Product Report: Apache Tomcat

ProductTomcat
VendorApache
Product CVE Table
Product CVE Counts by Year Graph

Product OWASP CVE Counts by Year Table

Expand/Collpase

Title 2020 2019 2018 2017 2016 2014 2013 2012 2011 2010 2009 2008 2007 2005 2003 2002 2001
Broken Authentication 0 1 0 0 0 0 2 8 1 2 1 0 0 0 0 0 0
Cross Site Scripting (XSS) 0 1 0 1 0 0 0 0 1 2 1 2 9 2 2 0 0
Insecure Deserialization 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
Using Components with Known Vulnerabilities 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1
Insecure Encryption 0 0 0 0 0 0 0 1 0 0 0 0 1 0 0 0 0
Information Leakage 0 0 0 1 0 0 0 0 0 0 0 1 2 2 0 3 0
Unvalidated Redirect 0 0 1 1 2 0 0 0 0 0 0 0 0 1 0 0 0
Cross Site Request Forgery 0 0 0 0 1 0 1 1 0 0 0 0 1 0 0 0 0
Insufficient Logging and Monitoring 0 0 0 0 1 1 1 0 2 0 0 0 1 0 0 0 0
Cache Poisioning 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0
Path Traversal 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0
Sniffing 0 0 0 0 0 0 0 3 0 0 0 0 0 0 0 0 0
Spoofing 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0
Session Fixation 0 1 0 0 1 1 1 0 0 0 0 0 0 0 0 0 0
Session Hijacking 0 0 0 0 0 0 0 0 0 0 0 1 2 0 0 0 0
Product OWASP CVE Counts by Year Graph

Product Data Table

VersionCVE CountCvssV2 Base Score - AverageCvssV2 Exploitability Score - AverageBaseV2 Impact Score - AverageCvssV3 Base Score - AverageCvssV3 Exploitability Score - AverageBaseV3 Impact Score - AverageCVEs
*325.368.434.456.672.883.71
CVE-2000-1210, CVE-2001-0590, CVE-2002-0493, CVE-2005-4838, CVE-2007-0450,
CVE-2008-0128, CVE-2009-0783, CVE-2009-2696, CVE-2013-2185, CVE-2016-5388,
CVE-2017-15706, CVE-2018-11784, CVE-2018-1304, CVE-2018-1305, CVE-2018-1336,
CVE-2018-8014, CVE-2018-8034, CVE-2018-8037, CVE-2019-0199, CVE-2019-0221,
CVE-2019-0232, CVE-2019-10072, CVE-2019-12418, CVE-2019-17563, CVE-2019-17569,
CVE-2020-11996, CVE-2020-13934, CVE-2020-13935, CVE-2020-1935, CVE-2020-1938,
CVE-2020-8022, CVE-2020-9484
-27.203.9010.007.801.805.90
CVE-2016-5425, CVE-2016-6325
1.1.325.909.304.65N/AN/AN/A
CVE-2012-5568, CVE-2013-6357
3.0105.579.863.80N/AN/AN/A
CVE-2000-0672, CVE-2000-0760, CVE-2002-1148, CVE-2002-2006, CVE-2003-0042,
CVE-2003-0043, CVE-2003-0044, CVE-2003-0045, CVE-2005-0808, CVE-2009-3548
3.116.4010.004.90N/AN/AN/A
CVE-2000-0759
3.2.126.307.456.40N/AN/AN/A
CVE-2001-0829, CVE-2001-1563
3.2.315.0010.002.90N/AN/AN/A
CVE-2002-2007
3.344.488.952.90N/AN/AN/A
CVE-2002-1895, CVE-2007-3382, CVE-2007-3384, CVE-2007-3385
4.0.0114.527.983.58N/AN/AN/A
CVE-2002-1394, CVE-2002-2272, CVE-2003-0866, CVE-2006-7196, CVE-2007-1355,
CVE-2007-1358, CVE-2007-2449, CVE-2007-2450, CVE-2007-3383, CVE-2007-5461,
CVE-2008-5519
4.0.134.208.302.90N/AN/AN/A
CVE-2001-0917, CVE-2002-2009, CVE-2005-3164
4.0.355.5010.003.60N/AN/AN/A
CVE-2002-0682, CVE-2002-0935, CVE-2002-0936, CVE-2002-2008, CVE-2005-4703
4.1.084.889.133.34N/AN/AN/A
CVE-2002-1567, CVE-2008-1232, CVE-2008-2370, CVE-2008-3271, CVE-2008-5515,
CVE-2009-0033, CVE-2009-0580, CVE-2009-0781
4.1.1517.8010.006.90N/AN/AN/A
CVE-2005-4836
4.1.2414.308.602.90N/AN/AN/A
CVE-2005-2090
4.1.2812.604.902.90N/AN/AN/A
CVE-2007-1858
4.1.315.0010.002.90N/AN/AN/A
CVE-2007-5333
4.1.3114.308.602.90N/AN/AN/A
CVE-2007-4724
4.1.3212.604.902.90N/AN/AN/A
CVE-2008-4308
5.0.014.308.602.90N/AN/AN/A
CVE-2006-7195
5.0.2815.0010.002.90N/AN/AN/A
CVE-2006-3835
5.5.0174.568.433.34N/AN/AN/A
CVE-2005-3510, CVE-2007-3386, CVE-2009-2693, CVE-2009-2901, CVE-2009-2902,
CVE-2010-1157, CVE-2010-2227, CVE-2011-1184, CVE-2011-2204, CVE-2011-2526,
CVE-2011-5062, CVE-2011-5063, CVE-2011-5064, CVE-2012-0022, CVE-2012-5885,
CVE-2012-5886, CVE-2012-5887
5.5.1114.308.602.90N/AN/AN/A
CVE-2007-6286
5.5.1517.8010.006.90N/AN/AN/A
CVE-2006-7197
5.5.3215.0010.002.90N/AN/AN/A
CVE-2011-2729
5.5.3515.0010.002.90N/AN/AN/A
CVE-2011-4858
5.5.925.359.303.90N/AN/AN/A
CVE-2007-5342, CVE-2008-1947
614.308.602.90N/AN/AN/A
CVE-2014-0099
6.095.477.095.497.801.805.90
CVE-2010-4312, CVE-2012-2733, CVE-2012-3544, CVE-2012-3546, CVE-2012-4431,
CVE-2012-4534, CVE-2016-1240, CVE-2016-9774, CVE-2016-9775
6.0.0165.419.363.936.733.393.26
CVE-2008-2938, CVE-2014-0227, CVE-2014-0230, CVE-2014-7810, CVE-2015-5174,
CVE-2015-5345, CVE-2016-0706, CVE-2016-0714, CVE-2016-0762, CVE-2016-5018,
CVE-2016-6794, CVE-2016-6796, CVE-2016-6797, CVE-2016-6816, CVE-2016-8735,
CVE-2017-5647
6.0.1214.308.602.90N/AN/AN/A
CVE-2010-4172
6.0.2116.808.606.40N/AN/AN/A
CVE-2013-2067
6.0.3015.0010.002.90N/AN/AN/A
CVE-2011-3375
6.0.3314.308.602.90N/AN/AN/A
CVE-2014-0033
6.0.515.808.604.90N/AN/AN/A
CVE-2008-0002
7.016.808.606.408.102.205.90
CVE-2017-12615
7.0.0255.218.084.487.863.204.64
CVE-2010-3718, CVE-2011-0013, CVE-2011-0534, CVE-2011-1088, CVE-2011-1419,
CVE-2011-1475, CVE-2011-2481, CVE-2011-3190, CVE-2011-3376, CVE-2013-0346,
CVE-2013-2071, CVE-2013-4286, CVE-2013-4322, CVE-2013-4444, CVE-2014-0050,
CVE-2014-0075, CVE-2014-0096, CVE-2015-5346, CVE-2015-5351, CVE-2016-0763,
CVE-2016-8745, CVE-2017-12616, CVE-2017-12617, CVE-2017-5648, CVE-2017-5664
7.0.1115.808.604.90N/AN/AN/A
CVE-2011-1183
7.0.1214.308.602.90N/AN/AN/A
CVE-2011-1582
7.0.4114.308.602.904.302.801.40
CVE-2017-7674
8.0.034.539.072.90N/AN/AN/A
CVE-2013-4590, CVE-2014-0095, CVE-2014-0119
8.5.045.6310.003.788.073.904.18
CVE-2016-6817, CVE-2017-5650, CVE-2017-5651, CVE-2017-7675
8.5.715.0010.002.907.503.903.60
CVE-2016-8747
9.0.017.8010.006.907.503.903.60
CVE-2016-3092