org.apache.tomcat:tomcat vulnerabilities

Browse known CVEs and advisories by package and ecosystem. Severity tells you the worst case. What determines real risk is whether the vulnerable code actually runs in your applications.

Get a demo

Browse by ecosystem

npmPyPIMavenGoRubyGemsCargoNuGetComposerpubSwiftGitHub Actions
CVE-IDSeverityPackage summary
CVE-2021-43980Loworg.apache.tomcat:tomcat: Apache Tomcat Race Condition vulnerabilityCVE-2022-34305Mediumorg.apache.tomcat:tomcat: Cross-site Scripting in Apache TomcatCVE-2011-3375Mediumorg.apache.tomcat:tomcat: Apache Tomcat Exposes IP Addresses and HTTP Headers of RequestsCVE-2013-2185Highorg.apache.tomcat:tomcat: Deserialization of Untrusted Data in Apache TomcatCVE-2011-2481Mediumorg.apache.tomcat:tomcat: Apache Tomcat Allows Replacing of XML ParserCVE-2013-2071Loworg.apache.tomcat:tomcat: Exposure of Sensitive Information to an Unauthorized Actor in Apache TomcatCVE-2011-1419Mediumorg.apache.tomcat:tomcat: Apache Tomcat does not follow ServletSecurity annotationsCVE-2012-5887Mediumorg.apache.tomcat:tomcat: Improper Authentication in Apache TomcatCVE-2011-1475Mediumorg.apache.tomcat:tomcat: Apache Tomcat HTTP BIO Connector Error Discloses Information From Different Requests to Remote UsersCVE-2012-3546Mediumorg.apache.tomcat:tomcat: Authentication Bypass in Apache TomcatCVE-2012-4431Mediumorg.apache.tomcat:tomcat: Cross-Site Request Forgery in Apache TomcatCVE-2012-5885Mediumorg.apache.tomcat:tomcat: Improper Access Control in Apache TomcatCVE-2011-4858Mediumorg.apache.tomcat:tomcat: Improper Input Validation in Apache TomcatCVE-2015-5346Highorg.apache.tomcat:tomcat: Improper Neutralization of Input During Web Page Generation in Apache TomcatCVE-2015-5351Highorg.apache.tomcat:tomcat: Apache Tomcat allows remote attackers to bypass a CSRF protection mechanism by using a tokenCVE-2011-0534Highorg.apache.tomcat:tomcat: Apache Tomcat does not enforce the maxHttpHeaderSize limitCVE-2011-1088Mediumorg.apache.tomcat:tomcat: Apache Tomcat allows remote attackers to bypass intended access restrictionsCVE-2011-1183Mediumorg.apache.tomcat:tomcat: Access controll bypass in Apache TomcatCVE-2011-1582Mediumorg.apache.tomcat:tomcat: Access restriction bypass in Apache TomcatCVE-2010-4172Mediumorg.apache.tomcat:tomcat: Improper Neutralization of Input During Web Page Generation in Apache TomcatCVE-2010-4312Mediumorg.apache.tomcat:tomcat: Apache Tomcat has cookies without HTTPOnly flag in Set-Cookie headerCVE-2010-4476Mediumorg.apache.tomcat:tomcat: Apache Tomcat affected by infinite loop in Double.parseDouble method in Java Runtime EnvironmentCVE-2016-0763Mediumorg.apache.tomcat:tomcat: Improper Verification of Source of a Communication Channel in Apache TomcatCVE-2008-5515Mediumorg.apache.tomcat:tomcat: Directory Traversal in Apache TomcatCVE-2011-2526Mediumorg.apache.tomcat:tomcat: Improper Input Validation in Apache Tomcat

Stop the waste.
Protect your environment with Kodem.