org.apache.tomcat.embed:tomcat-embed-core@11.0.0-M22 vulnerabilities
-
latest version
11.0.0
-
latest non vulnerable version
-
first published
14 years ago
-
latest version published
2 months ago
-
licenses detected
- [0,)
-
package manager
Direct Vulnerabilities
Known vulnerabilities in the org.apache.tomcat.embed:tomcat-embed-core package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
org.apache.tomcat.embed:tomcat-embed-core is a Core Tomcat implementation. Affected versions of this package are vulnerable to Uncaught Exception due to the custom Jakarta Authentication Note: This is only exploitable if Tomcat is configured to use a custom Jakarta Authentication
How to fix Uncaught Exception? Upgrade |
[9.0.0.M1,9.0.96)
[10.1.0-M1,10.1.31)
[11.0.0-M1,11.0.0)
|
org.apache.tomcat.embed:tomcat-embed-core is a Core Tomcat implementation. Affected versions of this package are vulnerable to Denial of Service (DoS) due to an incomplete fix for CVE-2023-24998. If non-default HTTP connector settings were used such that the How to fix Denial of Service (DoS)? Upgrade |
[8.5.85,8.5.88)
[9.0.71,9.0.74)
[10.1.5,10.1.8)
[11.0.0-M2,11.0.0-M5)
|
org.apache.tomcat.embed:tomcat-embed-core is a Core Tomcat implementation. Affected versions of this package are vulnerable to Unprotected Transport of Credentials when using the How to fix Unprotected Transport of Credentials? Upgrade |
[8.5.0,8.5.86)
[9.0.0-M1,9.0.72)
[10.1.0-M1,10.1.6)
[11.0.0-M1,11.0.0-M3)
|
org.apache.tomcat.embed:tomcat-embed-core is a Core Tomcat implementation. Affected versions of this package are vulnerable to Denial of Service (DoS) when an attacker sends a large number of request parts in a series of uploads or a single multipart upload. NOTE: After upgrading to the fixed version, the How to fix Denial of Service (DoS)? Upgrade |
[8.5.0,8.5.85)
[9.0.0-M1,9.0.71)
[10.1.0-M1,10.1.5)
[11.0.0-M1,11.0.0-M3)
|