pkg:maven/org.apache.tomcat/tomcat-catalina
Type
maven
Namespace
org.apache.tomcat
Name
tomcat-catalina
Known advisories, vulnerabilities and fixes for org.apache.tomcat/tomcat-catalina package.
Critical
2
High
5
Moderate
2
Type | Version | Distribution | # CVEs | # Advisory ID | Title | Severity | Published |
---|---|---|---|---|---|---|---|
Affected | >= 8.5.0, < 8.5.86 >= 9.0.0-M1, < 9.0.72 >= 10.1.0-M1, < 10.1.6 >= 11.0.0-M1, < 11.0.0-M3 |
CVE-2023-28708
|
MAVEN:GHSA-2C9M-W27F-53RM | Apache Tomcat vulnerable to Unprotected Transport of Credentials | moderate |
2023-03-22T12:30:16
(18 months ago) |
|
Fixed | = 8.5.86 = 9.0.72 = 10.1.6 = 11.0.0-M3 |
CVE-2023-28708
|
MAVEN:GHSA-2C9M-W27F-53RM | Apache Tomcat vulnerable to Unprotected Transport of Credentials | moderate |
2023-03-22T12:30:16
(18 months ago) |
|
Affected | >= 7.0.0, < 7.0.104 >= 8.0.0, < 8.5.55 >= 9.0.0, < 9.0.35 >= 10.0.0-M1, <= 10.0.0-M4 |
CVE-2020-9484
|
MAVEN:GHSA-344F-F5VG-2JFJ | Potential remote code execution in Apache Tomcat | high |
2020-05-21T18:52:29
(4 years ago) |
|
Fixed | = 7.0.104 = 8.5.55 = 9.0.35 = 10.0.0-M5 |
CVE-2020-9484
|
MAVEN:GHSA-344F-F5VG-2JFJ | Potential remote code execution in Apache Tomcat | high |
2020-05-21T18:52:29
(4 years ago) |
|
Affected | >= 7.0.0, <= 7.0.75 |
CVE-2017-5648
|
MAVEN:GHSA-3VX3-XF6Q-R5XP | Exposure of Resource to Wrong Sphere in Apache Tomcat | critical |
2022-05-13T01:25:13
(2 years ago) |
|
Fixed | = 7.0.76 |
CVE-2017-5648
|
MAVEN:GHSA-3VX3-XF6Q-R5XP | Exposure of Resource to Wrong Sphere in Apache Tomcat | critical |
2022-05-13T01:25:13
(2 years ago) |
|
Affected | >= 7.0.0, <= 7.0.80 |
CVE-2017-12616
|
MAVEN:GHSA-8QQ4-8JVQ-MFW4 | Exposure of Sensitive Information to an Unauthorized Actor in Apache Tomcat | high |
2022-05-14T01:10:16
(2 years ago) |
|
Fixed | = 7.0.81 |
CVE-2017-12616
|
MAVEN:GHSA-8QQ4-8JVQ-MFW4 | Exposure of Sensitive Information to an Unauthorized Actor in Apache Tomcat | high |
2022-05-14T01:10:16
(2 years ago) |
|
Affected | >= 7.0.0, < 7.0.30 >= 6.0.0, < 6.0.36 >= 5.5.0, < 5.5.36 |
CVE-2012-5886
|
MAVEN:GHSA-9XRJ-439H-62HG | Improper Authentication in Apache Tomcat | moderate |
2022-05-17T01:38:30
(2 years ago) |
|
Fixed | = 7.0.30 = 6.0.36 = 5.5.36 |
CVE-2012-5886
|
MAVEN:GHSA-9XRJ-439H-62HG | Improper Authentication in Apache Tomcat | moderate |
2022-05-17T01:38:30
(2 years ago) |
|
Affected | >= 9.0.0.M1, < 9.0.0.M12 |
CVE-2016-8735
|
MAVEN:GHSA-CW54-59PW-4G8C | Apache Tomcat Improper Access Control vulnerability | critical |
2022-05-13T01:14:52
(2 years ago) |
|
Fixed | = 9.0.0.M12 |
CVE-2016-8735
|
MAVEN:GHSA-CW54-59PW-4G8C | Apache Tomcat Improper Access Control vulnerability | critical |
2022-05-13T01:14:52
(2 years ago) |
|
Affected | >= 8.5.0, < 8.5.96 >= 9.0.0-M1, < 9.0.83 >= 10.1.0-M1, < 10.1.16 >= 11.0.0-M1, < 11.0.0-M11 |
CVE-2023-46589
|
MAVEN:GHSA-FCCV-JMMP-QG76 | Apache Tomcat Improper Input Validation vulnerability | high |
2023-11-28T18:30:23
(9 months ago) |
|
Fixed | = 8.5.96 = 9.0.83 = 10.1.16 = 11.0.0-M11 |
CVE-2023-46589
|
MAVEN:GHSA-FCCV-JMMP-QG76 | Apache Tomcat Improper Input Validation vulnerability | high |
2023-11-28T18:30:23
(9 months ago) |
|
Affected | >= 10.1.0, <= 10.1.1 |
CVE-2022-45143
|
MAVEN:GHSA-RQ2W-37H9-VG94 | Apache Tomcat improperly escapes input from JsonErrorReportValve | high |
2023-01-03T21:30:21
(20 months ago) |
|
Fixed | = 10.1.2 |
CVE-2022-45143
|
MAVEN:GHSA-RQ2W-37H9-VG94 | Apache Tomcat improperly escapes input from JsonErrorReportValve | high |
2023-01-03T21:30:21
(20 months ago) |
|
Affected | >= 8.0.0, < 8.5.5 >= 7.0.0, < 7.0.72 |
CVE-2016-5388
|
MAVEN:GHSA-V646-RX6W-R3QQ | Improper Access Control in Apache Tomcat | high |
2022-05-13T01:23:38
(2 years ago) |
|
Fixed | = 8.5.5 = 7.0.72 |
CVE-2016-5388
|
MAVEN:GHSA-V646-RX6W-R3QQ | Improper Access Control in Apache Tomcat | high |
2022-05-13T01:23:38
(2 years ago) |