Apache Tomcat vulnerabilities

5 known vulnerabilities affecting apache/apache_tomcat.

Total CVEs
5
CISA KEV
1
actively exploited
Public exploits
2
Exploited in wild
1
Severity breakdown
CRITICAL1HIGH1MEDIUM3

Vulnerabilities

Page 1 of 1
CVE-2020-11996HIGHCVSS 7.5v10.0.0-M1 to 10.0.0-M5v9.0.0.M1 to 9.0.35+1 more2020-06-26
CVE-2020-11996 [HIGH] CVE-2020-11996: A specially crafted sequence of HTTP/2 requests sent to Apache Tomcat 10.0.0-M1 to 10.0.0-M5, 9.0.0. A specially crafted sequence of HTTP/2 requests sent to Apache Tomcat 10.0.0-M1 to 10.0.0-M5, 9.0.0.M1 to 9.0.35 and 8.5.0 to 8.5.55 could trigger high CPU usage for several seconds. If a sufficient number of such requests were made on concurrent HTTP/2 connections, the server could become unresponsive.
cvelistv5nvd
CVE-2020-1938CRITICALCVSS 9.8KEVPoCvApache Tomcat 9.0.0.M1 to 9.0.0.30v8.5.0 to 8.5.50+1 more2020-02-24
CVE-2020-1938 [CRITICAL] CVE-2020-1938: When using the Apache JServ Protocol (AJP), care must be taken when trusting incoming connections to When using the Apache JServ Protocol (AJP), care must be taken when trusting incoming connections to Apache Tomcat. Tomcat treats AJP connections as having higher trust than, for example, a similar HTTP connection. If such connections are available to an attacker, they can be exploited in ways that may be surprising. In Apache Tomcat 9.0.0.M1 to 9.0.0.30, 8
cvelistv5nvd
CVE-2019-17569MEDIUMCVSS 4.8vApache Tomcat 9.0.28 to 9.0.30v8.5.48 to 8.5.50+1 more2020-02-24
CVE-2019-17569 [MEDIUM] CWE-444 CVE-2019-17569: The refactoring present in Apache Tomcat 9.0.28 to 9.0.30, 8.5.48 to 8.5.50 and 7.0.98 to 7.0.99 int The refactoring present in Apache Tomcat 9.0.28 to 9.0.30, 8.5.48 to 8.5.50 and 7.0.98 to 7.0.99 introduced a regression. The result of the regression was that invalid Transfer-Encoding headers were incorrectly processed leading to a possibility of HTTP Request Smuggling if Tomcat was located behind a reverse proxy that incorrectly handled the inval
cvelistv5nvd
CVE-2020-1935MEDIUMCVSS 4.8vApache Tomcat 9.0.0.M1 to 9.0.30v8.5.0 to 8.5.50+1 more2020-02-24
CVE-2020-1935 [MEDIUM] CWE-444 CVE-2020-1935: In Apache Tomcat 9.0.0.M1 to 9.0.30, 8.5.0 to 8.5.50 and 7.0.0 to 7.0.99 the HTTP header parsing cod In Apache Tomcat 9.0.0.M1 to 9.0.30, 8.5.0 to 8.5.50 and 7.0.0 to 7.0.99 the HTTP header parsing code used an approach to end-of-line parsing that allowed some invalid HTTP headers to be parsed as valid. This led to a possibility of HTTP Request Smuggling if Tomcat was located behind a reverse proxy that incorrectly handled the invalid Transfer-Encodi
cvelistv5nvd
CVE-2019-0221MEDIUMCVSS 6.1PoCvApache Tomcat 9.0.0.M1 to 9.0.0.17v8.5.0 to 8.5.39+1 more2019-05-28
CVE-2019-0221 [MEDIUM] CWE-79 CVE-2019-0221: The SSI printenv command in Apache Tomcat 9.0.0.M1 to 9.0.0.17, 8.5.0 to 8.5.39 and 7.0.0 to 7.0.93 The SSI printenv command in Apache Tomcat 9.0.0.M1 to 9.0.0.17, 8.5.0 to 8.5.39 and 7.0.0 to 7.0.93 echoes user provided data without escaping and is, therefore, vulnerable to XSS. SSI is disabled by default. The printenv command is intended for debugging and is unlikely to be present in a production website.
cvelistv5nvd