Homepage

tomcat-lib

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the tomcat-lib package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free
VulnerabilityVulnerable Version
  • M
Incorrect Implementation of Authentication Algorithm

*
  • L
External Control of System or Configuration Setting

*
  • H
Reliance on Untrusted Inputs in a Security Decision

*
  • L
Inappropriate Encoding for Output Context

*
  • M
Incomplete Blacklist

*
  • H
Use of a Risky Cryptographic Primitive

*
  • L
File and Directory Information Exposure

*
  • L
Open Redirect

*
  • M
Incorrect Implementation of Authentication Algorithm

*
  • L
HTTP Request Smuggling

*
  • L
Improper Input Validation

*
  • H
Improper Certificate Validation

*
  • M
Improper Validation of Unsafe Equivalence in Input

*
  • H
Directory Traversal

<1:9.0.87-6.el9_7.1
  • M
Improper Resource Shutdown or Release

*
  • M
Improper Neutralization

*
  • M
Session Fixation

*
  • H
Resource Exhaustion

<1:9.0.87-3.el9_6.3
  • H
Integer Overflow or Wraparound

<1:9.0.87-3.el9_6.3
  • H
Race Condition

<1:9.0.87-3.el9_6.3
  • H
Resource Exhaustion

<1:9.0.87-3.el9_6.3
  • H
Allocation of Resources Without Limits or Throttling

<1:9.0.87-3.el9_6.3
  • H
Allocation of Resources Without Limits or Throttling

<1:9.0.87-3.el9_6.3
  • H
Authentication Bypass

<1:9.0.87-3.el9_6.3
  • H
Time-of-check Time-of-use (TOCTOU)

<1:9.0.87-3.el9_6.1
  • M
Improper Handling of Case Sensitivity

*
  • H
Improper Input Validation

<1:9.0.87-3.el9_6.1
  • H
Improper Neutralization

<1:9.0.87-6.el9_7.1
  • M
Path Equivalence

<1:9.0.87-2.el9_5.1
  • L
Resource Exhaustion

*
  • M
Time-of-check Time-of-use (TOCTOU)

<1:9.0.87-2.el9_5.1
  • L
Uncaught Exception

*
  • H
Resource Exhaustion

<1:9.0.87-1.el9_4.2
  • H
Resource Exhaustion

<1:9.0.87-1.el9_4.2
  • H
Incomplete Cleanup

<1:9.0.87-1.el9_4.1
  • H
Improper Input Validation

<1:9.0.87-1.el9_4.1
  • H
HTTP Request Smuggling

<1:9.0.62-37.el9_3.2
  • M
Incomplete Cleanup

<1:9.0.62-37.el9_3.1
  • M
Incomplete Cleanup

<1:9.0.62-37.el9_3.1
  • M
Improper Input Validation

<1:9.0.62-37.el9_3.1
  • H
Resource Exhaustion

<1:9.0.62-11.el9_2.3
  • M
Open Redirect

<1:9.0.62-37.el9_3.1
  • M
Off-by-one Error

<1:9.0.62-37.el9_3
  • M
Information Exposure

<1:9.0.62-37.el9_3
  • M
Allocation of Resources Without Limits or Throttling

<1:9.0.62-37.el9_3
  • L
Arbitrary Code Injection

*