tomcat8 vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the tomcat8 package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free
VulnerabilityVulnerable Version
  • H
Information Exposure

<0:8.5.69-1.88.amzn1
  • H
HTTP Request Smuggling

<0:8.5.69-1.88.amzn1
  • H
Path Equivalence

<0:8.5.99-1.98.amzn1
  • H
Improper Input Validation

<0:8.5.99-1.97.amzn1
  • H
Incomplete Cleanup

<0:8.5.99-1.97.amzn1
  • M
HTTP Request Smuggling

<0:8.5.96-1.96.amzn1
  • H
Open Redirect

<0:8.5.93-1.94.amzn1
  • H
Allocation of Resources Without Limits or Throttling

<0:8.5.93-1.94.amzn1
  • H
Incomplete Cleanup

<0:8.5.94-1.95.amzn1
  • H
Resource Exhaustion

<0:8.5.94-1.95.amzn1
  • H
Improper Input Validation

<0:8.5.94-1.95.amzn1
  • H
Off-by-one Error

<0:8.5.89-1.93.amzn1
  • H
Race Condition

<0:8.5.87-1.92.amzn1
  • H
Information Exposure

<0:8.5.87-1.92.amzn1
  • H
Incomplete Documentation of Program Execution

<0:8.5.81-1.91.amzn1
  • H
Sensitive Information Uncleared Before Release

<0:8.5.81-1.91.amzn1
  • M
Time-of-check Time-of-use (TOCTOU)

<0:8.5.75-1.90.amzn1
  • H
Improper Input Validation

<0:8.5.69-1.88.amzn1
  • H
Missing Release of Resource after Effective Lifetime

<0:8.5.72-1.89.amzn1
  • M
HTTP Request Smuggling

<0:8.5.69-1.88.amzn1
  • H
Deserialization of Untrusted Data

<0:8.5.63-1.87.amzn1
  • H
Information Exposure

<0:8.5.63-1.87.amzn1
  • M
Information Exposure

<0:8.5.60-1.86.amzn1
  • H
Loop with Unreachable Exit Condition ('Infinite Loop')

<0:8.5.57-1.85.amzn1
  • H
NULL Pointer Dereference

<0:8.5.57-1.85.amzn1
  • H
Deserialization of Untrusted Data

<0:8.5.56-1.84.amzn1
  • H
Improper Privilege Management

<0:8.5.51-1.83.amzn1
  • H
HTTP Request Smuggling

<0:8.5.51-1.83.amzn1
  • H
HTTP Request Smuggling

<0:8.5.51-1.83.amzn1
  • M
CVE-2019-12418

<0:8.5.50-1.82.amzn1
  • M
Session Fixation

<0:8.5.50-1.82.amzn1
  • H
OS Command Injection

<0:8.5.40-1.79.amzn1
  • H
Cross-site Scripting (XSS)

<0:8.5.42-1.80.amzn1
  • H
Resource Exhaustion

<0:8.5.42-1.80.amzn1
  • H
Resource Exhaustion

<0:8.5.40-1.79.amzn1
  • H
Open Redirect

<0:8.5.40-1.79.amzn1
  • H
Race Condition

<0:8.5.32-1.78.amzn1
  • H
Insecure Default Initialization of Resource

<0:8.5.32-1.78.amzn1
  • H
Improper Certificate Validation

<0:8.5.32-1.78.amzn1
  • H
Loop with Unreachable Exit Condition ('Infinite Loop')

<0:8.5.32-1.78.amzn1
  • M
CVE-2018-1305

<0:8.5.29-1.77.amzn1
  • M
CVE-2018-1304

<0:8.5.29-1.77.amzn1
  • L
Improperly Implemented Security Check for Standard

<0:8.5.28-1.76.amzn1
  • H
Unrestricted Upload of File with Dangerous Type

<0:8.5.23-1.75.amzn1
  • M
Insufficient Verification of Data Authenticity

<0:8.0.46-1.76.amzn1
  • H
Improper Handling of Exceptional Conditions

<0:8.0.45-1.72.amzn1
  • H
Insufficient Verification of Data Authenticity

<0:8.0.45-1.72.amzn1
  • H
Improper Handling of Exceptional Conditions

<0:8.0.44-1.71.amzn1
  • H
Information Exposure

<0:8.0.43-1.70.amzn1
  • H
Exposure of Resource to Wrong Sphere

<0:8.0.43-1.70.amzn1
  • M
Error Handling

<0:8.0.41-1.69.amzn1
  • H
Improper Input Validation

<0:8.0.39-1.67.amzn1
  • H
Improper Access Control

<0:8.0.39-1.67.amzn1
  • H
Security Features

<0:8.0.38-1.65.amzn1
  • H
Improper Access Control

<0:8.0.38-1.65.amzn1
  • H
Access Restriction Bypass

<0:8.0.38-1.65.amzn1
  • H
Information Exposure

<0:8.0.38-1.65.amzn1
  • H
Access Restriction Bypass

<0:8.0.38-1.65.amzn1
  • H
Security Features

<0:8.0.38-1.65.amzn1
  • M
Improper Input Validation

<0:8.0.36-1.62.amzn1
  • M
Improper Input Validation

<0:8.0.35-1.61.amzn1
  • M
Access Restriction Bypass

<0:8.0.32-1.59.amzn1
  • M
Information Exposure

<0:8.0.32-1.59.amzn1
  • M
Access Restriction Bypass

<0:8.0.32-1.59.amzn1
  • M
Cross-site Request Forgery (CSRF)

<0:8.0.32-1.59.amzn1
  • M
CVE-2015-5346

<0:8.0.32-1.59.amzn1
  • M
Directory Traversal

<0:8.0.30-1.57.amzn1
  • M
Directory Traversal

<0:8.0.30-1.57.amzn1
  • M
Improper Access Control

<0:8.0.30-1.57.amzn1
  • M
Improper Data Handling

<0:8.0.20-1.53.amzn1
  • M
Numeric Errors

<0:8.0.20-1.53.amzn1
  • M
Access Restriction Bypass

<0:8.0.20-1.53.amzn1
  • M
Numeric Errors

<0:8.0.20-1.53.amzn1