org.apache.tomcat:jasper@6.0.45 vulnerabilities
-
latest version
6.0.53
-
latest non vulnerable version
-
first published
17 years ago
-
latest version published
7 years ago
-
licenses detected
- [0,)
-
package manager
Direct Vulnerabilities
Known vulnerabilities in the org.apache.tomcat:jasper package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
org.apache.tomcat:jasper is a maven plugin for Tomcats JSP Parser. Affected versions of this package are vulnerable to Access Restriction Bypass. It was discovered that a malicious web application could bypass a configured SecurityManager via manipulation of the configuration parameters for the JSP Servlet. How to fix Access Restriction Bypass? Upgrade |
[6.0.13,6.0.47)
|
org.apache.tomcat:jasper is a maven plugin for Tomcats JSP Parser. Affected versions of this package are vulnerable to Access Restriction Bypass. It was discovered that a malicious web application could bypass a configured SecurityManager via a Tomcat utility method that was accessible to web applications. How to fix Access Restriction Bypass? Upgrade |
[6.0.13,6.0.47)
|