tomcat9-admin-webapps

Direct Vulnerabilities

Known vulnerabilities in the tomcat9-admin-webapps package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free

Vulnerability	Vulnerable Version
H Incorrect Behavior Order: Authorization Before Parsing and Canonicalization	<1:9.0.118-1.amzn2023.0.1
H Allocation of Resources Without Limits or Throttling	<1:9.0.118-1.amzn2023.0.1
H Improper Validation of Syntactic Correctness of Input	<1:9.0.118-1.amzn2023.0.1
H Information Exposure	<1:9.0.118-1.amzn2023.0.1
H Information Exposure	<1:9.0.118-1.amzn2023.0.1
H Improper Handling of Case Sensitivity	<1:9.0.118-1.amzn2023.0.1
H Incorrect Implementation of Authentication Algorithm	<1:9.0.118-1.amzn2023.0.1
M HTTP Request Smuggling	<1:9.0.117-1.amzn2023.0.1
M Incorrect Implementation of Authentication Algorithm	<1:9.0.117-1.amzn2023.0.1
M File and Directory Information Exposure	<1:9.0.117-1.amzn2023.0.1
M Incomplete Blacklist	<1:9.0.117-1.amzn2023.0.1
M Incorrect Implementation of Authentication Algorithm	<1:9.0.117-1.amzn2023.0.1
M External Control of System or Configuration Setting	<1:9.0.117-1.amzn2023.0.1
M Use of a Risky Cryptographic Primitive	<1:9.0.117-1.amzn2023.0.1
M Open Redirect	<1:9.0.117-1.amzn2023.0.1
M Inappropriate Encoding for Output Context	<1:9.0.117-1.amzn2023.0.1
H Improper Validation of Unsafe Equivalence in Input	<1:9.0.115-1.amzn2023.0.1
H Improper Input Validation	<1:9.0.115-1.amzn2023.0.1
H Improper Certificate Validation	<1:9.0.115-1.amzn2023.0.1
H Improper Resource Shutdown or Release	<1:9.0.111-1.amzn2023.0.1
H Directory Traversal	<1:9.0.111-1.amzn2023.0.1
H Resource Exhaustion	<1:9.0.108-1.amzn2023.0.1
H Session Fixation	<1:9.0.106-1.amzn2023.0.1
H Integer Overflow or Wraparound	<1:9.0.107-1.amzn2023.0.1
H Resource Exhaustion	<1:9.0.107-1.amzn2023.0.1
H Race Condition	<1:9.0.107-1.amzn2023.0.1
H Authentication Bypass	<1:9.0.106-1.amzn2023.0.1
H Allocation of Resources Without Limits or Throttling	<1:9.0.106-1.amzn2023.0.1
H Allocation of Resources Without Limits or Throttling	<1:9.0.106-1.amzn2023.0.1
M Improper Handling of Case Sensitivity	<1:9.0.105-1.amzn2023.0.1
H Improper Neutralization	<1:9.0.104-1.amzn2023.0.1
H Improper Input Validation	<1:9.0.104-1.amzn2023.0.1
H Path Equivalence	<1:9.0.102-1.amzn2023.0.1
H Resource Exhaustion	<1:9.0.98-1.amzn2023.0.1
H Uncaught Exception	<1:9.0.98-1.amzn2023.0.1
H Time-of-check Time-of-use (TOCTOU)	<1:9.0.98-1.amzn2023.0.1
H Time-of-check Time-of-use (TOCTOU)	<1:9.0.98-1.amzn2023.0.1
H Resource Exhaustion	<1:9.0.90-1.amzn2023.0.2
H Improper Input Validation	<1:9.0.87-1.amzn2023.0.2
H Incomplete Cleanup	<1:9.0.87-1.amzn2023.0.2
M HTTP Request Smuggling	<1:9.0.64-1.amzn2023.0.2
M HTTP Request Smuggling	<1:9.0.82-1.amzn2023.0.2
H Improper Input Validation	<1:9.0.82-1.amzn2023.0.1
H Incomplete Cleanup	<1:9.0.82-1.amzn2023.0.1
H Resource Exhaustion	<1:9.0.71-1.amzn2023.0.6
M Open Redirect	<1:9.0.71-1.amzn2023.0.5
H Off-by-one Error	<1:9.0.71-1.amzn2023.0.3
H Race Condition	<1:9.0.71-1.amzn2023.0.2
H Information Exposure	<1:9.0.71-1.amzn2023.0.2
H Arbitrary Code Injection	<1:9.0.71-1.amzn2023.0.2
H HTTP Request Smuggling	<1:9.0.71-1.amzn2023.0.1
M Time-of-check Time-of-use (TOCTOU)	<1:9.0.64-1.amzn2023.0.2

Vulnerability

Vulnerable Version

Incorrect Behavior Order: Authorization Before Parsing and Canonicalization

<1:9.0.118-1.amzn2023.0.1