Every CVE whose affected-product data names Apache Tomcat, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (200)
CVE-2025-31651 — CVSS 9.8 (critical): Improper Neutralization of Escape, Meta, or Control Sequences vulnerability in Apache Tomcat. For a subset of unlikely rewrite rule…
CVE-2026-43512 — CVSS 9.8 (critical): DEPRECATED: Authentication Bypass Issues vulnerability in digest authentication in Apache Tomcat. This issue affects Apache Tomcat: from…
CVE-2026-41293 — CVSS 9.8 (critical): Improper Input Validation vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.21, from 10.1.0-M1…
CVE-2017-5651 — CVSS 9.8 (critical): In Apache Tomcat 9.0.0.M1 to 9.0.0.M18 and 8.5.0 to 8.5.12, the refactoring of the HTTP connectors introduced a regression in the send file…
CVE-2018-8014 — CVSS 9.8 (critical): The defaults settings for the CORS filter provided in Apache Tomcat 9.0.0.M1 to 9.0.8, 8.5.0 to 8.5.31, 8.0.0.RC1 to 8.0.52, 7.0.41 to…
CVE-2024-50379 — CVSS 9.8 (critical): Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability during JSP compilation in Apache Tomcat permits an RCE on case insensitive…
CVE-2024-52316 — CVSS 9.8 (critical): Unchecked Error Condition vulnerability in Apache Tomcat. If Tomcat is configured to use a custom Jakarta Authentication (formerly JASPIC)…
CVE-2024-56337 — CVSS 9.8 (critical): Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through…
CVE-2025-55754 — CVSS 9.6 (critical): Improper Neutralization of Escape, Meta, or Control Sequences vulnerability in Apache Tomcat. Tomcat did not escape ANSI escape sequences…
CVE-2016-5018 — CVSS 9.1 (critical): In Apache Tomcat 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 and 6.0.0 to 6.0.45 a malicious web application…
CVE-2017-5648 — CVSS 9.1 (critical): While investigating bug 60718, it was noticed that some calls to application listeners in Apache Tomcat 9.0.0.M1 to 9.0.0.M17, 8.5.0 to…
CVE-2026-43515 — CVSS 9.1 (critical): Improper Authorization vulnerability when multiple method constraints define an HTTP method for the same extension in Apache Tomcat. This…
CVE-2026-29145 — CVSS 9.1 (critical): CLIENT_CERT authentication does not fail as expected for some scenarios when soft fail is disabled vulnerability in Apache Tomcat, Apache…
CVE-2025-66614 — CVSS 9.1 (critical): Improper Input Validation vulnerability. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.14, from 10.1.0-M1 through 10.1.49…
CVE-2026-55276 — CVSS 9.1 (critical): Always-Incorrect Control Flow Implementation vulnerability in Apache Tomcat meant that special roles and empty authorisation constraints…
CVE-2026-53434 — CVSS 9.1 (critical): Detection of Error Condition Without Action vulnerability in Apache Tomcat when configuring CRLs for a FFM based connector. This issue…
CVE-2015-5351 — CVSS 8.8 (high): The (1) Manager and (2) Host Manager applications in Apache Tomcat 7.x before 7.0.68, 8.x before 8.0.31, and 9.x before 9.0.0.M2 establish…
CVE-2016-0714 — CVSS 8.8 (high): The session-persistence implementation in Apache Tomcat 6.x before 6.0.45, 7.x before 7.0.68, 8.x before 8.0.31, and 9.x before 9.0.0.M2…
CVE-2024-38286 — CVSS 8.6 (high): Allocation of Resources Without Limits or Throttling vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1…
CVE-2022-25762 — CVSS 8.6 (high): If a web application sends a WebSocket message concurrently with the WebSocket connection closing when running on Apache Tomcat 8.5.0 to…
CVE-2025-49124 — CVSS 8.4 (high): Untrusted Search Path vulnerability in Apache Tomcat installer for Windows. During installation, the Tomcat installer for Windows used…
CVE-2015-5346 — CVSS 8.1 (high): Session fixation vulnerability in Apache Tomcat 7.x before 7.0.66, 8.x before 8.0.30, and 9.x before 9.0.0.M2, when different session…
CVE-2019-0232 — CVSS 8.1 (high): When running on Windows with enableCmdLineArguments enabled, the CGI Servlet in Apache Tomcat 9.0.0.M1 to 9.0.17, 8.5.0 to 8.5.39 and 7.0.0…
CVE-2016-5388 — CVSS 8.1 (high): Apache Tomcat 7.x through 7.0.70 and 8.x through 8.5.4, when the CGI Servlet is enabled, follows RFC 3875 section 4.1.18 and therefore does…
CVE-2016-6325 — CVSS 7.8 (high): The Tomcat package on Red Hat Enterprise Linux (RHEL) 5 through 7, JBoss Web Server 3.0, and JBoss EWS 2 uses weak permissions for (1)…
CVE-2002-2272 — CVSS 7.8 (high): Tomcat 4.0 through 4.1.12, using mod_jk 1.2.1 module on Apache 1.3 through 1.3.27, allows remote attackers to cause a denial of service…
CVE-2005-4836 — CVSS 7.8 (high): The HTTP/1.1 connector in Apache Tomcat 4.1.15 through 4.1.40 does not reject NULL bytes in a URL when allowLinking is configured, which…
CVE-2006-7197 — CVSS 7.8 (high): The AJP connector in Apache Tomcat 5.5.15 uses an incorrect length for chunks, which can cause a buffer over-read in the…
CVE-2016-9775 — CVSS 7.8 (high): The postrm script in the tomcat6 package before 6.0.45+dfsg-1~deb7u3 on Debian wheezy, before 6.0.45+dfsg-1~deb8u1 on Debian jessie, before…
CVE-2016-9774 — CVSS 7.8 (high): The postinst script in the tomcat6 package before 6.0.45+dfsg-1~deb7u4 on Debian wheezy, before 6.0.35-1ubuntu3.9 on Ubuntu 12.04 LTS and…
CVE-2016-5425 — CVSS 7.8 (high): The Tomcat package on Red Hat Enterprise Linux (RHEL) 7, Fedora, CentOS, Oracle Linux, and possibly other Linux distributions uses weak…
CVE-2016-1240 — CVSS 7.8 (high): The Tomcat init script in the tomcat7 package before 7.0.56-3+deb8u4 and tomcat8 package before 8.0.14-1+deb8u3 on Debian jessie and the…
CVE-2014-0230 — CVSS 7.8 (high): Apache Tomcat 6.x before 6.0.44, 7.x before 7.0.55, and 8.x before 8.0.9 does not properly handle cases where an HTTP response occurs…
CVE-2020-8022 — CVSS 7.7 (high): A Incorrect Default Permissions vulnerability in the packaging of tomcat on SUSE Enterprise Storage 5, SUSE Linux Enterprise Server…
CVE-2025-53506 — CVSS 7.5 (high): Uncontrolled Resource Consumption vulnerability in Apache Tomcat if an HTTP/2 client did not acknowledge the initial settings frame that…
CVE-2025-31650 — CVSS 7.5 (high): Improper Input Validation vulnerability in Apache Tomcat. Incorrect error handling for some invalid HTTP priority headers resulted in…
CVE-2025-55752 — CVSS 7.5 (high): Relative Path Traversal vulnerability in Apache Tomcat. The fix for bug 60013 introduced a regression where the rewritten URL was…
CVE-2026-24734 — CVSS 7.5 (high): Improper Input Validation vulnerability in Apache Tomcat Native, Apache Tomcat. When using an OCSP responder, Tomcat Native (and Tomcat's…
CVE-2026-24880 — CVSS 7.5 (high): Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') vulnerability in Apache Tomcat via invalid chunk…
CVE-2026-29129 — CVSS 7.5 (high): Configured cipher preference order not preserved vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.16 through…
CVE-2024-34750 — CVSS 7.5 (high): Improper Handling of Exceptional Conditions, Uncontrolled Resource Consumption vulnerability in Apache Tomcat. When processing an HTTP/2…
CVE-2024-24549 — CVSS 7.5 (high): Denial of Service due to improper input validation vulnerability for HTTP/2 requests in Apache Tomcat. When processing an HTTP/2 request…
CVE-2023-46589 — CVSS 7.5 (high): Improper Input Validation vulnerability in Apache Tomcat.Tomcat from 11.0.0-M1 through 11.0.0-M10, from 10.1.0-M1 through 10.1.15, from…
CVE-2023-34981 — CVSS 7.5 (high): A regression in the fix for bug 66512 in Apache Tomcat 11.0.0-M5, 10.1.8, 9.0.74 and 8.5.88 meant that, if a response did not include any…
CVE-2023-28709 — CVSS 7.5 (high): The fix for CVE-2023-24998 was incomplete for Apache Tomcat 11.0.0-M2 to 11.0.0-M4, 10.1.5 to 10.1.7, 9.0.71 to 9.0.73 and 8.5.85 to…
CVE-2022-45143 — CVSS 7.5 (high): The JsonErrorReportValve in Apache Tomcat 8.5.83, 9.0.40 to 9.0.68 and 10.1.0-M1 to 10.1.1 did not escape the type, message or description…
CVE-2022-42252 — CVSS 7.5 (high): If Apache Tomcat 8.5.0 to 8.5.82, 9.0.0-M1 to 9.0.67, 10.0.0-M1 to 10.0.26 or 10.1.0-M1 to 10.1.0 was configured to ignore invalid HTTP…
CVE-2022-29885 — CVSS 7.5 (high): The documentation of Apache Tomcat 10.1.0-M1 to 10.1.0-M14, 10.0.0-M1 to 10.0.20, 9.0.13 to 9.0.62 and 8.5.38 to 8.5.78 for the…
CVE-2026-29146 — CVSS 7.5 (high): Padding Oracle vulnerability in Apache Tomcat's EncryptInterceptor with default configuration. This issue affects Apache Tomcat: from…
CVE-2025-48988 — CVSS 7.5 (high): Allocation of Resources Without Limits or Throttling vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1…
CVE-2002-0682 — CVSS 7.5 (high): Cross-site scripting vulnerability in Apache Tomcat 4.0.3 allows remote attackers to execute script as other web users via script in a URL…
CVE-2016-6817 — CVSS 7.5 (high): The HTTP/2 header parser in Apache Tomcat 9.0.0.M1 to 9.0.0.M11 and 8.5.0 to 8.5.6 entered an infinite loop if a header was received that…
CVE-2016-6797 — CVSS 7.5 (high): The ResourceLinkFactory implementation in Apache Tomcat 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 and…
CVE-2016-6796 — CVSS 7.5 (high): A malicious web application running on Apache Tomcat 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 and 6.0.0…
CVE-2014-0050 — CVSS 7.5 (high): MultipartStream.java in Apache Commons FileUpload before 1.3.1, as used in Apache Tomcat, JBoss Web, and other products, allows remote…
CVE-2002-0493 — CVSS 7.5 (high): Apache Tomcat may be started without proper security settings if errors are encountered while reading the web.xml file, which could allow…
CVE-2001-1563 — CVSS 7.5 (high): Unknown vulnerability in Tomcat 3.2.1 running on HP Secure OS for Linux 1.0 allows attackers to access servlet resources. NOTE: due to the…
CVE-2016-3092 — CVSS 7.5 (high): The MultipartStream class in Apache Commons Fileupload before 1.3.2, as used in Apache Tomcat 7.x before 7.0.70, 8.x before 8.0.36, 8.5.x…
CVE-2013-2185 — CVSS 7.5 (high): The readObject method in the DiskFileItem class in Apache Tomcat and JBoss Web, as used in Red Hat JBoss Enterprise Application Platform…
CVE-2026-43513 — CVSS 7.5 (high): Improper Handling of Case Sensitivity vulnerability in LockOutRealm in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1…
CVE-2025-52434 — CVSS 7.5 (high): Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') vulnerability in Apache Tomcat when using the…
CVE-2025-49125 — CVSS 7.5 (high): Authentication Bypass Using an Alternate Path or Channel vulnerability in Apache Tomcat. When using PreResources or PostResources mounted…
CVE-2025-52520 — CVSS 7.5 (high): For some unlikely configurations of multipart upload, an Integer Overflow vulnerability in Apache Tomcat could lead to a DoS via bypassing…
CVE-2025-48989 — CVSS 7.5 (high): Improper Resource Shutdown or Release vulnerability in Apache Tomcat made Tomcat vulnerable to the made you reset attack. This issue…
CVE-2021-42340 — CVSS 7.5 (high): The fix for bug 63362 present in Apache Tomcat 10.1.0-M1 to 10.1.0-M5, 10.0.0-M1 to 10.0.11, 9.0.40 to 9.0.53 and 8.5.60 to 8.5.71…
CVE-2021-41079 — CVSS 7.5 (high): Apache Tomcat 8.5.0 to 8.5.63, 9.0.0-M1 to 9.0.43 and 10.0.0-M1 to 10.0.2 did not properly validate incoming TLS packets. When Tomcat was…
CVE-2021-30639 — CVSS 7.5 (high): A vulnerability in Apache Tomcat allows an attacker to remotely trigger a denial of service. An error introduced as part of a change to…
CVE-2021-25122 — CVSS 7.5 (high): When responding to new h2c connection requests, Apache Tomcat versions 10.0.0-M1 to 10.0.0, 9.0.0.M1 to 9.0.41 and 8.5.0 to 8.5.61 could…
CVE-2026-34483 — CVSS 7.5 (high): Improper Encoding or Escaping of Output vulnerability in the JsonAccessLogValve component of Apache Tomcat. This issue affects Apache…
CVE-2020-17527 — CVSS 7.5 (high): While investigating bug 64830 it was discovered that Apache Tomcat 10.0.0-M1 to 10.0.0-M9, 9.0.0-M1 to 9.0.39 and 8.5.0 to 8.5.59 could…
CVE-2020-13935 — CVSS 7.5 (high): The payload length in a WebSocket frame was not correctly validated in Apache Tomcat 10.0.0-M1 to 10.0.0-M6, 9.0.0.M1 to 9.0.36, 8.5.0 to…
CVE-2020-13934 — CVSS 7.5 (high): An h2c direct connection to Apache Tomcat 10.0.0-M1 to 10.0.0-M6, 9.0.0.M5 to 9.0.36 and 8.5.1 to 8.5.56 did not release the HTTP/1.1…
CVE-2020-11996 — CVSS 7.5 (high): A specially crafted sequence of HTTP/2 requests sent to Apache Tomcat 10.0.0-M1 to 10.0.0-M5, 9.0.0.M1 to 9.0.35 and 8.5.0 to 8.5.55 could…
CVE-2019-17563 — CVSS 7.5 (high): When using FORM authentication with Apache Tomcat 9.0.0.M1 to 9.0.29, 8.5.0 to 8.5.49 and 7.0.0 to 7.0.98 there was a narrow window where…
CVE-2009-3548 — CVSS 7.5 (high): The Windows installer for Apache Tomcat 6.0.0 through 6.0.20, 5.5.0 through 5.5.28, and possibly earlier versions uses a blank default…
CVE-2019-10072 — CVSS 7.5 (high): The fix for CVE-2019-0199 was incomplete and did not address HTTP/2 connection window exhaustion on write in Apache Tomcat versions…
CVE-2026-34486 — CVSS 7.5 (high): Missing Encryption of Sensitive Data vulnerability in Apache Tomcat due to the fix for CVE-2026-29146 allowing the bypass of the…
CVE-2019-0199 — CVSS 7.5 (high): The HTTP/2 implementation in Apache Tomcat 9.0.0.M1 to 9.0.14 and 8.5.0 to 8.5.37 accepted streams with excessive numbers of SETTINGS…
CVE-2018-8034 — CVSS 7.5 (high): The host name verification when using TLS with the WebSocket client was missing. It is now enabled by default. Versions Affected: Apache…
CVE-2026-34487 — CVSS 7.5 (high): Insertion of Sensitive Information into Log File vulnerability in the cloud membership for clustering component of Apache Tomcat exposed…
CVE-2018-1336 — CVSS 7.5 (high): An improper handing of overflow in the UTF-8 decoder with supplementary characters can lead to an infinite loop in the decoder causing a…
CVE-2017-7675 — CVSS 7.5 (high): The HTTP/2 implementation in Apache Tomcat 9.0.0.M1 to 9.0.0.M21 and 8.5.0 to 8.5.15 bypassed a number of security checks that prevented…
CVE-2017-5664 — CVSS 7.5 (high): The error page mechanism of the Java Servlet Specification requires that, when an error occurs and an error page is configured for the…
CVE-2026-41284 — CVSS 7.5 (high): Allocation of Resources Without Limits or Throttling vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1…
CVE-2017-5650 — CVSS 7.5 (high): In Apache Tomcat 9.0.0.M1 to 9.0.0.M18 and 8.5.0 to 8.5.12, the handling of an HTTP/2 GOAWAY frame for a connection did not close streams…
CVE-2017-5647 — CVSS 7.5 (high): A bug in the handling of the pipelined requests in Apache Tomcat 9.0.0.M1 to 9.0.0.M18, 8.5.0 to 8.5.12, 8.0.0.RC1 to 8.0.42, 7.0.0 to…
CVE-2002-1394 — CVSS 7.5 (high): Apache Tomcat 4.0.5 and earlier, when using both the invoker servlet and the default servlet, allows remote attackers to read source code…
CVE-2017-12616 — CVSS 7.5 (high): When using a VirtualDirContext with Apache Tomcat 7.0.0 to 7.0.80 it was possible to bypass security constraints and/or view the source…
CVE-2011-3190 — CVSS 7.5 (high): Certain AJP protocol connector implementations in Apache Tomcat 7.0.0 through 7.0.20, 6.0.0 through 6.0.33, 5.5.0 through 5.5.33, and…
CVE-2016-8747 — CVSS 7.5 (high): An information disclosure issue was discovered in Apache Tomcat 8.5.7 to 8.5.9 and 9.0.0.M11 to 9.0.0.M15 in reverse-proxy configurations…
CVE-2016-8745 — CVSS 7.5 (high): A bug in the error handling of the send file code for the NIO HTTP connector in Apache Tomcat 9.0.0.M1 to 9.0.0.M13, 8.5.0 to 8.5.8…
CVE-2026-55957 — CVSS 7.3 (high): Missing Critical Step in Authentication vulnerability in Apache Tomcat when the JNDIRealm was configured to authenticate binds using GSSAPI…
CVE-2026-53404 — CVSS 7.3 (high): Always-Incorrect Control Flow Implementation vulnerability in Apache Tomcat's rewrite valve meant that if the first condition in an OR…
CVE-2026-42498 — CVSS 7.3 (high): Exposure of HTTP Authentication Header to unexpected hosts during WebSocket authentication vulnerability in Apache Tomcat. This issue…
CVE-2025-46701 — CVSS 7.3 (high): Improper Handling of Case Sensitivity vulnerability in Apache Tomcat's GCI servlet allows security constraint bypass of security…
CVE-2016-6816 — CVSS 7.1 (high): The code in Apache Tomcat 9.0.0.M1 to 9.0.0.M11, 8.5.0 to 8.5.6, 8.0.0.RC1 to 8.0.38, 7.0.0 to 7.0.72, and 6.0.0 to 6.0.47 that parsed the…
CVE-2022-23181 — CVSS 7.0 (high): The fix for bug CVE-2020-9484 introduced a time of check, time of use vulnerability into Apache Tomcat 10.1.0-M1 to 10.1.0-M8, 10.0.0-M5 to…
CVE-2019-12418 — CVSS 7.0 (high): When Apache Tomcat 9.0.0.M1 to 9.0.28, 8.5.0 to 8.5.47, 7.0.0 and 7.0.97 is configured with the JMX Remote Lifecycle Listener, a local…
CVE-2020-9484 — CVSS 7.0 (high): When using Apache Tomcat versions 10.0.0-M1 to 10.0.0-M4, 9.0.0.M1 to 9.0.34, 8.5.0 to 8.5.54 and 7.0.0 to 7.0.103 if a) an attacker is…
CVE-2021-25329 — CVSS 7.0 (high): The fix for CVE-2020-9484 was incomplete. When using Apache Tomcat 10.0.0-M1 to 10.0.0, 9.0.0.M1 to 9.0.41, 8.5.0 to 8.5.61 or 7.0.0. to…
CVE-2013-2067 — CVSS 6.8 (medium): java/org/apache/catalina/authenticator/FormAuthenticator.java in the form authentication feature in Apache Tomcat 6.0.21 through 6.0.36 and…
CVE-2002-1567 — CVSS 6.8 (medium): Cross-site scripting (XSS) vulnerability in Apache Tomcat 4.1 allows remote attackers to execute arbitrary web script and steal cookies via…
CVE-2003-0044 — CVSS 6.8 (medium): Multiple cross-site scripting (XSS) vulnerabilities in the (1) examples and (2) ROOT web applications for Jakarta Tomcat 3.x through 3.3.1a…
CVE-2013-4444 — CVSS 6.8 (medium): Unrestricted file upload vulnerability in Apache Tomcat 7.x before 7.0.40, in certain situations involving outdated java.io.File code and a…
CVE-2013-6357 — CVSS 6.8 (medium): Cross-site request forgery (CSRF) vulnerability in the Manager application in Apache Tomcat 5.5.25 and earlier allows remote attackers to…
CVE-2018-1305 — CVSS 6.5 (medium): Security constraints defined by annotations of Servlets in Apache Tomcat 9.0.0.M1 to 9.0.4, 8.5.0 to 8.5.27, 8.0.0.RC1 to 8.0.49 and 7.0.0…
CVE-2021-30640 — CVSS 6.5 (medium): A vulnerability in the JNDI Realm of Apache Tomcat allows an attacker to authenticate using variations of a valid user name and/or to…
CVE-2024-52317 — CVSS 6.5 (medium): Incorrect object re-cycling and re-use vulnerability in Apache Tomcat. Incorrect recycling of the request and response used by HTTP/2…
CVE-2025-55668 — CVSS 6.5 (medium): Session Fixation vulnerability in Apache Tomcat via rewrite valve. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.7, from…
CVE-2026-34500 — CVSS 6.5 (medium): CLIENT_CERT authentication does not fail as expected for some scenarios when soft fail is disabled and FFM is used in Apache Tomcat. This…
CVE-2026-55955 — CVSS 6.5 (medium): Improper Authentication vulnerability in Apache Tomcat allowed a replay attack against the EncryptionInterceptor in the cluster component…
CVE-2026-55956 — CVSS 6.5 (medium): Improper Authorization vulnerability in Apache Tomcat leads to security constraints specified for the default servlet ignoring any method…
CVE-2014-0227 — CVSS 6.4 (medium): java/org/apache/coyote/http11/filters/ChunkedInputFilter.java in Apache Tomcat 6.x before 6.0.42, 7.x before 7.0.55, and 8.x before 8.0.9…
CVE-2000-0759 — CVSS 6.4 (medium): Jakarta Tomcat 3.1 under Apache reveals physical path information when a remote attacker requests a URL that does not exist, which…
CVE-2010-4312 — CVSS 6.4 (medium): The default configuration of Apache Tomcat 6.x does not include the HTTPOnly flag in a Set-Cookie header, which makes it easier for remote…
CVE-2000-0760 — CVSS 6.4 (medium): The Snoop servlet in Jakarta Tomcat 3.1 and 3.0 under Apache reveals sensitive system information when a remote attacker requests a…
CVE-2010-2227 — CVSS 6.4 (medium): Apache Tomcat 5.5.0 through 5.5.29, 6.0.0 through 6.0.27, and 7.0.0 beta does not properly handle an invalid Transfer-Encoding header…
CVE-2007-5342 — CVSS 6.4 (medium): The default catalina.policy in the JULI logging component in Apache Tomcat 5.5.9 through 5.5.25 and 6.0.0 through 6.0.15 does not restrict…
CVE-2016-0763 — CVSS 6.3 (medium): The setGlobalContext method in org/apache/naming/factory/ResourceLinkFactory.java in Apache Tomcat 7.x before 7.0.68, 8.x before 8.0.31…
CVE-2024-23672 — CVSS 6.3 (medium): Denial of Service via incomplete cleanup vulnerability in Apache Tomcat. It was possible for WebSocket clients to keep WebSocket…
CVE-2022-34305 — CVSS 6.1 (medium): In Apache Tomcat 10.1.0-M1 to 10.1.0-M16, 10.0.0-M1 to 10.0.22, 9.0.30 to 9.0.64 and 8.5.50 to 8.5.81 the Form authentication example in…
CVE-2026-50229 — CVSS 6.1 (medium): Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in the number guess example for Apache Tomcat…
CVE-2026-25854 — CVSS 6.1 (medium): Occasional URL redirection to untrusted Site ('Open Redirect') vulnerability in Apache Tomcat via the LoadBalancerDrainingValve. This issue…
CVE-2024-52318 — CVSS 6.1 (medium): Incorrect object recycling and reuse vulnerability in Apache Tomcat. This issue affects Apache Tomcat: 11.0.0, 10.1.31, 9.0.96. Users are…
CVE-2019-0221 — CVSS 6.1 (medium): The SSI printenv command in Apache Tomcat 9.0.0.M1 to 9.0.0.17, 8.5.0 to 8.5.39 and 7.0.0 to 7.0.93 echoes user provided data without…
CVE-2023-41080 — CVSS 6.1 (medium): URL Redirection to Untrusted Site ('Open Redirect') vulnerability in FORM authentication feature Apache Tomcat.This issue affects Apache…
CVE-2016-0762 — CVSS 5.9 (medium): The Realm implementations in Apache Tomcat versions 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 and 6.0.0 to…
CVE-2018-1304 — CVSS 5.9 (medium): The URL pattern of "" (the empty string) which exactly maps to the context root was not correctly handled in Apache Tomcat 9.0.0.M1 to…
CVE-2023-42794 — CVSS 5.9 (medium): Incomplete Cleanup vulnerability in Apache Tomcat. The internal fork of Commons FileUpload packaged with Apache Tomcat 9.0.70 through…
CVE-2018-8037 — CVSS 5.9 (medium): If an async request was completed by the application at the same time as the container triggered the async timeout, a race condition…
CVE-2021-24122 — CVSS 5.9 (medium): When serving resources from a network location using the NTFS file system, Apache Tomcat versions 10.0.0-M1 to 10.0.0-M9, 9.0.0.M1 to…
CVE-2019-2684 — CVSS 5.9 (medium): Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: RMI). Supported versions that are affected are…
CVE-2011-1419 — CVSS 5.8 (medium): Apache Tomcat 7.x before 7.0.11, when web.xml has no security constraints, does not follow ServletSecurity annotations, which allows remote…
CVE-2011-1183 — CVSS 5.8 (medium): Apache Tomcat 7.0.11, when web.xml has no login configuration, does not follow security constraints, which allows remote attackers to…
CVE-2011-1088 — CVSS 5.8 (medium): Apache Tomcat 7.x before 7.0.10 does not follow ServletSecurity annotations, which allows remote attackers to bypass intended access…
CVE-2008-0002 — CVSS 5.8 (medium): Apache Tomcat 6.0.0 through 6.0.15 processes parameters in the context of the wrong request when an exception occurs during parameter…
CVE-2009-2693 — CVSS 5.8 (medium): Directory traversal vulnerability in Apache Tomcat 5.5.0 through 5.5.28 and 6.0.0 through 6.0.20 allows remote attackers to create or…
CVE-2013-4286 — CVSS 5.8 (medium): Apache Tomcat before 6.0.39, 7.x before 7.0.47, and 8.x before 8.0.0-RC3, when an HTTP connector or AJP connector is used, does not…
CVE-2025-61795 — CVSS 5.3 (medium): Improper Resource Shutdown or Release vulnerability in Apache Tomcat. If an error occurred (including exceeding limits) during the…
CVE-2024-21733 — CVSS 5.3 (medium): Generation of Error Message Containing Sensitive Information vulnerability in Apache Tomcat.This issue affects Apache Tomcat: from 8.5.7…
CVE-2015-5345 — CVSS 5.3 (medium): The Mapper component in Apache Tomcat 6.x before 6.0.45, 7.x before 7.0.68, 8.x before 8.0.30, and 9.x before 9.0.0.M2 processes redirects…
CVE-2016-6794 — CVSS 5.3 (medium): When a SecurityManager is configured, a web application's ability to read system properties should be controlled by the SecurityManager. In…
CVE-2023-45648 — CVSS 5.3 (medium): Improper Input Validation vulnerability in Apache Tomcat.Tomcat from 11.0.0-M1 through 11.0.0-M11, from 10.1.0-M1 through 10.1.13, from…
CVE-2023-42795 — CVSS 5.3 (medium): Incomplete Cleanup vulnerability in Apache Tomcat.When recycling various internal objects in Apache Tomcat from 11.0.0-M1 through…
CVE-2026-32990 — CVSS 5.3 (medium): Improper Input Validation vulnerability in Apache Tomcat due to an incomplete fix of CVE-2025-66614. This issue affects Apache Tomcat: from…
CVE-2024-54677 — CVSS 5.3 (medium): Uncontrolled Resource Consumption vulnerability in the examples web application provided with Apache Tomcat leads to denial of service…
CVE-2017-15706 — CVSS 5.3 (medium): As part of the fix for bug 61201, the documentation for Apache Tomcat 9.0.0.M22 to 9.0.1, 8.5.16 to 8.5.23, 8.0.45 to 8.0.47 and 7.0.79 to…
CVE-2021-33037 — CVSS 5.3 (medium): Apache Tomcat 10.0.0-M1 to 10.0.6, 9.0.0.M1 to 9.0.46 and 8.5.0 to 8.5.66 did not correctly parse the HTTP transfer-encoding request header…
CVE-2001-0829 — CVSS 5.1 (medium): A cross-site scripting vulnerability in Apache Tomcat 3.2.1 allows a malicious webmaster to embed Javascript in a request for a .JSP file…
CVE-2014-0075 — CVSS 5.0 (medium): Integer overflow in the parseChunkHeader function in java/org/apache/coyote/http11/filters/ChunkedInputFilter.java in Apache Tomcat before…
CVE-2014-7810 — CVSS 5.0 (medium): The Expression Language (EL) implementation in Apache Tomcat 6.x before 6.0.44, 7.x before 7.0.58, and 8.x before 8.0.16 does not properly…
CVE-2012-5887 — CVSS 5.0 (medium): The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.36, 6.x before 6.0.36, and 7.x before 7.0.30 does…
CVE-2012-5886 — CVSS 5.0 (medium): The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.36, 6.x before 6.0.36, and 7.x before 7.0.30 caches…
CVE-2012-5885 — CVSS 5.0 (medium): The replay-countermeasure functionality in the HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.36, 6.x…
CVE-2012-5568 — CVSS 5.0 (medium): Apache Tomcat through 7.0.x allows remote attackers to cause a denial of service (daemon outage) via partial HTTP requests, as demonstrated…
CVE-2012-3544 — CVSS 5.0 (medium): Apache Tomcat 6.x before 6.0.37 and 7.x before 7.0.30 does not properly handle chunk extensions in chunked transfer coding, which allows…
CVE-2012-2733 — CVSS 5.0 (medium): java/org/apache/coyote/http11/InternalNioInputBuffer.java in the HTTP NIO connector in Apache Tomcat 6.x before 6.0.36 and 7.x before…
CVE-2012-0022 — CVSS 5.0 (medium): Apache Tomcat 5.5.x before 5.5.35, 6.x before 6.0.34, and 7.x before 7.0.23 uses an inefficient approach for handling parameters, which…
CVE-2011-5062 — CVSS 5.0 (medium): The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.12 does…
CVE-2011-4858 — CVSS 5.0 (medium): Apache Tomcat before 5.5.35, 6.x before 6.0.35, and 7.x before 7.0.23 computes hash values for form parameters without restricting the…
CVE-2011-3375 — CVSS 5.0 (medium): Apache Tomcat 6.0.30 through 6.0.33 and 7.x before 7.0.22 does not properly perform certain caching and recycling operations involving…
CVE-2011-2729 — CVSS 5.0 (medium): native/unix/native/jsvc-unix.c in jsvc in the Daemon component 1.0.3 through 1.0.6 in Apache Commons, as used in Apache Tomcat 5.5.32…
CVE-2011-1475 — CVSS 5.0 (medium): The HTTP BIO connector in Apache Tomcat 7.0.x before 7.0.12 does not properly handle HTTP pipelining, which allows remote attackers to read…
CVE-2011-1184 — CVSS 5.0 (medium): The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.12 does…
CVE-2011-0534 — CVSS 5.0 (medium): Apache Tomcat 7.0.0 through 7.0.6 and 6.0.0 through 6.0.30 does not enforce the maxHttpHeaderSize limit for requests involving the NIO HTTP…
CVE-2000-0672 — CVSS 5.0 (medium): The default configuration of Jakarta Tomcat does not restrict access to the /admin context, which allows remote attackers to read arbitrary…
CVE-2009-0033 — CVSS 5.0 (medium): Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18, when the Java AJP connector and mod_jk load balancing…
CVE-2008-5515 — CVSS 5.0 (medium): Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, 6.0.0 through 6.0.18, and possibly earlier versions normalizes the target…
CVE-2001-0590 — CVSS 5.0 (medium): Apache Software Foundation Tomcat Servlet prior to 3.2.2 allows a remote attacker to read the source code to arbitrary 'jsp' files via a…
CVE-2008-2370 — CVSS 5.0 (medium): Apache Tomcat 4.1.0 through 4.1.37, 5.5.0 through 5.5.26, and 6.0.0 through 6.0.16, when a RequestDispatcher is used, performs path…
CVE-2008-0128 — CVSS 5.0 (medium): The SingleSignOn Valve (org.apache.catalina.authenticator.SingleSignOn) in Apache Tomcat before 5.5.21 does not set the secure flag for the…
CVE-2007-5333 — CVSS 5.0 (medium): Apache Tomcat 6.0.0 through 6.0.14, 5.5.0 through 5.5.25, and 4.1.0 through 4.1.36 does not properly handle (1) double quote (") characters…
CVE-2000-1210 — CVSS 5.0 (medium): Directory traversal vulnerability in source.jsp of Apache Tomcat before 3.1 allows remote attackers to read arbitrary files via a .. (dot…
CVE-2007-0450 — CVSS 5.0 (medium): Directory traversal vulnerability in Apache HTTP Server and Tomcat 5.x before 5.5.22 and 6.x before 6.0.10, when using certain proxy…
CVE-2006-3835 — CVSS 5.0 (medium): Apache Tomcat 5 before 5.5.17 allows remote attackers to list directories via a semicolon (;) preceding a filename with a mapped extension…
CVE-2005-4703 — CVSS 5.0 (medium): Apache Tomcat 4.0.3, when running on Windows, allows remote attackers to obtain sensitive information via a request for a file that…
CVE-2005-3510 — CVSS 5.0 (medium): Apache Tomcat 5.5.0 to 5.5.11 allows remote attackers to cause a denial of service (CPU consumption) via a large number of simultaneous…
CVE-2005-0808 — CVSS 5.0 (medium): Apache Tomcat before 5.x allows remote attackers to cause a denial of service (application crash) via a crafted AJP12 packet to TCP port…
CVE-2003-0866 — CVSS 5.0 (medium): The Catalina org.apache.catalina.connector.http package in Tomcat 4.0.x up to 4.0.3 allows remote attackers to cause a denial of service…
CVE-2003-0045 — CVSS 5.0 (medium): Jakarta Tomcat before 3.3.1a on certain Windows systems may allow remote attackers to cause a denial of service (thread hang and resource…
CVE-2003-0043 — CVSS 5.0 (medium): Jakarta Tomcat before 3.3.1a, when used with JDK 1.3.1 or earlier, uses trusted privileges when processing the web.xml file, which could…
CVE-2003-0042 — CVSS 5.0 (medium): Jakarta Tomcat before 3.3.1a, when used with JDK 1.3.1 or earlier, allows remote attackers to list directories even with an index.html or…
CVE-2002-2009 — CVSS 5.0 (medium): Apache Tomcat 4.0.1 allows remote attackers to obtain the web root path via HTTP requests for JSP files preceded by (1) +/, (2) >/, (3) </…
CVE-2002-2008 — CVSS 5.0 (medium): Apache Tomcat 4.0.3 for Windows allows remote attackers to obtain the web root path via an HTTP request for a resource that does not exist…
CVE-2002-2007 — CVSS 5.0 (medium): The default installations of Apache Tomcat 3.2.3 and 3.2.4 allows remote attackers to obtain sensitive system information such as directory…
CVE-2002-2006 — CVSS 5.0 (medium): The default installation of Apache Tomcat 4.0 through 4.1 and 3.0 through 3.3.1 allows remote attackers to obtain the installation path and…
CVE-2002-1895 — CVSS 5.0 (medium): The servlet engine in Jakarta Apache Tomcat 3.3 and 4.0.4, when using IIS and the ajp1.3 connector, allows remote attackers to cause a…
CVE-2002-1148 — CVSS 5.0 (medium): The default servlet (org.apache.catalina.servlets.DefaultServlet) in Tomcat 4.0.4 and 4.1.10 and earlier allows remote attackers to read…
CVE-2002-0936 — CVSS 5.0 (medium): The Java Server Pages (JSP) engine in Tomcat allows web page owners to cause a denial of service (engine crash) on the web server via a JSP…
CVE-2002-0935 — CVSS 5.0 (medium): Apache Tomcat 4.0.3, and possibly other versions before 4.1.3 beta, allows remote attackers to cause a denial of service (resource…
CVE-2001-0917 — CVSS 5.0 (medium): Jakarta Tomcat 4.0.1 allows remote attackers to reveal physical path information by requesting a long URL with a .JSP extension.
CVE-2014-0095 — CVSS 5.0 (medium): java/org/apache/coyote/ajp/AbstractAjpProcessor.java in Apache Tomcat 8.x before 8.0.4 allows remote attackers to cause a denial of service…
CVE-2020-1935 — CVSS 4.8 (medium): In Apache Tomcat 9.0.0.M1 to 9.0.30, 8.5.0 to 8.5.50 and 7.0.0 to 7.0.99 the HTTP header parsing code used an approach to end-of-line…
CVE-2019-17569 — CVSS 4.8 (medium): The refactoring present in Apache Tomcat 9.0.28 to 9.0.30, 8.5.48 to 8.5.50 and 7.0.98 to 7.0.99 introduced a regression. The result of the…