tomcat8-lib vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the tomcat8-lib package. This does not include vulnerabilities belonging to this package’s dependencies.

How to fix?

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free
VulnerabilityVulnerable Version
  • H
Incomplete Cleanup

<0:8.5.99-1.97.amzn1
  • H
Improper Input Validation

<0:8.5.99-1.97.amzn1
  • M
HTTP Request Smuggling

<0:8.5.96-1.96.amzn1
  • H
Open Redirect

<0:8.5.93-1.94.amzn1
  • H
Allocation of Resources Without Limits or Throttling

<0:8.5.93-1.94.amzn1
  • H
Incomplete Cleanup

<0:8.5.94-1.95.amzn1
  • H
Resource Exhaustion

<0:8.5.94-1.95.amzn1
  • H
Improper Input Validation

<0:8.5.94-1.95.amzn1
  • H
Off-by-one Error

<0:8.5.89-1.93.amzn1
  • H
Race Condition

<0:8.5.87-1.92.amzn1
  • H
Information Exposure

<0:8.5.87-1.92.amzn1
  • H
Incomplete Documentation of Program Execution

<0:8.5.81-1.91.amzn1
  • H
Sensitive Information Uncleared Before Release

<0:8.5.81-1.91.amzn1
  • M
Time-of-check Time-of-use (TOCTOU)

<0:8.5.75-1.90.amzn1
  • H
Improper Input Validation

<0:8.5.69-1.88.amzn1
  • H
Missing Release of Resource after Effective Lifetime

<0:8.5.72-1.89.amzn1
  • M
HTTP Request Smuggling

<0:8.5.69-1.88.amzn1
  • H
Deserialization of Untrusted Data

<0:8.5.63-1.87.amzn1
  • H
Information Exposure

<0:8.5.63-1.87.amzn1
  • M
Information Exposure

<0:8.5.60-1.86.amzn1
  • H
Loop with Unreachable Exit Condition ('Infinite Loop')

<0:8.5.57-1.85.amzn1
  • H
NULL Pointer Dereference

<0:8.5.57-1.85.amzn1
  • H
Deserialization of Untrusted Data

<0:8.5.56-1.84.amzn1
  • H
Improper Privilege Management

<0:8.5.51-1.83.amzn1
  • H
HTTP Request Smuggling

<0:8.5.51-1.83.amzn1
  • H
HTTP Request Smuggling

<0:8.5.51-1.83.amzn1
  • M
CVE-2019-12418

<0:8.5.50-1.82.amzn1
  • M
Session Fixation

<0:8.5.50-1.82.amzn1
  • H
OS Command Injection

<0:8.5.40-1.79.amzn1
  • H
Cross-site Scripting (XSS)

<0:8.5.42-1.80.amzn1
  • H
Resource Exhaustion

<0:8.5.42-1.80.amzn1
  • H
Resource Exhaustion

<0:8.5.40-1.79.amzn1
  • H
Open Redirect

<0:8.5.40-1.79.amzn1
  • H
Race Condition

<0:8.5.32-1.78.amzn1
  • H
Insecure Default Initialization of Resource

<0:8.5.32-1.78.amzn1
  • H
Improper Certificate Validation

<0:8.5.32-1.78.amzn1
  • H
Loop with Unreachable Exit Condition ('Infinite Loop')

<0:8.5.32-1.78.amzn1
  • M
CVE-2018-1305

<0:8.5.29-1.77.amzn1
  • M
CVE-2018-1304

<0:8.5.29-1.77.amzn1
  • L
Improperly Implemented Security Check for Standard

<0:8.5.28-1.76.amzn1
  • H
Unrestricted Upload of File with Dangerous Type

<0:8.5.23-1.75.amzn1
  • M
Insufficient Verification of Data Authenticity

<0:8.0.46-1.76.amzn1
  • H
Improper Handling of Exceptional Conditions

<0:8.0.45-1.72.amzn1
  • H
Insufficient Verification of Data Authenticity

<0:8.0.45-1.72.amzn1
  • H
Improper Handling of Exceptional Conditions

<0:8.0.44-1.71.amzn1
  • H
Information Exposure

<0:8.0.43-1.70.amzn1
  • H
Exposure of Resource to Wrong Sphere

<0:8.0.43-1.70.amzn1
  • M
Error Handling

<0:8.0.41-1.69.amzn1
  • H
Improper Input Validation

<0:8.0.39-1.67.amzn1
  • H
Improper Access Control

<0:8.0.39-1.67.amzn1
  • H
Security Features

<0:8.0.38-1.65.amzn1
  • H
Improper Access Control

<0:8.0.38-1.65.amzn1
  • H
Access Restriction Bypass

<0:8.0.38-1.65.amzn1
  • H
Information Exposure

<0:8.0.38-1.65.amzn1
  • H
Access Restriction Bypass

<0:8.0.38-1.65.amzn1
  • H
Security Features

<0:8.0.38-1.65.amzn1
  • M
Improper Input Validation

<0:8.0.36-1.62.amzn1
  • M
Improper Input Validation

<0:8.0.35-1.61.amzn1
  • M
Access Restriction Bypass

<0:8.0.32-1.59.amzn1
  • M
Information Exposure

<0:8.0.32-1.59.amzn1
  • M
Access Restriction Bypass

<0:8.0.32-1.59.amzn1
  • M
Cross-site Request Forgery (CSRF)

<0:8.0.32-1.59.amzn1
  • M
CVE-2015-5346

<0:8.0.32-1.59.amzn1
  • M
Directory Traversal

<0:8.0.30-1.57.amzn1
  • M
Directory Traversal

<0:8.0.30-1.57.amzn1
  • M
Improper Access Control

<0:8.0.30-1.57.amzn1
  • M
Improper Data Handling

<0:8.0.20-1.53.amzn1
  • M
Numeric Errors

<0:8.0.20-1.53.amzn1
  • M
Access Restriction Bypass

<0:8.0.20-1.53.amzn1
  • M
Numeric Errors

<0:8.0.20-1.53.amzn1