<p>Upgrade <code>org.apache.tomcat:catalina</code> to version 6.0.39 or higher.</p>

Frame injection Affecting org.apache.tomcat:catalina package, versions [6.0.0,6.0.39)

Snyk CVSS

Attack Complexity High

Threat Intelligence

EPSS 90.44% (99^th percentile)

Do your applications use this vulnerable package?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications

Snyk ID SNYK-JAVA-ORGAPACHETOMCAT-467247
published 20 Aug 2019
disclosed 18 Jun 2013
credit Unknown

Report a new vulnerability Found a mistake?

Introduced: 18 Jun 2013

CVE-2013-1571 Open this link in a new tab CWE-1021 Open this link in a new tab

How to fix?

Upgrade org.apache.tomcat:catalina to version 6.0.39 or higher.

Overview

org.apache.tomcat:catalina is a Servlet Engine Core Classes and Standard implementations.

Affected versions of this package are vulnerable to Frame injection. Tomcat 6 is built with Java 5 which is known to generate Javadoc with a frame injection vulnerability.

References

Apache Tomcat 6 Advisory Details
CVE Details
GitHub Commit