Information on source package tomcat9

Available versions

ReleaseVersion
buster9.0.16-4
bullseye9.0.24-1
sid9.0.24-1

Open issues

BugbusterbullseyesidDescription
CVE-2019-10072vulnerablefixedfixedThe fix for CVE-2019-0199 was incomplete and did not address HTTP/2 co ...

Resolved issues

BugDescription
CVE-2019-0232When running on Windows with enableCmdLineArguments enabled, the CGI S ...
CVE-2019-0221The SSI printenv command in Apache Tomcat 9.0.0.M1 to 9.0.0.17, 8.5.0 ...
CVE-2019-0199The HTTP/2 implementation in Apache Tomcat 9.0.0.M1 to 9.0.14 and 8.5. ...
CVE-2018-8037If an async request was completed by the application at the same time ...
CVE-2018-8034The host name verification when using TLS with the WebSocket client wa ...
CVE-2018-8014The defaults settings for the CORS filter provided in Apache Tomcat 9. ...
CVE-2018-1336An improper handing of overflow in the UTF-8 decoder with supplementar ...
CVE-2018-1305Security constraints defined by annotations of Servlets in Apache Tomc ...
CVE-2018-1304The URL pattern of "" (the empty string) which exactly maps to the con ...
CVE-2018-11784When the default servlet in Apache Tomcat versions 9.0.0.M1 to 9.0.11, ...
CVE-2017-7675The HTTP/2 implementation in Apache Tomcat 9.0.0.M1 to 9.0.0.M21 and 8 ...
CVE-2017-7674The CORS Filter in Apache Tomcat 9.0.0.M1 to 9.0.0.M21, 8.5.0 to 8.5.1 ...
CVE-2017-5664The error page mechanism of the Java Servlet Specification requires th ...
CVE-2017-5651In Apache Tomcat 9.0.0.M1 to 9.0.0.M18 and 8.5.0 to 8.5.12, the refact ...
CVE-2017-5650In Apache Tomcat 9.0.0.M1 to 9.0.0.M18 and 8.5.0 to 8.5.12, the handli ...
CVE-2017-5648While investigating bug 60718, it was noticed that some calls to appli ...
CVE-2017-5647A bug in the handling of the pipelined requests in Apache Tomcat 9.0.0 ...
CVE-2017-15706As part of the fix for bug 61201, the documentation for Apache Tomcat ...
CVE-2016-8745A bug in the error handling of the send file code for the NIO HTTP con ...
CVE-2016-8735Remote code execution is possible with Apache Tomcat before 6.0.48, 7. ...
CVE-2016-6817The HTTP/2 header parser in Apache Tomcat 9.0.0.M1 to 9.0.0.M11 and 8. ...
CVE-2016-6816The code in Apache Tomcat 9.0.0.M1 to 9.0.0.M11, 8.5.0 to 8.5.6, 8.0.0 ...
CVE-2016-5388Apache Tomcat 7.x through 7.0.70 and 8.x through 8.5.4, when the CGI S ...
CVE-2016-3092The MultipartStream class in Apache Commons Fileupload before 1.3.2, a ...
CVE-2016-0763The setGlobalContext method in org/apache/naming/factory/ResourceLinkF ...
CVE-2016-0714The session-persistence implementation in Apache Tomcat 6.x before 6.0 ...
CVE-2016-0706Apache Tomcat 6.x before 6.0.45, 7.x before 7.0.68, 8.x before 8.0.31, ...
CVE-2015-5351The (1) Manager and (2) Host Manager applications in Apache Tomcat 7.x ...
CVE-2015-5346Session fixation vulnerability in Apache Tomcat 7.x before 7.0.66, 8.x ...
CVE-2015-5345The Mapper component in Apache Tomcat 6.x before 6.0.45, 7.x before 7. ...

Search for package or bug name: Reporting problems