org.apache.tomcat:tomcat@10.0.17 vulnerabilities
-
latest version
10.1.20
-
latest non vulnerable version
-
first published
11 years ago
-
latest version published
a month ago
-
licenses detected
- [7.0.35,)
-
package manager
Direct Vulnerabilities
Known vulnerabilities in the org.apache.tomcat:tomcat package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
org.apache.tomcat:tomcat is an implementation of the Java Servlet, JavaServer Pages, Java Expression Language and Java WebSocket technologies. Affected versions of this package are vulnerable to Cross-site Scripting (XSS). The Form authentication example in the examples web application displayed user provided data without filtering, exposing a potential XSS vulnerability. Note: This is a vulnerability in How to fix Cross-site Scripting (XSS)? Upgrade |
[8.5.50,8.5.82)
[9.0.30,9.0.65)
[10.0.0-M1,10.0.23)
[10.1.0-M1,10.1.0-M17)
|