tomcat9-lib

Direct Vulnerabilities

Known vulnerabilities in the tomcat9-lib package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free

Vulnerability	Vulnerable Version
M Incorrect Implementation of Authentication Algorithm	<1:9.0.117-1.amzn2023.0.1
M External Control of System or Configuration Setting	<1:9.0.117-1.amzn2023.0.1
M Inappropriate Encoding for Output Context	<1:9.0.117-1.amzn2023.0.1
M HTTP Request Smuggling	<1:9.0.117-1.amzn2023.0.1
M Use of a Risky Cryptographic Primitive	<1:9.0.117-1.amzn2023.0.1
M Incorrect Implementation of Authentication Algorithm	<1:9.0.117-1.amzn2023.0.1
M File and Directory Information Exposure	<1:9.0.117-1.amzn2023.0.1
M Incomplete Blacklist	<1:9.0.117-1.amzn2023.0.1
M Open Redirect	<1:9.0.117-1.amzn2023.0.1
H Improper Certificate Validation	<1:9.0.115-1.amzn2023.0.1
H Improper Input Validation	<1:9.0.115-1.amzn2023.0.1
H Improper Validation of Unsafe Equivalence in Input	<1:9.0.115-1.amzn2023.0.1
H Improper Resource Shutdown or Release	<1:9.0.111-1.amzn2023.0.1
H Directory Traversal	<1:9.0.111-1.amzn2023.0.1
H Resource Exhaustion	<1:9.0.108-1.amzn2023.0.1
H Session Fixation	<1:9.0.106-1.amzn2023.0.1
H Integer Overflow or Wraparound	<1:9.0.107-1.amzn2023.0.1
H Race Condition	<1:9.0.107-1.amzn2023.0.1
H Resource Exhaustion	<1:9.0.107-1.amzn2023.0.1
H Allocation of Resources Without Limits or Throttling	<1:9.0.106-1.amzn2023.0.1
H Authentication Bypass	<1:9.0.106-1.amzn2023.0.1
H Allocation of Resources Without Limits or Throttling	<1:9.0.106-1.amzn2023.0.1
M Improper Handling of Case Sensitivity	<1:9.0.105-1.amzn2023.0.1
H Improper Input Validation	<1:9.0.104-1.amzn2023.0.1
H Improper Neutralization	<1:9.0.104-1.amzn2023.0.1
H Path Equivalence	<1:9.0.102-1.amzn2023.0.1
H Resource Exhaustion	<1:9.0.98-1.amzn2023.0.1
H Time-of-check Time-of-use (TOCTOU)	<1:9.0.98-1.amzn2023.0.1
H Uncaught Exception	<1:9.0.98-1.amzn2023.0.1
H Time-of-check Time-of-use (TOCTOU)	<1:9.0.98-1.amzn2023.0.1
H Resource Exhaustion	<1:9.0.90-1.amzn2023.0.2
H Incomplete Cleanup	<1:9.0.87-1.amzn2023.0.2
H Improper Input Validation	<1:9.0.87-1.amzn2023.0.2
M HTTP Request Smuggling	<1:9.0.64-1.amzn2023.0.2
M HTTP Request Smuggling	<1:9.0.82-1.amzn2023.0.2
H Improper Input Validation	<1:9.0.82-1.amzn2023.0.1
H Incomplete Cleanup	<1:9.0.82-1.amzn2023.0.1
H Resource Exhaustion	<1:9.0.71-1.amzn2023.0.6
M Open Redirect	<1:9.0.71-1.amzn2023.0.5
H Off-by-one Error	<1:9.0.71-1.amzn2023.0.3
H Race Condition	<1:9.0.71-1.amzn2023.0.2
H Information Exposure	<1:9.0.71-1.amzn2023.0.2
H Arbitrary Code Injection	<1:9.0.71-1.amzn2023.0.2
H HTTP Request Smuggling	<1:9.0.71-1.amzn2023.0.1
M Time-of-check Time-of-use (TOCTOU)	<1:9.0.64-1.amzn2023.0.2

Vulnerability

Vulnerable Version

Incorrect Implementation of Authentication Algorithm

<1:9.0.117-1.amzn2023.0.1