Product Report: Apache Tomcat

ProductTomcat
VendorApache
Product CVE Table
Product CVE Counts by Year Graph

Product OWASP CVE Counts by Year Table
Title 2020 2019 2018 2017 2016 2014 2013 2012 2011 2010 2009 2008 2007 2005 2003 2002 2001
Broken Authentication 0 1 0 0 0 0 2 8 1 2 1 0 0 0 0 0 0
Cross Site Scripting (XSS) 0 1 0 1 0 0 0 0 1 2 1 2 9 2 2 0 0
Insecure Deserialization 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
Using Components with Known Vulnerabilities 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1
Insecure Encryption 0 0 0 0 0 0 0 1 0 0 0 0 1 0 0 0 0
Information Leakage 0 0 0 1 0 0 0 0 0 0 0 1 2 2 0 3 0
Unvalidated Redirect 0 0 1 1 2 0 0 0 0 0 0 0 0 1 0 0 0
Cross Site Request Forgery 0 0 0 0 1 0 1 1 0 0 0 0 1 0 0 0 0
Insufficient Logging and Monitoring 0 0 0 0 1 1 1 0 2 0 0 0 1 0 0 0 0
Cache Poisioning 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0
Path Traversal 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0
Sniffing 0 0 0 0 0 0 0 3 0 0 0 0 0 0 0 0 0
Spoofing 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0
Session Fixation 0 1 0 0 1 1 1 0 0 0 0 0 0 0 0 0 0
Session Hijacking 0 0 0 0 0 0 0 0 0 0 0 1 2 0 0 0 0
Product OWASP CVE Counts by Year Graph

Product Data Table

VersionCVE CountCvssV2 Base Score - AverageCvssV2 Exploitability Score - AverageBaseV2 Impact Score - AverageCvssV3 Base Score - AverageCvssV3 Exploitability Score - AverageBaseV3 Impact Score - AverageCVEs
*325.368.434.456.672.883.71
CVE-2000-1210, CVE-2001-0590, CVE-2002-0493, CVE-2005-4838, CVE-2007-0450,
CVE-2008-0128, CVE-2009-0783, CVE-2009-2696, CVE-2013-2185, CVE-2016-5388,
CVE-2017-15706, CVE-2018-11784, CVE-2018-1304, CVE-2018-1305, CVE-2018-1336,
CVE-2018-8014, CVE-2018-8034, CVE-2018-8037, CVE-2019-0199, CVE-2019-0221,
CVE-2019-0232, CVE-2019-10072, CVE-2019-12418, CVE-2019-17563, CVE-2019-17569,
CVE-2020-11996, CVE-2020-13934, CVE-2020-13935, CVE-2020-1935, CVE-2020-1938,
CVE-2020-8022, CVE-2020-9484
-27.203.9010.007.801.805.90
CVE-2016-5425, CVE-2016-6325
1.1.325.909.304.65N/AN/AN/A
CVE-2012-5568, CVE-2013-6357
3.0105.579.863.80N/AN/AN/A
CVE-2000-0672, CVE-2000-0760, CVE-2002-1148, CVE-2002-2006, CVE-2003-0042,
CVE-2003-0043, CVE-2003-0044, CVE-2003-0045, CVE-2005-0808, CVE-2009-3548
3.116.4010.004.90N/AN/AN/A
CVE-2000-0759
3.2.126.307.456.40N/AN/AN/A
CVE-2001-0829, CVE-2001-1563
3.2.315.0010.002.90N/AN/AN/A
CVE-2002-2007
3.344.488.952.90N/AN/AN/A
CVE-2002-1895, CVE-2007-3382, CVE-2007-3384, CVE-2007-3385
4.0.0114.527.983.58N/AN/AN/A
CVE-2002-1394, CVE-2002-2272, CVE-2003-0866, CVE-2006-7196, CVE-2007-1355,
CVE-2007-1358, CVE-2007-2449, CVE-2007-2450, CVE-2007-3383, CVE-2007-5461,
CVE-2008-5519
4.0.134.208.302.90N/AN/AN/A
CVE-2001-0917, CVE-2002-2009, CVE-2005-3164
4.0.355.5010.003.60N/AN/AN/A
CVE-2002-0682, CVE-2002-0935, CVE-2002-0936, CVE-2002-2008, CVE-2005-4703
4.1.084.889.133.34N/AN/AN/A
CVE-2002-1567, CVE-2008-1232, CVE-2008-2370, CVE-2008-3271, CVE-2008-5515,
CVE-2009-0033, CVE-2009-0580, CVE-2009-0781
4.1.1517.8010.006.90N/AN/AN/A
CVE-2005-4836
4.1.2414.308.602.90N/AN/AN/A
CVE-2005-2090
4.1.2812.604.902.90N/AN/AN/A
CVE-2007-1858
4.1.315.0010.002.90N/AN/AN/A
CVE-2007-5333
4.1.3114.308.602.90N/AN/AN/A
CVE-2007-4724
4.1.3212.604.902.90N/AN/AN/A
CVE-2008-4308
5.0.014.308.602.90N/AN/AN/A
CVE-2006-7195
5.0.2815.0010.002.90N/AN/AN/A
CVE-2006-3835
5.5.0174.568.433.34N/AN/AN/A
CVE-2005-3510, CVE-2007-3386, CVE-2009-2693, CVE-2009-2901, CVE-2009-2902,
CVE-2010-1157, CVE-2010-2227, CVE-2011-1184, CVE-2011-2204, CVE-2011-2526,
CVE-2011-5062, CVE-2011-5063, CVE-2011-5064, CVE-2012-0022, CVE-2012-5885,
CVE-2012-5886, CVE-2012-5887
5.5.1114.308.602.90N/AN/AN/A
CVE-2007-6286
5.5.1517.8010.006.90N/AN/AN/A
CVE-2006-7197
5.5.3215.0010.002.90N/AN/AN/A
CVE-2011-2729
5.5.3515.0010.002.90N/AN/AN/A
CVE-2011-4858
5.5.925.359.303.90N/AN/AN/A
CVE-2007-5342, CVE-2008-1947
614.308.602.90N/AN/AN/A
CVE-2014-0099
6.095.477.095.497.801.805.90
CVE-2010-4312, CVE-2012-2733, CVE-2012-3544, CVE-2012-3546, CVE-2012-4431,
CVE-2012-4534, CVE-2016-1240, CVE-2016-9774, CVE-2016-9775
6.0.0165.419.363.936.733.393.26
CVE-2008-2938, CVE-2014-0227, CVE-2014-0230, CVE-2014-7810, CVE-2015-5174,
CVE-2015-5345, CVE-2016-0706, CVE-2016-0714, CVE-2016-0762, CVE-2016-5018,
CVE-2016-6794, CVE-2016-6796, CVE-2016-6797, CVE-2016-6816, CVE-2016-8735,
CVE-2017-5647
6.0.1214.308.602.90N/AN/AN/A
CVE-2010-4172
6.0.2116.808.606.40N/AN/AN/A
CVE-2013-2067
6.0.3015.0010.002.90N/AN/AN/A
CVE-2011-3375
6.0.3314.308.602.90N/AN/AN/A
CVE-2014-0033
6.0.515.808.604.90N/AN/AN/A
CVE-2008-0002
7.016.808.606.408.102.205.90
CVE-2017-12615
7.0.0255.218.084.487.863.204.64
CVE-2010-3718, CVE-2011-0013, CVE-2011-0534, CVE-2011-1088, CVE-2011-1419,
CVE-2011-1475, CVE-2011-2481, CVE-2011-3190, CVE-2011-3376, CVE-2013-0346,
CVE-2013-2071, CVE-2013-4286, CVE-2013-4322, CVE-2013-4444, CVE-2014-0050,
CVE-2014-0075, CVE-2014-0096, CVE-2015-5346, CVE-2015-5351, CVE-2016-0763,
CVE-2016-8745, CVE-2017-12616, CVE-2017-12617, CVE-2017-5648, CVE-2017-5664
7.0.1115.808.604.90N/AN/AN/A
CVE-2011-1183
7.0.1214.308.602.90N/AN/AN/A
CVE-2011-1582
7.0.4114.308.602.904.302.801.40
CVE-2017-7674
8.0.034.539.072.90N/AN/AN/A
CVE-2013-4590, CVE-2014-0095, CVE-2014-0119
8.5.045.6310.003.788.073.904.18
CVE-2016-6817, CVE-2017-5650, CVE-2017-5651, CVE-2017-7675
8.5.715.0010.002.907.503.903.60
CVE-2016-8747
9.0.017.8010.006.907.503.903.60
CVE-2016-3092