Web Server

Apache Tomcat

The Apache Tomcat is an open-source Java Servlet Container developed by the Apache Software Foundation (ASF). Tomcat implements several Java EE specifications including Java Servlet JavaServer Pages (JSP) Java EL and WebSocket and provides a quotpure Javaquot HTTP web server environment in which Java code can run.

Official Site:

http://tomcat.apache.org/

Severity Summary:

Critical: 10 High: 64 Medium: 129 Low: 14

Reference

Title

Severity

CVE-2016-3092

Apache Tomcat Improper Input Validation Vulnerability

High

CVE-2016-1240

Apache Tomcat Improper Input Validation Vulnerability

High

CVE-2016-5388

Apache Tomcat Improper Access Control Vulnerability

High

CVE-2016-8747

Apache Tomcat Exposure of Sensitive Information to an Unauthorized Actor Vulnerability

High

CVE-2016-9774

Apache Tomcat Improper Link Resolution Before File Access (Link Following) Vulnerability

High

CVE-2016-9775

Apache Tomcat Permissions Privileges and Access Controls Vulnerability

High

CVE-2015-5351

Apache Tomcat Cross-Site Request Forgery (CSRF) Vulnerability

High

CVE-2016-8745

Apache Tomcat 7PK - Errors Vulnerability

High

CVE-2018-1336

Apache Tomcat Loop with Unreachable Exit Condition (Infinite Loop) Vulnerability

High

CVE-2020-11996

Apache Tomcat Uncontrolled Resource Consumption Vulnerability

High

CVE-2014-0230

Apache Tomcat Resource Management Errors Vulnerability

High

CVE-2020-9484

Apache Tomcat Deserialization of Untrusted Data Vulnerability

High

CVE-2019-17563

Apache Tomcat Session Fixation Vulnerability

High

CVE-2019-12418

Apache Tomcat Insufficiently Protected Credentials Vulnerability

High

CVE-2001-0590