org.apache.tomcat:tomcat-catalina
Maven38 known CVEs affecting this package
Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.
CVEs affecting org.apache.tomcat:tomcat-catalinapage 1 of 1
- CVE-2012-5886NONECVSS 0.0EG 0.0✓ Fixed in 7.0.302012-11-17
vulnerable: 7.0.0 ... 7.0.8 (20 versions)
The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.36, 6.x before 6.0.36, and 7.x before 7.0.30 caches information about the authenticated user within the session state, which makes it easier for remote …
- CVE-2014-0096NONECVSS 0.0EG 0.0✓ Fixed in 8.0.62014-05-31
vulnerable: 8.0.1, 8.0.3, 8.0.5
java/org/apache/catalina/servlets/DefaultServlet.java in the default servlet in Apache Tomcat before 6.0.40, 7.x before 7.0.53, and 8.x before 8.0.4 does not properly restrict XSLT stylesheets, which allows remote attackers to bypass secur…
- CVE-2014-0119NONECVSS 0.0EG 0.0✓ Fixed in 8.0.62014-05-31
vulnerable: 8.0.1, 8.0.3, 8.0.5
Apache Tomcat before 6.0.40, 7.x before 7.0.54, and 8.x before 8.0.6 does not properly constrain the class loader that accesses the XML parser used with an XSLT stylesheet, which allows remote attackers to (1) read arbitrary files via a cr…
- CVE-2016-5388HIGHCVSS 8.1EG 8.1✓ Fixed in 8.5.52016-07-19
vulnerable: 8.0.1 ... 8.5.4 (45 versions)
Apache Tomcat 7.x through 7.0.70 and 8.x through 8.5.4, when the CGI Servlet is enabled, follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment v…
- CVE-2016-8735CRITICALCVSS 9.8EG 9.8⚠ KEV✓ Fixed in 9.0.0.M122017-04-06
vulnerable: 9.0.0.M1 ... 9.0.0.M9 (8 versions)
Remote code execution is possible with Apache Tomcat before 6.0.48, 7.x before 7.0.73, 8.x before 8.0.39, 8.5.x before 8.5.7, and 9.x before 9.0.0.M12 if JmxRemoteLifecycleListener is used and an attacker can reach JMX ports. The issue exi…
- CVE-2017-12616HIGHCVSS 7.5EG 9.0✓ Fixed in 7.0.812017-09-19
vulnerable: 7.0.0 ... 7.0.8 (55 versions)
When using a VirtualDirContext with Apache Tomcat 7.0.0 to 7.0.80 it was possible to bypass security constraints and/or view the source code of JSPs for resources served by the VirtualDirContext using a specially crafted request.
- CVE-2017-12617HIGHCVSS 8.1EG 9.0⚠ KEV✓ Fixed in 7.0.822017-10-04
vulnerable: 7.0.0 ... 7.0.81 (56 versions)
When running Apache Tomcat versions 9.0.0.M1 to 9.0.0, 8.5.0 to 8.5.22, 8.0.0.RC1 to 8.0.46 and 7.0.0 to 7.0.81 with HTTP PUTs enabled (e.g. via setting the readonly initialisation parameter of the Default servlet to false) it was possible…
- CVE-2017-5648CRITICALCVSS 9.1EG 9.1✓ Fixed in 7.0.762017-04-17
vulnerable: 7.0.0 ... 7.0.8 (51 versions)
While investigating bug 60718, it was noticed that some calls to application listeners in Apache Tomcat 9.0.0.M1 to 9.0.0.M17, 8.5.0 to 8.5.11, 8.0.0.RC1 to 8.0.41, and 7.0.0 to 7.0.75 did not use the appropriate facade object. When runnin…
- CVE-2020-9484HIGHCVSS 7.0EG 9.0✓ Fixed in 7.0.1042020-05-20
vulnerable: 7.0.0 ... 7.0.99 (70 versions)
When using Apache Tomcat versions 10.0.0-M1 to 10.0.0-M4, 9.0.0.M1 to 9.0.34, 8.5.0 to 8.5.54 and 7.0.0 to 7.0.103 if a) an attacker is able to control the contents and name of a file on the server; and b) the server is configured to use t…
- CVE-2022-45143HIGHCVSS 7.5EG 7.5✓ Fixed in 10.1.22023-01-03
vulnerable: 10.1.0, 10.1.1
The JsonErrorReportValve in Apache Tomcat 8.5.83, 9.0.40 to 9.0.68 and 10.1.0-M1 to 10.1.1 did not escape the type, message or description values. In some circumstances these are constructed from user provided data and it was therefore pos…
- CVE-2023-28708MEDIUMCVSS 4.3EG 4.3✓ Fixed in 8.5.862023-03-22
vulnerable: 8.5.0 ... 8.5.9 (70 versions)
When using the RemoteIpFilter with requests received from a reverse proxy via HTTP that include the X-Forwarded-Proto header set to https, session cookies created by Apache Tomcat 11.0.0-M1 to 11.0.0.-M2, 10.1.0-M1 to 10.1.5, 9.0.0-M…
- CVE-2023-46589HIGHCVSS 7.5EG 7.5✓ Fixed in 8.5.962023-11-28
vulnerable: 8.5.0 ... 8.5.95 (80 versions)
Improper Input Validation vulnerability in Apache Tomcat.Tomcat from 11.0.0-M1 through 11.0.0-M10, from 10.1.0-M1 through 10.1.15, from 9.0.0-M1 through 9.0.82 and from 8.5.0 through 8.5.95 did not correctly parse HTTP trailer headers. A t…
- CVE-2024-50379CRITICALCVSS 9.8EG 9.82024-12-17
vulnerable: 8.5.0 ... 8.5.99 (85 versions)
Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability during JSP compilation in Apache Tomcat permits an RCE on case insensitive file systems when the default servlet is enabled for write (non-default configuration). This issue …
- CVE-2024-52316CRITICALCVSS 9.8EG 9.8✓ Fixed in 11.0.12024-11-18
vulnerable: 11.0.0 ... 11.0.0-M9 (24 versions)
Unchecked Error Condition vulnerability in Apache Tomcat. If Tomcat is configured to use a custom Jakarta Authentication (formerly JASPIC) ServerAuthContext component which may throw an exception during the authentication process without …
- CVE-2024-54677MEDIUMCVSS 5.3EG 5.32024-12-17
vulnerable: 8.5.0 ... 8.5.99 (85 versions)
Uncontrolled Resource Consumption vulnerability in the examples web application provided with Apache Tomcat leads to denial of service. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.1, from 10.1.0-M1 through 10.1.33, from …
- CVE-2024-56337CRITICALCVSS 9.8EG 9.8✓ Fixed in 10.1.342024-12-20
vulnerable: 10.1.0 ... 10.1.9 (43 versions)
Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.1, from 10.1.0-M1 through 10.1.33, from 9.0.0.M1 through 9.0.97. The following versions were E…
- CVE-2025-24813CRITICALCVSS 9.8EG 9.8⚠ KEV✓ Fixed in 11.0.32025-03-10
vulnerable: 11.0.0 ... 11.0.2 (26 versions)
Path Equivalence: 'file.Name' (Internal Dot) leading to Remote Code Execution and/or Information disclosure and/or malicious content added to uploaded files via write enabled Default Servlet in Apache Tomcat. This issue affects Apache…
- CVE-2025-31651CRITICALCVSS 9.8EG 9.8✓ Fixed in 9.0.1042025-04-28
vulnerable: 9.0.100 ... 9.0.99 (24 versions)
Improper Neutralization of Escape, Meta, or Control Sequences vulnerability in Apache Tomcat. For a subset of unlikely rewrite rule configurations, it was possible for a specially crafted request to bypass some rewrite rules. If those r…
- CVE-2025-46701HIGHCVSS 7.3EG 7.3✓ Fixed in 9.0.1052025-05-29
vulnerable: 9.0.0.M1 ... 9.0.99 (104 versions)
Improper Handling of Case Sensitivity vulnerability in Apache Tomcat's GCI servlet allows security constraint bypass of security constraints that apply to the pathInfo component of a URI mapped to the CGI servlet. This issue affects Apach…
- CVE-2025-49124HIGHCVSS 8.4EG 8.4✓ Fixed in 11.0.82025-06-16
vulnerable: 11.0.0 ... 11.0.7 (31 versions)
Untrusted Search Path vulnerability in Apache Tomcat installer for Windows. During installation, the Tomcat installer for Windows used icacls.exe without specifying a full path. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.…
- CVE-2025-49125HIGHCVSS 7.5EG 7.5✓ Fixed in 11.0.82025-06-16
vulnerable: 11.0.0 ... 11.0.7 (31 versions)
Authentication Bypass Using an Alternate Path or Channel vulnerability in Apache Tomcat. When using PreResources or PostResources mounted other than at the root of the web application, it was possible to access those resources via an une…
- CVE-2025-52520HIGHCVSS 7.5EG 7.5✓ Fixed in 11.0.92025-07-10
vulnerable: 11.0.0 ... 11.0.8 (32 versions)
For some unlikely configurations of multipart upload, an Integer Overflow vulnerability in Apache Tomcat could lead to a DoS via bypassing of size limits. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.8, from 10.1.0-M1 thr…
- CVE-2025-55668MEDIUMCVSS 6.5EG 6.5✓ Fixed in 11.0.82025-08-13
vulnerable: 11.0.0 ... 11.0.7 (31 versions)
Session Fixation vulnerability in Apache Tomcat via rewrite valve. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.7, from 10.1.0-M1 through 10.1.41, from 9.0.0.M1 through 9.0.105. Older, EOL versions may also be affected. …
- CVE-2025-55752HIGHCVSS 7.5EG 7.52025-10-27
vulnerable: 8.5.100 ... 8.5.99 (80 versions)
Relative Path Traversal vulnerability in Apache Tomcat. The fix for bug 60013 introduced a regression where the rewritten URL was normalized before it was decoded. This introduced the possibility that, for rewrite rules that r…
- CVE-2025-55754CRITICALCVSS 9.6EG 9.62025-10-27
vulnerable: 8.5.100 ... 8.5.99 (37 versions)
Improper Neutralization of Escape, Meta, or Control Sequences vulnerability in Apache Tomcat. Tomcat did not escape ANSI escape sequences in log messages. If Tomcat was running in a console on a Windows operating system, and the console s…
- CVE-2025-61795MEDIUMCVSS 5.3EG 5.32025-10-27
vulnerable: 8.5.0 ... 8.5.99 (85 versions)
Improper Resource Shutdown or Release vulnerability in Apache Tomcat. If an error occurred (including exceeding limits) during the processing of a multipart upload, temporary copies of the uploaded parts written to disc were not cleaned u…
- CVE-2025-66614CRITICALCVSS 9.1EG 9.1✓ Fixed in 11.0.152026-02-17
vulnerable: 11.0.0 ... 11.0.9 (38 versions)
Improper Input Validation vulnerability. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.14, from 10.1.0-M1 through 10.1.49, from 9.0.0-M1 through 9.0.112. The following versions were EOL at the time the CVE was created but…
- CVE-2026-24733LOWCVSS 3.7EG 3.7✓ Fixed in 11.0.152026-02-17
vulnerable: 11.0.0 ... 11.0.9 (38 versions)
Improper Input Validation vulnerability in Apache Tomcat. Tomcat did not limit HTTP/0.9 requests to the GET method. If a security constraint was configured to allow HEAD requests to a URI but deny GET requests, the user could bypass th…
- CVE-2026-25854MEDIUMCVSS 6.1EG 6.1✓ Fixed in 11.0.202026-04-09
vulnerable: 11.0.0 ... 11.0.9 (40 versions)
Occasional URL redirection to untrusted Site ('Open Redirect') vulnerability in Apache Tomcat via the LoadBalancerDrainingValve. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.18, from 10.1.0-M1 through 10.1.52, from 9.0.0.…
- CVE-2026-34483HIGHCVSS 7.5EG 7.5✓ Fixed in 11.0.212026-04-09
vulnerable: 11.0.0 ... 11.0.9 (41 versions)
Improper Encoding or Escaping of Output vulnerability in the JsonAccessLogValve component of Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.20, from 10.1.0-M1 through 10.1.53, from 9.0.40 through 9.0.116. Us…
- CVE-2026-34487HIGHCVSS 7.5EG 7.5✓ Fixed in 11.0.212026-04-09
vulnerable: 11.0.0 ... 11.0.9 (41 versions)
Insertion of Sensitive Information into Log File vulnerability in the cloud membership for clustering component of Apache Tomcat exposed the Kubernetes bearer token. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.20, from 1…
- CVE-2026-41284HIGHCVSS 7.5EG 7.5✓ Fixed in 11.0.222026-05-12
vulnerable: 11.0.0 ... 11.0.9 (42 versions)
Allocation of Resources Without Limits or Throttling vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.21, from 10.1.0-M1 through 10.1.54, from 9.0.0.M1 through 9.0.117. Older, unsupported versi…
- CVE-2026-41293CRITICALCVSS 9.8EG 9.8✓ Fixed in 11.0.222026-05-12
vulnerable: 11.0.0 ... 11.0.9 (42 versions)
Improper Input Validation vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.21, from 10.1.0-M1 through 10.1.54, from 9.0.0.M1 through 9.0.117, from 10.0.0-M1 through 10.0.27. Older, end of suppo…
- CVE-2026-42498HIGHCVSS 7.3EG 7.3✓ Fixed in 11.0.222026-05-12
vulnerable: 11.0.0 ... 11.0.9 (42 versions)
Exposure of HTTP Authentication Header to unexpected hosts during WebSocket authentication vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.21, from 10.1.0-M1 through 10.1.54, from 9.0.2 throug…
- CVE-2026-43512CRITICALCVSS 9.8EG 9.8✓ Fixed in 11.0.222026-05-12
vulnerable: 11.0.0 ... 11.0.9 (42 versions)
DEPRECATED: Authentication Bypass Issues vulnerability in digest authentication in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.21, from 10.1.0-M1 through 10.1.54, from 9.0.0.M1 through 9.0.117, from 8.5.0 …
- CVE-2026-43513HIGHCVSS 7.5EG 7.5✓ Fixed in 11.0.222026-05-12
vulnerable: 11.0.0 ... 11.0.9 (42 versions)
Improper Handling of Case Sensitivity vulnerability in LockOutRealm in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.21, from 10.1.0-M1 through 10.1.54, from 9.0.0.M1 through 9.0.117, from 8.5.0 through 8.5.…
- CVE-2026-43514LOWCVSS 3.7EG 3.7✓ Fixed in 11.0.222026-05-12
vulnerable: 11.0.0 ... 11.0.9 (42 versions)
Observable Timing Discrepancy vulnerability when comparing AJP secret in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.21, from 10.1.0-M1 through 10.1.54, from 9.0.0.M1 through 9.0.117, from 8.5.0 through 8…
- CVE-2026-43515CRITICALCVSS 9.1EG 9.1✓ Fixed in 11.0.222026-05-12
vulnerable: 11.0.0 ... 11.0.9 (42 versions)
Improper Authorization vulnerability when multiple method constraints define an HTTP method for the same extension in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.21, from 10.1.0-M1 through 10.1.54, from 9.…
Check whether org.apache.tomcat:tomcat-catalina is used in your infrastructure
EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for org.apache.tomcat:tomcat-catalina CVEs against the assets you own.
Start Free Scan →