| CVE-2016-0714 |
high |
8.8 |
8.8 |
|
|
|
10y ago |
The session-persistence implementation in Apache Tomcat 6.x before 6.0.45, 7.x before 7.0.68, 8.x before 8.0.31, and 9.x before 9.0.0.M2 mishandles session attributes, which allows remote authenticat… |
| CVE-2015-5351 |
high |
8.8 |
8.8 |
|
|
|
10y ago |
The (1) Manager and (2) Host Manager applications in Apache Tomcat 7.x before 7.0.68, 8.x before 8.0.31, and 9.x before 9.0.0.M2 establish sessions and send CSRF tokens for arbitrary new requests, wh… |
| CVE-2014-0050 |
high |
— |
8.5 |
|
|
|
12y ago |
Commons FileUpload Denial of service vulnerability |
| CVE-2015-5346 |
high |
8.1 |
8.1 |
|
|
|
10y ago |
Session fixation vulnerability in Apache Tomcat 7.x before 7.0.66, 8.x before 8.0.30, and 9.x before 9.0.0.M2, when different session settings are used for deployments of multiple versions of the sam… |
| CVE-2026-29129 |
high |
— |
8.0 |
|
|
|
2mo ago |
Configured cipher preference order not preserved vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.16 through 11.0.18, from 10.1.51 through 10.1.52, from 9.0.114 through 9.… |
| CVE-2021-42340 |
high |
— |
8.0 |
|
|
|
4y ago |
The fix for bug 63362 present in Apache Tomcat 10.1.0-M1 to 10.1.0-M5, 10.0.0-M1 to 10.0.11, 9.0.40 to 9.0.53 and 8.5.60 to 8.5.71 introduced a memory leak. The object introduced to collect metrics f… |
| CVE-2020-13935 |
high |
— |
8.0 |
|
|
|
4y ago |
The payload length in a WebSocket frame was not correctly validated in Apache Tomcat 10.0.0-M1 to 10.0.0-M6, 9.0.0.M1 to 9.0.36, 8.5.0 to 8.5.56 and 7.0.27 to 7.0.104. Invalid payload lengths could t… |
| CVE-2020-13934 |
high |
— |
8.0 |
|
|
|
4y ago |
An h2c direct connection to Apache Tomcat 10.0.0-M1 to 10.0.0-M6, 9.0.0.M5 to 9.0.36 and 8.5.1 to 8.5.56 did not release the HTTP/1.1 processor after the upgrade to HTTP/2. If a sufficient number of … |
| CVE-2014-0230 |
high |
— |
7.8 |
|
|
|
11y ago |
Uncontrolled Resource Consumption in Apache Tomcat |
| CVE-2026-43513 |
high |
7.5 |
7.5 |
|
|
|
23d ago |
Improper Handling of Case Sensitivity vulnerability in LockOutRealm in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.21, from 10.1.0-M1 through 10.1.54, from 9.0.0.M1 … |
| CVE-2026-41284 |
high |
7.5 |
7.5 |
|
|
|
23d ago |
Allocation of Resources Without Limits or Throttling vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.21, from 10.1.0-M1 through 10.1.54, from 9.0.0.M1 t… |
| CVE-2026-34486 |
high |
7.5 |
7.5 |
|
|
|
2mo ago |
Missing Encryption of Sensitive Data vulnerability in Apache Tomcat due to the fix for CVE-2026-29146 allowing the bypass of the EncryptInterceptor. This issue affects Apache Tomcat: 11.0.20, 10.1.5… |
| CVE-2025-55752 |
high |
7.5 |
7.5 |
|
|
|
6mo ago |
Relative Path Traversal vulnerability in Apache Tomcat. The fix for bug 60013 introduced a regression where the rewritten URL was normalized before it was decoded. This introduced the po… |
| CVE-2017-7675 |
high |
7.5 |
7.5 |
|
|
|
9y ago |
The HTTP/2 implementation in Apache Tomcat 9.0.0.M1 to 9.0.0.M21 and 8.5.0 to 8.5.15 bypassed a number of security checks that prevented directory traversal attacks. It was therefore possible to bypa… |
| CVE-2016-6796 |
high |
7.5 |
7.5 |
|
|
|
9y ago |
Apache Tomcat vulnerable to SecurityManager bypass |
| CVE-2016-6817 |
high |
7.5 |
7.5 |
|
|
|
9y ago |
The HTTP/2 header parser in Apache Tomcat 9.0.0.M1 to 9.0.0.M11 and 8.5.0 to 8.5.6 entered an infinite loop if a header was received that was larger than the available buffer. This made a denial of s… |
| CVE-2016-6797 |
high |
7.5 |
7.5 |
|
|
|
9y ago |
Incorrect Authorization in Apache Tomcat |
| CVE-2017-5664 |
high |
7.5 |
7.5 |
|
|
|
9y ago |
The error page mechanism of the Java Servlet Specification requires that, when an error occurs and an error page is configured for the error that occurred, the original request and response are forwa… |
| CVE-2017-5650 |
high |
7.5 |
7.5 |
|
|
|
9y ago |
In Apache Tomcat 9.0.0.M1 to 9.0.0.M18 and 8.5.0 to 8.5.12, the handling of an HTTP/2 GOAWAY frame for a connection did not close streams associated with that connection that were currently waiting f… |
| CVE-2017-5647 |
high |
7.5 |
7.5 |
|
|
|
9y ago |
A bug in the handling of the pipelined requests in Apache Tomcat 9.0.0.M1 to 9.0.0.M18, 8.5.0 to 8.5.12, 8.0.0.RC1 to 8.0.42, 7.0.0 to 7.0.76, and 6.0.0 to 6.0.52, when send file was used, results in… |
| CVE-2013-2185 |
high |
— |
7.5 |
|
|
|
13y ago |
Deserialization of Untrusted Data in Apache Tomcat |
| CVE-2011-3190 |
high |
— |
7.5 |
|
|
|
15y ago |
Apache Tomcat Allows Remote Attackers to Spoof AJP Requests |
| CVE-2026-42498 |
high |
7.3 |
7.3 |
|
|
|
23d ago |
Exposure of HTTP Authentication Header to unexpected hosts during WebSocket authentication vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.21, from 10.1… |
| CVE-2026-43514 |
low |
3.7 |
3.7 |
|
|
|
23d ago |
Observable Timing Discrepancy vulnerability when comparing AJP secret in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.21, from 10.1.0-M1 through 10.1.54, from 9.0.0.M… |
| CVE-2010-1157 |
low |
— |
3.6 |
|
|
|
16y ago |
Exposure of Sensitive Information to an Unauthorized Actor in Apache Tomcat |
| CVE-2013-2071 |
low |
— |
2.6 |
|
|
|
13y ago |
Exposure of Sensitive Information to an Unauthorized Actor in Apache Tomcat |
| CVE-2024-54677 |
low |
— |
2.5 |
|
|
|
2y ago |
Uncontrolled Resource Consumption vulnerability in the examples web application provided with Apache Tomcat leads to denial of service. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.… |
| CVE-2011-2204 |
low |
— |
1.9 |
|
|
|
15y ago |
Insertion of Sensitive Information into Log File in Apache Tomcat |
| CVE-2010-3718 |
low |
— |
1.2 |
|
|
|
16y ago |
Improper Limitation of a Pathname to a Restricted Directory in Apache Tomcat |
