org.apache.tomcat:tomcat (Maven) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the Maven package org.apache.tomcat:tomcat, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (161)
CVE-2026-41293 — CVSS 9.8 (critical): Improper Input Validation vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.21, from 10.1.0-M1…
CVE-2026-43512 — CVSS 9.8 (critical): DEPRECATED: Authentication Bypass Issues vulnerability in digest authentication in Apache Tomcat. This issue affects Apache Tomcat: from…
CVE-2009-3555 — CVSS 9.8 (critical): The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in…
CVE-2025-55754 — CVSS 9.6 (critical): Improper Neutralization of Escape, Meta, or Control Sequences vulnerability in Apache Tomcat. Tomcat did not escape ANSI escape sequences…
CVE-2026-29145 — CVSS 9.1 (critical): CLIENT_CERT authentication does not fail as expected for some scenarios when soft fail is disabled vulnerability in Apache Tomcat, Apache…
CVE-2026-43515 — CVSS 9.1 (critical): Improper Authorization vulnerability when multiple method constraints define an HTTP method for the same extension in Apache Tomcat. This…
CVE-2025-66614 — CVSS 9.1 (critical): Improper Input Validation vulnerability. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.14, from 10.1.0-M1 through 10.1.49…
CVE-2016-0714 — CVSS 8.8 (high): The session-persistence implementation in Apache Tomcat 6.x before 6.0.45, 7.x before 7.0.68, 8.x before 8.0.31, and 9.x before 9.0.0.M2…
CVE-2015-5351 — CVSS 8.8 (high): The (1) Manager and (2) Host Manager applications in Apache Tomcat 7.x before 7.0.68, 8.x before 8.0.31, and 9.x before 9.0.0.M2 establish…
CVE-2022-25762 — CVSS 8.6 (high): If a web application sends a WebSocket message concurrently with the WebSocket connection closing when running on Apache Tomcat 8.5.0 to…
CVE-2025-49124 — CVSS 8.4 (high): Untrusted Search Path vulnerability in Apache Tomcat installer for Windows. During installation, the Tomcat installer for Windows used…
CVE-2015-5346 — CVSS 8.1 (high): Session fixation vulnerability in Apache Tomcat 7.x before 7.0.66, 8.x before 8.0.30, and 9.x before 9.0.0.M2, when different session…
CVE-2005-4836 — CVSS 7.8 (high): The HTTP/1.1 connector in Apache Tomcat 4.1.15 through 4.1.40 does not reject NULL bytes in a URL when allowLinking is configured, which…
CVE-2006-7197 — CVSS 7.8 (high): The AJP connector in Apache Tomcat 5.5.15 uses an incorrect length for chunks, which can cause a buffer over-read in the…
CVE-2002-2272 — CVSS 7.8 (high): Tomcat 4.0 through 4.1.12, using mod_jk 1.2.1 module on Apache 1.3 through 1.3.27, allows remote attackers to cause a denial of service…
CVE-2014-0230 — CVSS 7.8 (high): Apache Tomcat 6.x before 6.0.44, 7.x before 7.0.55, and 8.x before 8.0.9 does not properly handle cases where an HTTP response occurs…
CVE-2020-8022 — CVSS 7.7 (high): A Incorrect Default Permissions vulnerability in the packaging of tomcat on SUSE Enterprise Storage 5, SUSE Linux Enterprise Server…
CVE-2026-34483 — CVSS 7.5 (high): Improper Encoding or Escaping of Output vulnerability in the JsonAccessLogValve component of Apache Tomcat. This issue affects Apache…
CVE-2026-29146 — CVSS 7.5 (high): Padding Oracle vulnerability in Apache Tomcat's EncryptInterceptor with default configuration. This issue affects Apache Tomcat: from…
CVE-2021-41079 — CVSS 7.5 (high): Apache Tomcat 8.5.0 to 8.5.63, 9.0.0-M1 to 9.0.43 and 10.0.0-M1 to 10.0.2 did not properly validate incoming TLS packets. When Tomcat was…
CVE-2020-13935 — CVSS 7.5 (high): The payload length in a WebSocket frame was not correctly validated in Apache Tomcat 10.0.0-M1 to 10.0.0-M6, 9.0.0.M1 to 9.0.36, 8.5.0 to…
CVE-2026-41284 — CVSS 7.5 (high): Allocation of Resources Without Limits or Throttling vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1…
CVE-2020-13934 — CVSS 7.5 (high): An h2c direct connection to Apache Tomcat 10.0.0-M1 to 10.0.0-M6, 9.0.0.M5 to 9.0.36 and 8.5.1 to 8.5.56 did not release the HTTP/1.1…
CVE-2013-2185 — CVSS 7.5 (high): The readObject method in the DiskFileItem class in Apache Tomcat and JBoss Web, as used in Red Hat JBoss Enterprise Application Platform…
CVE-2020-11996 — CVSS 7.5 (high): A specially crafted sequence of HTTP/2 requests sent to Apache Tomcat 10.0.0-M1 to 10.0.0-M5, 9.0.0.M1 to 9.0.35 and 8.5.0 to 8.5.55 could…
CVE-2017-7675 — CVSS 7.5 (high): The HTTP/2 implementation in Apache Tomcat 9.0.0.M1 to 9.0.0.M21 and 8.5.0 to 8.5.15 bypassed a number of security checks that prevented…
CVE-2014-0050 — CVSS 7.5 (high): MultipartStream.java in Apache Commons FileUpload before 1.3.1, as used in Apache Tomcat, JBoss Web, and other products, allows remote…
CVE-2026-34487 — CVSS 7.5 (high): Insertion of Sensitive Information into Log File vulnerability in the cloud membership for clustering component of Apache Tomcat exposed…
CVE-2017-5664 — CVSS 7.5 (high): The error page mechanism of the Java Servlet Specification requires that, when an error occurs and an error page is configured for the…
CVE-2017-5650 — CVSS 7.5 (high): In Apache Tomcat 9.0.0.M1 to 9.0.0.M18 and 8.5.0 to 8.5.12, the handling of an HTTP/2 GOAWAY frame for a connection did not close streams…
CVE-2017-5647 — CVSS 7.5 (high): A bug in the handling of the pipelined requests in Apache Tomcat 9.0.0.M1 to 9.0.0.M18, 8.5.0 to 8.5.12, 8.0.0.RC1 to 8.0.42, 7.0.0 to…
CVE-2026-34486 — CVSS 7.5 (high): Missing Encryption of Sensitive Data vulnerability in Apache Tomcat due to the fix for CVE-2026-29146 allowing the bypass of the…
CVE-2016-8747 — CVSS 7.5 (high): An information disclosure issue was discovered in Apache Tomcat 8.5.7 to 8.5.9 and 9.0.0.M11 to 9.0.0.M15 in reverse-proxy configurations…
CVE-2016-6796 — CVSS 7.5 (high): A malicious web application running on Apache Tomcat 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 and 6.0.0…
CVE-2016-6797 — CVSS 7.5 (high): The ResourceLinkFactory implementation in Apache Tomcat 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 and…
CVE-2016-6817 — CVSS 7.5 (high): The HTTP/2 header parser in Apache Tomcat 9.0.0.M1 to 9.0.0.M11 and 8.5.0 to 8.5.6 entered an infinite loop if a header was received that…
CVE-2026-29129 — CVSS 7.5 (high): Configured cipher preference order not preserved vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.16 through…
CVE-2002-0493 — CVSS 7.5 (high): Apache Tomcat may be started without proper security settings if errors are encountered while reading the web.xml file, which could allow…
CVE-2025-55752 — CVSS 7.5 (high): Relative Path Traversal vulnerability in Apache Tomcat. The fix for bug 60013 introduced a regression where the rewritten URL was…
CVE-2002-1394 — CVSS 7.5 (high): Apache Tomcat 4.0.5 and earlier, when using both the invoker servlet and the default servlet, allows remote attackers to read source code…
CVE-2022-29885 — CVSS 7.5 (high): The documentation of Apache Tomcat 10.1.0-M1 to 10.1.0-M14, 10.0.0-M1 to 10.0.20, 9.0.13 to 9.0.62 and 8.5.38 to 8.5.78 for the…
CVE-2026-43513 — CVSS 7.5 (high): Improper Handling of Case Sensitivity vulnerability in LockOutRealm in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1…
CVE-2021-42340 — CVSS 7.5 (high): The fix for bug 63362 present in Apache Tomcat 10.1.0-M1 to 10.1.0-M5, 10.0.0-M1 to 10.0.11, 9.0.40 to 9.0.53 and 8.5.60 to 8.5.71…
CVE-2011-3190 — CVSS 7.5 (high): Certain AJP protocol connector implementations in Apache Tomcat 7.0.0 through 7.0.20, 6.0.0 through 6.0.33, 5.5.0 through 5.5.33, and…
CVE-2021-30639 — CVSS 7.5 (high): A vulnerability in Apache Tomcat allows an attacker to remotely trigger a denial of service. An error introduced as part of a change to…
CVE-2026-42498 — CVSS 7.3 (high): Exposure of HTTP Authentication Header to unexpected hosts during WebSocket authentication vulnerability in Apache Tomcat. This issue…
CVE-2022-23181 — CVSS 7.0 (high): The fix for bug CVE-2020-9484 introduced a time of check, time of use vulnerability into Apache Tomcat 10.1.0-M1 to 10.1.0-M8, 10.0.0-M5 to…
CVE-2013-4444 — CVSS 6.8 (medium): Unrestricted file upload vulnerability in Apache Tomcat 7.x before 7.0.40, in certain situations involving outdated java.io.File code and a…
CVE-2003-0044 — CVSS 6.8 (medium): Multiple cross-site scripting (XSS) vulnerabilities in the (1) examples and (2) ROOT web applications for Jakarta Tomcat 3.x through 3.3.1a…
CVE-2002-1567 — CVSS 6.8 (medium): Cross-site scripting (XSS) vulnerability in Apache Tomcat 4.1 allows remote attackers to execute arbitrary web script and steal cookies via…
CVE-2013-2067 — CVSS 6.8 (medium): java/org/apache/catalina/authenticator/FormAuthenticator.java in the form authentication feature in Apache Tomcat 6.0.21 through 6.0.36 and…
CVE-2021-30640 — CVSS 6.5 (medium): A vulnerability in the JNDI Realm of Apache Tomcat allows an attacker to authenticate using variations of a valid user name and/or to…
CVE-2010-4312 — CVSS 6.4 (medium): The default configuration of Apache Tomcat 6.x does not include the HTTPOnly flag in a Set-Cookie header, which makes it easier for remote…
CVE-2000-0759 — CVSS 6.4 (medium): Jakarta Tomcat 3.1 under Apache reveals physical path information when a remote attacker requests a URL that does not exist, which…
CVE-2014-0227 — CVSS 6.4 (medium): java/org/apache/coyote/http11/filters/ChunkedInputFilter.java in Apache Tomcat 6.x before 6.0.42, 7.x before 7.0.55, and 8.x before 8.0.9…
CVE-2010-2227 — CVSS 6.4 (medium): Apache Tomcat 5.5.0 through 5.5.29, 6.0.0 through 6.0.27, and 7.0.0 beta does not properly handle an invalid Transfer-Encoding header…
CVE-2016-0763 — CVSS 6.3 (medium): The setGlobalContext method in org/apache/naming/factory/ResourceLinkFactory.java in Apache Tomcat 7.x before 7.0.68, 8.x before 8.0.31…
CVE-2023-41080 — CVSS 6.1 (medium): URL Redirection to Untrusted Site ('Open Redirect') vulnerability in FORM authentication feature Apache Tomcat.This issue affects Apache…
CVE-2024-52318 — CVSS 6.1 (medium): Incorrect object recycling and reuse vulnerability in Apache Tomcat. This issue affects Apache Tomcat: 11.0.0, 10.1.31, 9.0.96. Users are…
CVE-2019-0221 — CVSS 6.1 (medium): The SSI printenv command in Apache Tomcat 9.0.0.M1 to 9.0.0.17, 8.5.0 to 8.5.39 and 7.0.0 to 7.0.93 echoes user provided data without…
CVE-2026-25854 — CVSS 6.1 (medium): Occasional URL redirection to untrusted Site ('Open Redirect') vulnerability in Apache Tomcat via the LoadBalancerDrainingValve. This issue…
CVE-2022-34305 — CVSS 6.1 (medium): In Apache Tomcat 10.1.0-M1 to 10.1.0-M16, 10.0.0-M1 to 10.0.22, 9.0.30 to 9.0.64 and 8.5.50 to 8.5.81 the Form authentication example in…
CVE-2016-0762 — CVSS 5.9 (medium): The Realm implementations in Apache Tomcat versions 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 and 6.0.0 to…
CVE-2011-1088 — CVSS 5.8 (medium): Apache Tomcat 7.x before 7.0.10 does not follow ServletSecurity annotations, which allows remote attackers to bypass intended access…
CVE-2009-2693 — CVSS 5.8 (medium): Directory traversal vulnerability in Apache Tomcat 5.5.0 through 5.5.28 and 6.0.0 through 6.0.20 allows remote attackers to create or…
CVE-2013-4286 — CVSS 5.8 (medium): Apache Tomcat before 6.0.39, 7.x before 7.0.47, and 8.x before 8.0.0-RC3, when an HTTP connector or AJP connector is used, does not…
CVE-2011-1183 — CVSS 5.8 (medium): Apache Tomcat 7.0.11, when web.xml has no login configuration, does not follow security constraints, which allows remote attackers to…
CVE-2011-1419 — CVSS 5.8 (medium): Apache Tomcat 7.x before 7.0.11, when web.xml has no security constraints, does not follow ServletSecurity annotations, which allows remote…
CVE-2008-0002 — CVSS 5.8 (medium): Apache Tomcat 6.0.0 through 6.0.15 processes parameters in the context of the wrong request when an exception occurs during parameter…
CVE-2017-15706 — CVSS 5.3 (medium): As part of the fix for bug 61201, the documentation for Apache Tomcat 9.0.0.M22 to 9.0.1, 8.5.16 to 8.5.23, 8.0.45 to 8.0.47 and 7.0.79 to…
CVE-2015-5345 — CVSS 5.3 (medium): The Mapper component in Apache Tomcat 6.x before 6.0.45, 7.x before 7.0.68, 8.x before 8.0.30, and 9.x before 9.0.0.M2 processes redirects…
CVE-2021-33037 — CVSS 5.3 (medium): Apache Tomcat 10.0.0-M1 to 10.0.6, 9.0.0.M1 to 9.0.46 and 8.5.0 to 8.5.66 did not correctly parse the HTTP transfer-encoding request header…
CVE-2023-42795 — CVSS 5.3 (medium): Incomplete Cleanup vulnerability in Apache Tomcat.When recycling various internal objects in Apache Tomcat from 11.0.0-M1 through…
CVE-2024-54677 — CVSS 5.3 (medium): Uncontrolled Resource Consumption vulnerability in the examples web application provided with Apache Tomcat leads to denial of service…
CVE-2026-32990 — CVSS 5.3 (medium): Improper Input Validation vulnerability in Apache Tomcat due to an incomplete fix of CVE-2025-66614. This issue affects Apache Tomcat: from…
CVE-2025-61795 — CVSS 5.3 (medium): Improper Resource Shutdown or Release vulnerability in Apache Tomcat. If an error occurred (including exceeding limits) during the…
CVE-2023-45648 — CVSS 5.3 (medium): Improper Input Validation vulnerability in Apache Tomcat.Tomcat from 11.0.0-M1 through 11.0.0-M11, from 10.1.0-M1 through 10.1.13, from…
CVE-2016-6794 — CVSS 5.3 (medium): When a SecurityManager is configured, a web application's ability to read system properties should be controlled by the SecurityManager. In…
CVE-2001-0829 — CVSS 5.1 (medium): A cross-site scripting vulnerability in Apache Tomcat 3.2.1 allows a malicious webmaster to embed Javascript in a request for a .JSP file…
CVE-2005-3510 — CVSS 5.0 (medium): Apache Tomcat 5.5.0 to 5.5.11 allows remote attackers to cause a denial of service (CPU consumption) via a large number of simultaneous…
CVE-2000-1210 — CVSS 5.0 (medium): Directory traversal vulnerability in source.jsp of Apache Tomcat before 3.1 allows remote attackers to read arbitrary files via a .. (dot…
CVE-2001-0917 — CVSS 5.0 (medium): Jakarta Tomcat 4.0.1 allows remote attackers to reveal physical path information by requesting a long URL with a .JSP extension.
CVE-2002-0935 — CVSS 5.0 (medium): Apache Tomcat 4.0.3, and possibly other versions before 4.1.3 beta, allows remote attackers to cause a denial of service (resource…
CVE-2002-1148 — CVSS 5.0 (medium): The default servlet (org.apache.catalina.servlets.DefaultServlet) in Tomcat 4.0.4 and 4.1.10 and earlier allows remote attackers to read…
CVE-2002-2006 — CVSS 5.0 (medium): The default installation of Apache Tomcat 4.0 through 4.1 and 3.0 through 3.3.1 allows remote attackers to obtain the installation path and…
CVE-2002-2008 — CVSS 5.0 (medium): Apache Tomcat 4.0.3 for Windows allows remote attackers to obtain the web root path via an HTTP request for a resource that does not exist…
CVE-2002-2009 — CVSS 5.0 (medium): Apache Tomcat 4.0.1 allows remote attackers to obtain the web root path via HTTP requests for JSP files preceded by (1) +/, (2) >/, (3) </…
CVE-2003-0042 — CVSS 5.0 (medium): Jakarta Tomcat before 3.3.1a, when used with JDK 1.3.1 or earlier, allows remote attackers to list directories even with an index.html or…
CVE-2003-0043 — CVSS 5.0 (medium): Jakarta Tomcat before 3.3.1a, when used with JDK 1.3.1 or earlier, uses trusted privileges when processing the web.xml file, which could…
CVE-2003-0045 — CVSS 5.0 (medium): Jakarta Tomcat before 3.3.1a on certain Windows systems may allow remote attackers to cause a denial of service (thread hang and resource…
CVE-2003-0866 — CVSS 5.0 (medium): The Catalina org.apache.catalina.connector.http package in Tomcat 4.0.x up to 4.0.3 allows remote attackers to cause a denial of service…
CVE-2005-4703 — CVSS 5.0 (medium): Apache Tomcat 4.0.3, when running on Windows, allows remote attackers to obtain sensitive information via a request for a file that…
CVE-2006-3835 — CVSS 5.0 (medium): Apache Tomcat 5 before 5.5.17 allows remote attackers to list directories via a semicolon (;) preceding a filename with a mapped extension…
CVE-2007-0450 — CVSS 5.0 (medium): Directory traversal vulnerability in Apache HTTP Server and Tomcat 5.x before 5.5.22 and 6.x before 6.0.10, when using certain proxy…
CVE-2007-5333 — CVSS 5.0 (medium): Apache Tomcat 6.0.0 through 6.0.14, 5.5.0 through 5.5.25, and 4.1.0 through 4.1.36 does not properly handle (1) double quote (") characters…
CVE-2008-2370 — CVSS 5.0 (medium): Apache Tomcat 4.1.0 through 4.1.37, 5.5.0 through 5.5.26, and 6.0.0 through 6.0.16, when a RequestDispatcher is used, performs path…
CVE-2008-5515 — CVSS 5.0 (medium): Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, 6.0.0 through 6.0.18, and possibly earlier versions normalizes the target…
CVE-2009-0033 — CVSS 5.0 (medium): Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18, when the Java AJP connector and mod_jk load balancing…
CVE-2010-4476 — CVSS 5.0 (medium): The Double.parseDouble method in Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update…
CVE-2011-0534 — CVSS 5.0 (medium): Apache Tomcat 7.0.0 through 7.0.6 and 6.0.0 through 6.0.30 does not enforce the maxHttpHeaderSize limit for requests involving the NIO HTTP…
CVE-2011-1184 — CVSS 5.0 (medium): The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.12 does…
CVE-2011-1475 — CVSS 5.0 (medium): The HTTP BIO connector in Apache Tomcat 7.0.x before 7.0.12 does not properly handle HTTP pipelining, which allows remote attackers to read…
CVE-2011-3375 — CVSS 5.0 (medium): Apache Tomcat 6.0.30 through 6.0.33 and 7.x before 7.0.22 does not properly perform certain caching and recycling operations involving…
CVE-2011-4858 — CVSS 5.0 (medium): Apache Tomcat before 5.5.35, 6.x before 6.0.35, and 7.x before 7.0.23 computes hash values for form parameters without restricting the…
CVE-2011-5062 — CVSS 5.0 (medium): The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.12 does…
CVE-2012-0022 — CVSS 5.0 (medium): Apache Tomcat 5.5.x before 5.5.35, 6.x before 6.0.34, and 7.x before 7.0.23 uses an inefficient approach for handling parameters, which…
CVE-2012-3544 — CVSS 5.0 (medium): Apache Tomcat 6.x before 6.0.37 and 7.x before 7.0.30 does not properly handle chunk extensions in chunked transfer coding, which allows…
CVE-2012-5885 — CVSS 5.0 (medium): The replay-countermeasure functionality in the HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.36, 6.x…
CVE-2012-5887 — CVSS 5.0 (medium): The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.36, 6.x before 6.0.36, and 7.x before 7.0.30 does…
CVE-2014-0075 — CVSS 5.0 (medium): Integer overflow in the parseChunkHeader function in java/org/apache/coyote/http11/filters/ChunkedInputFilter.java in Apache Tomcat before…
CVE-2014-7810 — CVSS 5.0 (medium): The Expression Language (EL) implementation in Apache Tomcat 6.x before 6.0.44, 7.x before 7.0.58, and 8.x before 8.0.16 does not properly…
CVE-2019-17569 — CVSS 4.8 (medium): The refactoring present in Apache Tomcat 9.0.28 to 9.0.30, 8.5.48 to 8.5.50 and 7.0.98 to 7.0.99 introduced a regression. The result of the…
CVE-2020-1935 — CVSS 4.8 (medium): In Apache Tomcat 9.0.0.M1 to 9.0.30, 8.5.0 to 8.5.50 and 7.0.0 to 7.0.99 the HTTP header parsing code used an approach to end-of-line…
CVE-2011-2481 — CVSS 4.6 (medium): Apache Tomcat 7.0.x before 7.0.17 permits web applications to replace an XML parser used for other web applications, which allows local…
CVE-2011-2526 — CVSS 4.4 (medium): Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.19, when sendfile is enabled for the HTTP APR or HTTP NIO…
CVE-2014-0096 — CVSS 4.3 (medium): java/org/apache/catalina/servlets/DefaultServlet.java in the default servlet in Apache Tomcat before 6.0.40, 7.x before 7.0.53, and 8.x…
CVE-2017-7674 — CVSS 4.3 (medium): The CORS Filter in Apache Tomcat 9.0.0.M1 to 9.0.0.M21, 8.5.0 to 8.5.15, 8.0.0.RC1 to 8.0.44 and 7.0.41 to 7.0.78 did not add an HTTP Vary…
CVE-2014-0033 — CVSS 4.3 (medium): org/apache/catalina/connector/CoyoteAdapter.java in Apache Tomcat 6.0.33 through 6.0.37 does not consider the disableURLRewriting setting…
CVE-2013-4590 — CVSS 4.3 (medium): Apache Tomcat before 6.0.39, 7.x before 7.0.50, and 8.x before 8.0.0-RC10 allows attackers to obtain "Tomcat internals" information by…
CVE-2013-4322 — CVSS 4.3 (medium): Apache Tomcat before 6.0.39, 7.x before 7.0.50, and 8.x before 8.0.0-RC10 processes chunked transfer coding without properly handling (1) a…
CVE-2012-4431 — CVSS 4.3 (medium): org/apache/catalina/filters/CsrfPreventionFilter.java in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.32 allows remote attackers to…
CVE-2012-3546 — CVSS 4.3 (medium): org/apache/catalina/realm/RealmBase.java in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.30, when FORM authentication is used, allows…
CVE-2011-5064 — CVSS 4.3 (medium): DigestAuthenticator.java in the HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33…
CVE-2011-5063 — CVSS 4.3 (medium): The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.12 does…
CVE-2005-2090 — CVSS 4.3 (medium): Jakarta Tomcat 5.0.19 (Coyote/1.1) and Tomcat 4.1.24 (Coyote/1.0) allows remote attackers to poison the web cache, bypass web application…
CVE-2015-5174 — CVSS 4.3 (medium): Directory traversal vulnerability in RequestUtil.java in Apache Tomcat 6.x before 6.0.45, 7.x before 7.0.65, and 8.x before 8.0.27 allows…
CVE-2014-0119 — CVSS 4.3 (medium): Apache Tomcat before 6.0.40, 7.x before 7.0.54, and 8.x before 8.0.6 does not properly constrain the class loader that accesses the XML…
CVE-2014-0099 — CVSS 4.3 (medium): Integer overflow in java/org/apache/tomcat/util/buf/Ascii.java in Apache Tomcat before 6.0.40, 7.x before 7.0.53, and 8.x before 8.0.4…
CVE-2008-2938 — CVSS 4.3 (medium): Directory traversal vulnerability in Apache Tomcat 4.1.0 through 4.1.37, 5.5.0 through 5.5.26, and 6.0.0 through 6.0.16, when allowLinking…
CVE-2008-1947 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in Apache Tomcat 5.5.9 through 5.5.26 and 6.0.0 through 6.0.16 allows remote attackers to inject…
CVE-2008-1232 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in Apache Tomcat 4.1.0 through 4.1.37, 5.5.0 through 5.5.26, and 6.0.0 through 6.0.16 allows…
CVE-2007-6286 — CVSS 4.3 (medium): Apache Tomcat 5.5.11 through 5.5.25 and 6.0.0 through 6.0.15, when the native APR connector is used, does not properly handle an empty…
CVE-2007-4724 — CVSS 4.3 (medium): Cross-site request forgery (CSRF) vulnerability in cal2.jsp in the calendar examples application in Apache Tomcat 4.1.31 allows remote…
CVE-2007-3385 — CVSS 4.3 (medium): Apache Tomcat 6.0.0 to 6.0.13, 5.5.0 to 5.5.24, 5.0.0 to 5.0.30, 4.1.0 to 4.1.36, and 3.3 to 3.3.2 does not properly handle the \"…
CVE-2007-3384 — CVSS 4.3 (medium): Multiple cross-site scripting (XSS) vulnerabilities in examples/servlet/CookieExample in Apache Tomcat 3.3 through 3.3.2 allow remote…
CVE-2007-3383 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in SendMailServlet in the examples web application (examples/jsp/mail/sendmail.jsp) in Apache…
CVE-2007-3382 — CVSS 4.3 (medium): Apache Tomcat 6.0.0 to 6.0.13, 5.5.0 to 5.5.24, 5.0.0 to 5.0.30, 4.1.0 to 4.1.36, and 3.3 to 3.3.2 treats single quotes ("'") as delimiters…
CVE-2007-2449 — CVSS 4.3 (medium): Multiple cross-site scripting (XSS) vulnerabilities in certain JSP files in the examples web application in Apache Tomcat 4.0.0 through…
CVE-2006-7196 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in the calendar application example in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0 through 4.1.31…
CVE-2006-7195 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in implicit-objects.jsp in Apache Tomcat 5.0.0 through 5.0.30 and 5.5.0 through 5.5.17 allows…
CVE-2016-0706 — CVSS 4.3 (medium): Apache Tomcat 6.x before 6.0.45, 7.x before 7.0.68, 8.x before 8.0.31, and 9.x before 9.0.0.M2 does not place org.apache.catalina.manager.St…
CVE-2011-1582 — CVSS 4.3 (medium): Apache Tomcat 7.0.12 and 7.0.13 processes the first request to a servlet without following security constraints that have been configured…
CVE-2011-0013 — CVSS 4.3 (medium): Multiple cross-site scripting (XSS) vulnerabilities in the HTML Manager Interface in Apache Tomcat 5.5 before 5.5.32, 6.0 before 6.0.30…
CVE-2010-4172 — CVSS 4.3 (medium): Multiple cross-site scripting (XSS) vulnerabilities in the Manager application in Apache Tomcat 6.0.12 through 6.0.29 and 7.0.0 through…
CVE-2009-2902 — CVSS 4.3 (medium): Directory traversal vulnerability in Apache Tomcat 5.5.0 through 5.5.28 and 6.0.0 through 6.0.20 allows remote attackers to delete…
CVE-2009-2901 — CVSS 4.3 (medium): The autodeployment process in Apache Tomcat 5.5.0 through 5.5.28 and 6.0.0 through 6.0.20, when autoDeploy is enabled, deploys appBase…
CVE-2009-0781 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in jsp/cal/cal2.jsp in the calendar application in the examples web application in Apache Tomcat…
CVE-2009-0580 — CVSS 4.3 (medium): Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18, when FORM authentication is used, allows remote…
CVE-2009-0783 — CVSS 4.2 (medium): Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18 permits web applications to replace an XML parser used…
CVE-2026-43514 — CVSS 3.7 (low): Observable Timing Discrepancy vulnerability when comparing AJP secret in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1…
CVE-2026-24733 — CVSS 3.7 (low): Improper Input Validation vulnerability in Apache Tomcat. Tomcat did not limit HTTP/0.9 requests to the GET method. If a security…
CVE-2021-43980 — CVSS 3.7 (low): The simplified implementation of blocking reads and writes introduced in Tomcat 10 and back-ported to Tomcat 9.0.47 onwards exposed a long…
CVE-2007-5461 — CVSS 3.5 (low): Absolute path traversal vulnerability in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0, 5.0.0, 5.5.0 through 5.5.25, and 6.0.0 through 6.0.14…
CVE-2007-2450 — CVSS 3.5 (low): Multiple cross-site scripting (XSS) vulnerabilities in the (1) Manager and (2) Host Manager web applications in Apache Tomcat 4.0.0 through…
CVE-2013-2071 — CVSS 2.6 (low): java/org/apache/catalina/core/AsyncContextImpl.java in Apache Tomcat 7.x before 7.0.40 does not properly handle the throwing of a…
CVE-2008-4308 — CVSS 2.6 (low): The doRead method in Apache Tomcat 4.1.32 through 4.1.34 and 5.5.10 through 5.5.20 does not return a -1 to indicate when a certain error…
CVE-2005-3164 — CVSS 2.6 (low): The AJP connector in Apache Tomcat 4.0.1 through 4.0.6 and 4.1.0 through 4.1.36, as used in Hitachi Cosminexus Application Server and…
CVE-2010-1157 — CVSS 2.6 (low): Apache Tomcat 5.5.0 through 5.5.29 and 6.0.0 through 6.0.26 might allow remote attackers to discover the server's hostname or IP address by…
CVE-2007-1358 — CVSS 2.6 (low): Cross-site scripting (XSS) vulnerability in certain applications using Apache Tomcat 4.0.0 through 4.0.6 and 4.1.0 through 4.1.34 allows…
CVE-2011-2204 — CVSS 1.9 (low): Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.17, when the MemoryUserDatabase is used, creates log entries…
CVE-2010-3718 — CVSS 1.2 (low): Apache Tomcat 7.0.0 through 7.0.3, 6.0.x, and 5.5.x, when running within a SecurityManager, does not make the ServletContext attribute…