org.apache.tomcat:tomcat-catalina@7.0.90 vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the org.apache.tomcat:tomcat-catalina package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for free
Vulnerability Vulnerable Version
  • M
Improper Input Validation

org.apache.tomcat:tomcat-catalina is a Tomcat Servlet Engine Core Classes and Standard implementations.

Affected versions of this package are vulnerable to Improper Input Validation. Queries made by the JNDI Realm did not always correctly escape parameters. Parameter values could be sourced from user provided data (e.g., user names) as well as configuration data provided by an administrator. In limited circumstances it was possible for users to authenticate using variations of their user name and/or to bypass some of the protection provided by the LockOut Realm.

How to fix Improper Input Validation?

Upgrade org.apache.tomcat:tomcat-catalina to version 10.0.6, 9.0.46, 8.5.66, 7.0.109 or higher.

[10.0.0-M1,10.0.6) [9.0.0.M1,9.0.46) [8.5.0,8.5.66) [7.0.0,7.0.109)
  • H
Remote Code Execution (RCE)

org.apache.tomcat:tomcat-catalina is a Tomcat Servlet Engine Core Classes and Standard implementations.

Affected versions of this package are vulnerable to Remote Code Execution (RCE). The fix for CVE-2020-9484 was incomplete. When using Apache Tomcat with a configuration edge case that was highly unlikely to be used, the Tomcat instance was still vulnerable to CVE-2020-9494. Note that both the previously published prerequisites for CVE-2020-9484 and the previously published mitigations for CVE-2020-9484 also apply to this issue.

How to fix Remote Code Execution (RCE)?

Upgrade org.apache.tomcat:tomcat-catalina to version 10.0.2, 9.0.43, 8.5.63, 7.0.108 or higher.

[10.0.0-M1,10.0.2) [9.0.0.M1,9.0.43) [8.5.0,8.5.63) [7.0.0,7.0.108)
  • M
Information Disclosure

org.apache.tomcat:tomcat-catalina is a Tomcat Servlet Engine Core Classes and Standard implementations.

Affected versions of this package are vulnerable to Information Disclosure. When serving resources from a network location using the NTFS file system, affected versions were susceptible to JSP source code disclosure in some configurations. The root cause was the unexpected behaviour of the JRE API File.getCanonicalPath() which in turn was caused by the inconsistent behaviour of the Windows API (FindFirstFileW) in some circumstances.

How to fix Information Disclosure?

Upgrade org.apache.tomcat:tomcat-catalina to version 10.0.0-M10, 9.0.40, 8.5.60, 7.0.107 or higher.

[10.0.0-M1,10.0.0-M10) [9.0.0.M1,9.0.40) [8.5.0,8.5.60) [7.0.0,7.0.107)
  • H
Remote Code Execution (RCE)

org.apache.tomcat:tomcat-catalina is a Tomcat Servlet Engine Core Classes and Standard implementations.

Affected versions of this package are vulnerable to Remote Code Execution (RCE). If an attacker is able to control the contents and name of a file on the server; and the server is configured to use the PersistenceManager with a FileStore; and the PersistenceManager is configured with sessionAttributeValueClassNameFilter="null" (the default unless a SecurityManager is used) or a sufficiently lax filter to allow the attacker provided object to be deserialized; and the attacker knows the relative file path from the storage location used by FileStore to the file the attacker has control over; then, using a specifically crafted request, the attacker will be able to trigger remote code execution via deserialization of the file under their control.

How to fix Remote Code Execution (RCE)?

Upgrade org.apache.tomcat:tomcat-catalina to version 10.0.0-M5, 9.0.35, 8.5.55, 7.0.104 or higher.

[10.0.0-M1,10.0.0-M5) [9.0.0M1,9.0.35) [8.5.0,8.5.55) [7.0.0,7.0.104)
  • L
Session Fixation

org.apache.tomcat:tomcat-catalina is a Tomcat Servlet Engine Core Classes and Standard implementations.

Affected versions of this package are vulnerable to Session Fixation. When using FORM authentication there was a narrow window where an attacker could perform a session fixation attack. The window was considered too narrow for an exploit to be practical but, erring on the side of caution, this issue has been treated as a security vulnerability.

How to fix Session Fixation?

Upgrade org.apache.tomcat:tomcat-catalina to version 9.0.30, 8.5.50, 7.0.99 or higher.

[9.0.0.M1,9.0.30) [8.5.0,8.5.50) [,7.0.99)
  • L
Cross-site Scripting (XSS)

org.apache.tomcat:tomcat-catalina is a Tomcat Servlet Engine Core Classes and Standard implementations.

Affected versions of this package are vulnerable to Cross-site Scripting (XSS) via the SSI printenv command.

Note: Server Side Includes (SSI) is disabled by default and is intended for debugging purposes only.

How to fix Cross-site Scripting (XSS)?

Upgrade org.apache.tomcat:tomcat-catalina to version 9.0.18, 8.5.40, 7.0.94 or higher.

[9.0.0.M1,9.0.18) [8.5.0,8.5.40) [7.0.0,7.0.94)
  • H
Remote Code Execution

org.apache.tomcat:tomcat-catalina is a Tomcat Servlet Engine Core Classes and Standard implementations.

Affected versions of this package are vulnerable to Remote Code Execution due to a bug in the way the underlying Java Runtime Environment (JRE) passes command line arguments to windows systems when the option enableCmdLineArguments is enabled.

The CGI Servlet in Apache Tomcat when enabled, will pass user input to the underlying operating system for command line parsing. However, this process is not consistent and may allow the injection of additional arguments. This misconfiguration could be abused by attackers to execute code on an application's underlying operating system.

How to fix Remote Code Execution?

Upgrade org.apache.tomcat:tomcat-catalina to version 7.0.94, 8.5.40, 9.0.18 or higher.

[7.0.0,7.0.94) [8.5.0,8.5.40) [9.0.0.M1,9.0.18)
  • M
Open Redirect

org.apache.tomcat:tomcat-catalina is a Tomcat Servlet Engine Core Classes and Standard implementations.

Affected versions of this package are vulnerable to Open Redirect. When the default servlet returned a redirect to a directory (e.g. redirecting to '/foo/' when the user requested '/foo') a specially crafted URL could be used to cause the redirect to be generated to any URI of the attackers choice.

How to fix Open Redirect?

Upgrade org.apache.tomcat:tomcat-catalina to version 7.0.91, 8.5.34, 9.0.12 or higher.

[7.0.23,7.0.91) [8.5.0,8.5.34) [9.0.0,9.0.12)