tomcat8 vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the tomcat8 package. This does not include vulnerabilities belonging to this package’s dependencies.

How to fix?

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free
VulnerabilityVulnerable Version
  • M
HTTP Request Smuggling

<8.5.39-1ubuntu1~18.04.3+esm3
  • M
HTTP Request Smuggling

<8.5.39-1ubuntu1~18.04.3+esm1
  • H
CVE-2023-44487

<8.5.39-1ubuntu1~18.04.3+esm4
  • M
Missing Release of Resource after Effective Lifetime

*
  • M
Information Exposure

*
  • L
Improper Input Validation

*
  • M
Improper Locking

<8.5.39-1ubuntu1~18.04.3
  • L
Cross-site Scripting (XSS)

<8.5.39-1ubuntu1~18.04.3
  • M
Resource Exhaustion

<8.5.39-1ubuntu1~18.04.1
  • M
Open Redirect

<8.5.39-1ubuntu1~18.04.1
  • M
Race Condition

<8.5.39-1ubuntu1~18.04.1
  • M
Loop with Unreachable Exit Condition ('Infinite Loop')

<8.5.39-1ubuntu1~18.04.1
  • L
Improper Certificate Validation

<8.5.39-1ubuntu1~18.04.1
  • L
Insecure Default Initialization of Resource

<8.5.30-1ubuntu1.2
  • M
Error Handling

<8.0.38-2ubuntu1
  • H
Improper Access Control

<8.0.38-2ubuntu1
  • M
Link Following

<8.0.38-2ubuntu1
  • M
Access Restriction Bypass

<8.0.38-2ubuntu1
  • M
Improper Input Validation

<8.0.38-2ubuntu1
  • M
Improper Input Validation

<8.0.36-2ubuntu1