tomcat8 vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the tomcat8 package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Vulnerability	Vulnerable Version
M Improper Input Validation	<8.5.39-1ubuntu1~18.04.3+esm5
M Incomplete Cleanup	<8.5.39-1ubuntu1~18.04.3+esm5
M Unprotected Transport of Credentials	<8.5.39-1ubuntu1~18.04.3+esm5
M Incomplete Cleanup	<8.5.39-1ubuntu1~18.04.3+esm5
M Information Exposure	<8.5.39-1ubuntu1~18.04.3+esm5
M CVE-2024-24549	<8.5.39-1ubuntu1~18.04.3+esm5
M HTTP Request Smuggling	<8.5.39-1ubuntu1~18.04.3+esm3
M HTTP Request Smuggling	<8.5.39-1ubuntu1~18.04.3+esm1
H CVE-2023-44487	<8.5.39-1ubuntu1~18.04.3+esm4
M Missing Release of Resource after Effective Lifetime	*
M Information Exposure	*
L Improper Input Validation	*
M Improper Locking	<8.5.39-1ubuntu1~18.04.3
L Cross-site Scripting (XSS)	<8.5.39-1ubuntu1~18.04.3
M Resource Exhaustion	<8.5.39-1ubuntu1~18.04.1
M Open Redirect	<8.5.39-1ubuntu1~18.04.1
M Race Condition	<8.5.39-1ubuntu1~18.04.1
M Loop with Unreachable Exit Condition ('Infinite Loop')	<8.5.39-1ubuntu1~18.04.1
L Improper Certificate Validation	<8.5.39-1ubuntu1~18.04.1
L Insecure Default Initialization of Resource	<8.5.30-1ubuntu1.2
M Error Handling	<8.0.38-2ubuntu1
H Improper Access Control	<8.0.38-2ubuntu1
M Access Restriction Bypass	<8.0.38-2ubuntu1
M Link Following	<8.0.38-2ubuntu1
M Improper Input Validation	<8.0.38-2ubuntu1
M Improper Input Validation	<8.0.36-2ubuntu1