org.apache.tomcat:catalina

Licenses: Apache-2.0

Published: 19 years ago Last updated: 9 years ago Latest version: 6.0.53

License

Apache-2.0[0,);

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the org.apache.tomcat:catalina package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Vulnerability	Vulnerable Version
C Improper Authentication	[,9.0.118)[10.0.0-M1,10.1.55)[11.0.0-M1,11.0.22)
M Improper Handling of Case Sensitivity	[,9.0.118)[10.0.0-M1,10.1.55)[11.0.0-M1,11.0.22)
M Improper Authorization	[,9.0.118)[10.0.0-M1,10.1.55)[11.0.0-M1,11.0.22)
M Improper Resource Shutdown or Release	[0,)
H Information Exposure	[6.0.13,6.0.20)
M Cross-site Scripting (XSS)	[,6.0.19)
H Directory Traversal	[6.0.0,6.0.24)
H Information Exposure	[6.0.13,6.0.16)
M Information Exposure	[6.0.0,6.0.20)
H Information Exposure	[6.0.13,6.0.20)
H Authentication Bypass	[,6.0.24)
L Frame injection	[6.0.0,6.0.39)
H Arbitrary Code Execution	[0,)
H Access Restriction Bypass	[6.0.13,6.0.47)
M Timing Attack	[6,6.0.45]
M Directory Traversal	[6,6.0.45)
M Information Exposure	[6,6.0.45)
H Arbitrary Code Execution	[6,6.0.45)
M Directory Traversal	[6,6.0.45)
M Cross-site Scripting (XSS)	[6,6.0.29]
M Access Restriction Bypass	[6.0.0,6.0.33)
M Information Exposure	[6.0.30,6.0.33]
M Denial of Service (DoS)	[6,6.0.35)
M Improper Authentication	[6,6.0.33)
M Improper Input Validation	[6,6.0.33)
H Denial of Service (DoS)	[6,6.0.44)
L Directory Traversal	[6.0.13,6.0.53)
L Information Exposure	[6.0.0,6.0.27)
L Information Exposure	[6,6.0.33)
M Arbitrary File Read	[6,6.0.40)
M Arbitrary File Read	[6,6.0.40)
M Cross-site Request Forgery (CSRF)	[6,6.0.36)
M Denial of Service (DoS)	[6,6.0.34)
M Access Restriction Bypass	[6,6.0.36)
M Access Restriction Bypass	[6,6.0.36)
M Improper Authentication	[6,6.0.36)
M Improper Authentication	[6.0.0,6.0.36)
M Improper Authentication	[6.0.21,6.0.36]
M Information Exposure	[6,6.0.39)
M Improper Input Validation	[6.0.33,6.0.38)
M Cross-site Scripting (XSS)	[6.0.12,6.0.29]
M Access Restriction Bypass	[6,6.0.33)
M Cryptographic Issues	[6,6.0.33)

Package versions

24 VERSIONS IN TOTAL See all versions

version	published	direct vulnerabilities
6.0.53	2 Apr, 2017	1 C 1 H 3 M 0 L
6.0.51	9 Mar, 2017	1 C 1 H 3 M 1 L
6.0.48	7 Nov, 2016	1 C 1 H 3 M 1 L
6.0.47	13 Oct, 2016	1 C 1 H 3 M 1 L
6.0.45	1 Feb, 2016	1 C 2 H 4 M 1 L
6.0.44	8 May, 2015	1 C 3 H 7 M 1 L
6.0.43	14 Nov, 2014	1 C 4 H 7 M 1 L
6.0.41	19 May, 2014	1 C 4 H 7 M 1 L
6.0.39	27 Jan, 2014	1 C 4 H 9 M 1 L
6.0.37	29 Apr, 2013	1 C 4 H 11 M 2 L