomcat 7.0.53Apache Tomcat 7.0.60Apache Tomcat 7.0.61Apache Tomcat 7.0.68Apache Tomcat 7.0.69Apache Tomcat 7.0.73Apache Tomcat 7.0.74Apache Tomcat 7.0.6Apache Tomcat 7.0.7Apache Tomcat 7.0.14Apache Tomcat 7.0.15Apache Tomcat 7.0.22Apache Tomcat 7.0.23Apache Tomcat 7.0.24Apache Tomcat 7.0.31Apache Tomcat 7.0.32Apache Tomcat 7.0.39Apache Tomcat 7.0.40Apache Tomcat 7.0.48Apache Tomcat 7.0.49Apache Tomcat 7.0.56Apache Tomcat 7.0.57Apache Tomcat 7.0.64Apache Tomcat 7.0.65Apache Tomcat 8.0.41Apache Tomcat 8.0.0Apache Tomcat 8.0.7Apache Tomcat 8.0.8Apache Tomcat 8.0.15Apache Tomcat 8.0.16Apache Tomcat 8.0.23Apache Tomcat 8.0.24Apache Tomcat 8.0.32Apache Tomcat 8.0.33Apache Tomcat 8.0.39Apache Tomcat 8.0.40Apache Tomcat 8.0.5Apache Tomcat 8.0.6Apache Tomcat 8.0.13Apache Tomcat 8.0.14Apache Tomcat 8.0.21Apache Tomcat 8.0.22Apache Tomcat 8.0.30Apache Tomcat 8.0.31Apache Tomcat 8.0.1Apache Tomcat 8.0.9Apache Tomcat 8.0.10Apache Tomcat 8.0.17Apache Tomcat 8.0.18Apache Tomcat 8.0.25Apache Tomcat 8.0.26Apache Tomcat 8.0.34Apache Tomcat 8.0.35Apache Tomcat 8.0.2Apache Tomcat 8.0.3Apache Tomcat 8.0.4Apache Tomcat 8.0.11Apache Tomcat 8.0.12Apache Tomcat 8.0.19Apache Tomcat 8.0.20Apache Tomcat 8.0.27Apache Tomcat 8.0.28Apache Tomcat 8.0.29Apache Tomcat 8.0.36Apache Tomcat 8.0.37Apache Tomcat 8.0.38Apache Tomcat 8.5.7Apache Tomcat 8.5.8Apache Tomcat 8.5.3Apache Tomcat 8.5.4Apache Tomcat 8.5.11Apache Tomcat 8.5.0Apache Tomcat 8.5.9Apache Tomcat 8.5.10Apache Tomcat 8.5.5Apache Tomcat 8.5.6Apache Tomcat 8.5.1Apache Tomcat 8.5.2Apache Tomcat 9.0.0
7.5
CVSSv3
CVE-2017-5647
A bug in the handling of the pipelined requests in Apache Tomcat 9.0.0.M1 to 9.0.0.M18, 8.5.0 to 8.5.12, 8.0.0.RC1 to 8.0.42, 7.0.0 to 7.0.76, and 6.0.0 to 6.0.52, when send file was used, results in the pipelined request being lost when send file processing of the previous...
Apache Tomcat 6.0.1Apache Tomcat 6.0.2Apache Tomcat 6.0.9Apache Tomcat 6.0.10Apache Tomcat 6.0.11Apache Tomcat 6.0.18Apache Tomcat 6.0.19Apache Tomcat 6.0.26Apache Tomcat 6.0.27Apache Tomcat 6.0.35Apache Tomcat 6.0.36Apache Tomcat 6.0.43Apache Tomcat 6.0.44Apache Tomcat 6.0.52Apache Tomcat 6.0.0Apache Tomcat 6.0.7Apache Tomcat 6.0.8Apache Tomcat 6.0.16Apache Tomcat 6.0.17Apache Tomcat 6.0.24Apache Tomcat 6.0.25Apache Tomcat 6.0.32Apache Tomcat 6.0.33Apache Tomcat 6.0.34Apache Tomcat 6.0.41Apache Tomcat 6.0.42Apache Tomcat 6.0.50Apache Tomcat 6.0.51Apache Tomcat 6.0.5Apache Tomcat 6.0.6Apache Tomcat 6.0.14Apache Tomcat 6.0.15Apache Tomcat 6.0.22Apache Tomcat 6.0.23Apache Tomcat 6.0.48Apache Tomcat 6.0.49Apache Tomcat 6.0.3Apache Tomcat 6.0.4Apache Tomcat 6.0.12Apache Tomcat 6.0.13Apache Tomcat 6.0.20Apache Tomcat 6.0.21Apache Tomcat 6.0.28Apache Tomcat 6.0.29Apache Tomcat 6.0.37Apache Tomcat 6.0.38Apache Tomcat 6.0.45Apache Tomcat 6.0.46Apache Tomcat 6.0.30Apache Tomcat 6.0.31Apache Tomcat 6.0.39Apache Tomcat 6.0.40Apache Tomcat 6.0.47Apache Tomcat 7.0.73Apache Tomcat 7.0.74Apache Tomcat 7.0.4Apache Tomcat 7.0.5Apache Tomcat 7.0.12Apache Tomcat 7.0.13Apache Tomcat 7.0.21Apache Tomcat 7.0.22Apache Tomcat 7.0.29Apache Tomcat 7.0.30Apache Tomcat 7.0.37Apache Tomcat 7.0.38Apache Tomcat 7.0.39Apache Tomcat 7.0.46Apache Tomcat 7.0.47Apache Tomcat 7.0.54Apache Tomcat 7.0.55Apache Tomcat 7.0.63Apache Tomcat 7.0.64Apache Tomcat 7.0.71Apache Tomcat 7.0.72Apache Tomcat 7.0.75Apache Tomcat 7.0.76Apache Tomcat 7.0.6Apache Tomcat 7.0.7Apache Tomcat 7.0.14Apache Tomcat 7.0.15Apache Tomcat 7.0.16Apache Tomcat 7.0.23Apache Tomcat 7.0.24Apache Tomcat 7.0.31Apache Tomcat 7.0.32Apache Tomcat 7.0.40Apache Tomcat 7.0.41Apache Tomcat 7.0.48Apache Tomcat 7.0.49Apache Tomcat 7.0.56Apache Tomcat 7.0.57Apache Tomcat 7.0.65Apache Tomcat 7.0.66Apache Tomcat 7.0.0Apache Tomcat 7.0.1Apache Tomcat 7.0.8Apache Tomcat 7.0.9Apache Tomcat 7.0.17Apache Tomcat 7.0.18Apache Tomcat 7.0.25Apache Tomcat 7.0.26Apache Tomcat 7.0.33Apache Tomcat 7.0.34Apache Tomcat 7.0.42Apache Tomcat 7.0.43Apache Tomcat 7.0.50Apache Tomcat 7.0.51Apache Tomcat 7.0.58Apache Tomcat 7.0.59Apache Tomcat 7.0.67Apache Tomcat 7.0.68Apache Tomcat 7.0.2Apache Tomcat 7.0.3Apache Tomcat 7.0.10Apache Tomcat 7.0.11Apache Tomcat 7.0.19Apache Tomcat 7.0.20Apache Tomcat 7.0.27Apache Tomcat 7.0.28Apache Tomcat 7.0.35Apache Tomcat 7.0.36Apache Tomcat 7.0.44Apache Tomcat 7.0.45Apache Tomcat 7.0.52Apache Tomcat 7.0.53Apache Tomcat 7.0.60Apache Tomcat 7.0.61Apache Tomcat 7.0.62Apache Tomcat 7.0.69Apache Tomcat 7.0.70Apache Tomcat 8.0.40Apache Tomcat 8.0.41Apache Tomcat 8.0.4Apache Tomcat 8.0.5Apache Tomcat 8.0.12Apache Tomcat 8.0.13Apache Tomcat 8.0.21Apache Tomcat 8.0.22Apache Tomcat 8.0.29Apache Tomcat 8.0.30Apache Tomcat 8.0.37Apache Tomcat 8.0.38Apache Tomcat 8.0.39Apache Tomcat 8.0.2Apache Tomcat 8.0.3Apache Tomcat 8.0.10Apache Tomcat 8.0.11Apache Tomcat 8.0.19Apache Tomcat 8.0.20Apache Tomcat 8.0.27Apache Tomcat 8.0.28Apache Tomcat 8.0.35Apache Tomcat 8.0.36Apache Tomcat 8.0.0Apache Tomcat 8.0.1Apache Tomcat 8.0.8Apache Tomcat 8.0.9Apache Tomcat 8.0.16Apache Tomcat 8.0.17Apache Tomcat 8.0.18Apache Tomcat 8.0.25Apache Tomcat 8.0.26Apache Tomcat 8.0.33Apache Tomcat 8.0.34Apache Tomcat 8.0.42Apache Tomcat 8.0.6Apache Tomcat 8.0.7Apache Tomcat 8.0.14Apache Tomcat 8.0.15Apache Tomcat 8.0.23Apache Tomcat 8.0.24Apache Tomcat 8.0.31Apache Tomcat 8.0.32Apache Tomcat 8.5.0Apache Tomcat 8.5.1Apache Tomcat 8.5.11Apache Tomcat 8.5.12Apache Tomcat 8.5.6Apache Tomcat 8.5.9Apache Tomcat 8.5.10Apache Tomcat 8.5.4Apache Tomcat 8.5.5Apache Tomcat 8.5.7Apache Tomcat 8.5.8Apache Tomcat 8.5.2Apache Tomcat 8.5.3Apache Tomcat 9.0.0
9.8
CVSSv3
CVE-2017-5651
In Apache Tomcat 9.0.0.M1 to 9.0.0.M18 and 8.5.0 to 8.5.12, the refactoring of the HTTP connectors introduced a regression in the send file processing. If the send file processing completed quickly, it was possible for the Processor to be added to the processor cache twice. This...
Apache Tomcat 8.5.1Apache Tomcat 8.5.2Apache Tomcat 8.5.9Apache Tomcat 8.5.10Apache Tomcat 8.5.5Apache Tomcat 8.5.6Apache Tomcat 8.5.7Apache Tomcat 8.5.8Apache Tomcat 8.5.3Apache Tomcat 8.5.4Apache Tomcat 8.5.11Apache Tomcat 8.5.12Apache Tomcat 8.5.0Apache Tomcat 9.0.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversalCVE-2023-21068CVE-2023-21077unspecifiedCVE-2023-21070CVE-2023-21016file upload
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook