org.apache.tomcat:tomcat-jasper@7.0.62 vulnerabilities
-
latest version
11.0.1
-
latest non vulnerable version
-
first published
14 years ago
-
latest version published
19 days ago
-
licenses detected
- [0,)
-
package manager
Direct Vulnerabilities
Known vulnerabilities in the org.apache.tomcat:tomcat-jasper package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
org.apache.tomcat:tomcat-jasper is a Tomcats JSP Parser Affected versions of this package are vulnerable to Access Restriction Bypass. It was discovered that a malicious web application could bypass a configured SecurityManager via manipulation of the configuration parameters for the JSP Servlet. How to fix Access Restriction Bypass? Upgrade |
[7.0.0,7.0.72)
[8,8.0.37)
[8.5.0,8.5.5)
[9-alpha,9.0.0.M10)
|
org.apache.tomcat:tomcat-jasper is a Tomcats JSP Parser Affected versions of this package are vulnerable to Access Restriction Bypass. It was discovered that a malicious web application could bypass a configured SecurityManager via a Tomcat utility method that was accessible to web applications. How to fix Access Restriction Bypass? Upgrade |
[7.0.0,7.0.72)
[8,8.0.37)
[8.5.0,8.5.5)
[9-alpha,9.0.0.M10)
|