tomcat-embed-core-8.5.34.jar: 27 vulnerabilities (highest severity is: 8.1) - autoclosed

Vulnerable Library - tomcat-embed-core-8.5.34.jar

Core Tomcat implementation

Library home page: https://tomcat.apache.org/

Path to dependency file: /tools/nibrs-summary-report/pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/org/apache/tomcat/embed/tomcat-embed-core/8.5.34/tomcat-embed-core-8.5.34.jar,/home/wss-scanner/.m2/repository/org/apache/tomcat/embed/tomcat-embed-core/8.5.34/tomcat-embed-core-8.5.34.jar,/home/wss-scanner/.m2/repository/org/apache/tomcat/embed/tomcat-embed-core/8.5.34/tomcat-embed-core-8.5.34.jar,/home/wss-scanner/.m2/repository/org/apache/tomcat/embed/tomcat-embed-core/8.5.34/tomcat-embed-core-8.5.34.jar,/tools/nibrs-route/target/nibrs-route-1.0.0/WEB-INF/lib/tomcat-embed-core-8.5.34.jar,/home/wss-scanner/.m2/repository/org/apache/tomcat/embed/tomcat-embed-core/8.5.34/tomcat-embed-core-8.5.34.jar

Vulnerabilities

CVE	Severity	CVSS	Dependency	Type	Fixed in (tomcat-embed-core version)	Remediation Possible**
CVE-2019-0232	High	8.1	tomcat-embed-core-8.5.34.jar	Direct	8.5.40	✅
CVE-2024-24549	High	7.5	tomcat-embed-core-8.5.34.jar	Direct	8.5.99	✅
CVE-2023-46589	High	7.5	tomcat-embed-core-8.5.34.jar	Direct	8.5.96	✅
CVE-2023-44487	High	7.5	tomcat-embed-core-8.5.34.jar	Direct	org.eclipse.jetty.http2:http2-server:9.4.53.v20231009,10.0.17,11.0.17, org.eclipse.jetty.http2:jetty-http2-server:12.0.2, org.eclipse.jetty.http2:http2-common:9.4.53.v20231009,10.0.17,11.0.17, org.eclipse.jetty.http2:jetty-http2-common:12.0.2, nghttp - v1.57.0, swift-nio-http2 - 1.28.0, io.netty:netty-codec-http2:4.1.100.Final, trafficserver - 9.2.3, org.apache.tomcat:tomcat-coyote:8.5.94,9.0.81,10.1.14, org.apache.tomcat.embed:tomcat-embed-core:8.5.94,9.0.81,10.1.14, Microsoft.AspNetCore.App - 6.0.23,7.0.12, contour - v1.26.1, proxygen - v2023.10.16.00, grpc-go - v1.56.3,v1.57.1,v1.58.3, kubernetes/kubernetes - v1.25.15,v1.26.10,v1.27.7,v1.28.3,v1.29.0, kubernetes/apimachinery - v0.25.15,v0.26.10,v0.27.7,v0.28.3,v0.29.0, kubernetes/apiserver- v0.25.15,v0.26.10,v0.27.7,v0.28.3,v0.29.0	✅
CVE-2023-24998	High	7.5	tomcat-embed-core-8.5.34.jar	Direct	8.5.85	✅
CVE-2022-42252	High	7.5	tomcat-embed-core-8.5.34.jar	Direct	org.apache.tomcat:tomcat:8.5.83,9.0.68,10.0.27,10.1.1	✅
CVE-2021-41079	High	7.5	tomcat-embed-core-8.5.34.jar	Direct	8.5.64	✅
CVE-2021-25122	High	7.5	tomcat-embed-core-8.5.34.jar	Direct	8.5.63	✅
CVE-2020-17527	High	7.5	tomcat-embed-core-8.5.34.jar	Direct	8.5.60	✅
CVE-2020-13934	High	7.5	tomcat-embed-core-8.5.34.jar	Direct	8.5.57	✅
CVE-2019-17563	High	7.5	tomcat-embed-core-8.5.34.jar	Direct	8.5.50	✅
CVE-2019-10072	High	7.5	tomcat-embed-core-8.5.34.jar	Direct	8.5.41	✅
CVE-2019-0199	High	7.5	tomcat-embed-core-8.5.34.jar	Direct	8.5.38	✅
CVE-2021-25329	High	7.0	tomcat-embed-core-8.5.34.jar	Direct	8.5.63	✅
CVE-2020-9484	High	7.0	tomcat-embed-core-8.5.34.jar	Direct	8.5.55	✅
CVE-2021-30640	Medium	6.5	tomcat-embed-core-8.5.34.jar	Direct	8.5.66	✅
CVE-2023-41080	Medium	6.1	tomcat-embed-core-8.5.34.jar	Direct	8.5.93	✅
CVE-2019-0221	Medium	6.1	tomcat-embed-core-8.5.34.jar	Direct	8.5.40	✅
CVE-2021-24122	Medium	5.9	tomcat-embed-core-8.5.34.jar	Direct	8.5.60	✅
CVE-2024-21733	Medium	5.3	tomcat-embed-core-8.5.34.jar	Direct	8.5.64	✅
CVE-2023-45648	Medium	5.3	tomcat-embed-core-8.5.34.jar	Direct	8.5.94	✅
CVE-2023-42795	Medium	5.3	tomcat-embed-core-8.5.34.jar	Direct	8.5.94	✅
CVE-2021-33037	Medium	5.3	tomcat-embed-core-8.5.34.jar	Direct	8.5.68	✅
CVE-2020-1935	Medium	4.8	tomcat-embed-core-8.5.34.jar	Direct	8.5.51	✅
CVE-2023-28708	Medium	4.3	tomcat-embed-core-8.5.34.jar	Direct	8.5.86	✅
CVE-2020-13943	Medium	4.3	tomcat-embed-core-8.5.34.jar	Direct	8.5.58	✅
CVE-2021-43980	Low	3.7	tomcat-embed-core-8.5.34.jar	Direct	8.5.78	✅

**In some cases, Remediation PR cannot be created automatically for a vulnerability despite the availability of remediation

Details

Partial details (20 vulnerabilities) are displayed below due to a content size limitation in GitHub. To view information on the remaining vulnerabilities, navigate to the Mend Application.

CVE-2019-0232

### Vulnerable Library - tomcat-embed-core-8.5.34.jar

Core Tomcat implementation

Library home page: https://tomcat.apache.org/

Path to dependency file: /tools/nibrs-summary-report/pom.xml

Dependency Hierarchy: - :x: **tomcat-embed-core-8.5.34.jar** (Vulnerable Library)

Found in base branch: master

### Vulnerability Details

When running on Windows with enableCmdLineArguments enabled, the CGI Servlet in Apache Tomcat 9.0.0.M1 to 9.0.17, 8.5.0 to 8.5.39 and 7.0.0 to 7.0.93 is vulnerable to Remote Code Execution due to a bug in the way the JRE passes command line arguments to Windows. The CGI Servlet is disabled by default. The CGI option enableCmdLineArguments is disable by default in Tomcat 9.0.x (and will be disabled by default in all versions in response to this vulnerability). For a detailed explanation of the JRE behaviour, see Markus Wulftange's blog (https://codewhitesec.blogspot.com/2016/02/java-and-command-line-injections-in-windows.html) and this archived MSDN blog (https://web.archive.org/web/20161228144344/https://blogs.msdn.microsoft.com/twistylittlepassagesallalike/2011/04/23/everyone-quotes-command-line-arguments-the-wrong-way/).

Publish Date: 2019-04-15

URL: CVE-2019-0232

### CVSS 3 Score Details (8.1)

Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: High - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: High - Availability Impact: High

For more information on CVSS3 Scores, click here.

### Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0232

Release Date: 2019-04-15

Fix Resolution: 8.5.40

:rescue_worker_helmet: Automatic Remediation will be attempted for this issue.

CVE-2024-24549

### Vulnerable Library - tomcat-embed-core-8.5.34.jar

Core Tomcat implementation

Library home page: https://tomcat.apache.org/

Path to dependency file: /tools/nibrs-summary-report/pom.xml

Dependency Hierarchy: - :x: **tomcat-embed-core-8.5.34.jar** (Vulnerable Library)

Found in base branch: master

### Vulnerability Details

Denial of Service due to improper input validation vulnerability for HTTP/2 requests in Apache Tomcat. When processing an HTTP/2 request, if the request exceeded any of the configured limits for headers, the associated HTTP/2 stream was not reset until after all of the headers had been processed.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M16, from 10.1.0-M1 through 10.1.18, from 9.0.0-M1 through 9.0.85, from 8.5.0 through 8.5.98. Users are recommended to upgrade to version 11.0.0-M17, 10.1.19, 9.0.86 or 8.5.99 which fix the issue.

Publish Date: 2024-03-13

URL: CVE-2024-24549

### CVSS 3 Score Details (7.5)

Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: None - Availability Impact: High

For more information on CVSS3 Scores, click here.

### Suggested Fix

Type: Upgrade version

Origin: https://lists.apache.org/thread/4c50rmomhbbsdgfjsgwlb51xdwfjdcvg

Release Date: 2024-03-13

Fix Resolution: 8.5.99

:rescue_worker_helmet: Automatic Remediation will be attempted for this issue.

CVE-2023-46589

### Vulnerable Library - tomcat-embed-core-8.5.34.jar

Core Tomcat implementation

Library home page: https://tomcat.apache.org/

Path to dependency file: /tools/nibrs-summary-report/pom.xml

Dependency Hierarchy: - :x: **tomcat-embed-core-8.5.34.jar** (Vulnerable Library)

Found in base branch: master

### Vulnerability Details

Improper Input Validation vulnerability in Apache Tomcat.Tomcat from 11.0.0-M1 through 11.0.0-M10, from 10.1.0-M1 through 10.1.15, from 9.0.0-M1 through 9.0.82 and from 8.5.0 through 8.5.95 did not correctly parse HTTP trailer headers. A trailer header that exceeded the header size limit could cause Tomcat to treat a single request as multiple requests leading to the possibility of request smuggling when behind a reverse proxy. Users are recommended to upgrade to version 11.0.0-M11 onwards, 10.1.16 onwards, 9.0.83 onwards or 8.5.96 onwards, which fix the issue.

Publish Date: 2023-11-28

URL: CVE-2023-46589

### CVSS 3 Score Details (7.5)

For more information on CVSS3 Scores, click here.

### Suggested Fix

Type: Upgrade version

Origin: https://tomcat.apache.org/security-11.html

Release Date: 2023-11-28

Fix Resolution: 8.5.96

:rescue_worker_helmet: Automatic Remediation will be attempted for this issue.

CVE-2023-44487

### Vulnerable Library - tomcat-embed-core-8.5.34.jar

Core Tomcat implementation

Library home page: https://tomcat.apache.org/

Path to dependency file: /tools/nibrs-summary-report/pom.xml

Dependency Hierarchy: - :x: **tomcat-embed-core-8.5.34.jar** (Vulnerable Library)

Found in base branch: master

### Vulnerability Details

The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.

Publish Date: 2023-10-10

URL: CVE-2023-44487

### CVSS 3 Score Details (7.5)

For more information on CVSS3 Scores, click here.

### Suggested Fix

Type: Upgrade version

Origin: https://www.cve.org/CVERecord?id=CVE-2023-44487

Release Date: 2023-10-10

Fix Resolution: org.eclipse.jetty.http2:http2-server:9.4.53.v20231009,10.0.17,11.0.17, org.eclipse.jetty.http2:jetty-http2-server:12.0.2, org.eclipse.jetty.http2:http2-common:9.4.53.v20231009,10.0.17,11.0.17, org.eclipse.jetty.http2:jetty-http2-common:12.0.2, nghttp - v1.57.0, swift-nio-http2 - 1.28.0, io.netty:netty-codec-http2:4.1.100.Final, trafficserver - 9.2.3, org.apache.tomcat:tomcat-coyote:8.5.94,9.0.81,10.1.14, org.apache.tomcat.embed:tomcat-embed-core:8.5.94,9.0.81,10.1.14, Microsoft.AspNetCore.App - 6.0.23,7.0.12, contour - v1.26.1, proxygen - v2023.10.16.00, grpc-go - v1.56.3,v1.57.1,v1.58.3, kubernetes/kubernetes - v1.25.15,v1.26.10,v1.27.7,v1.28.3,v1.29.0, kubernetes/apimachinery - v0.25.15,v0.26.10,v0.27.7,v0.28.3,v0.29.0, kubernetes/apiserver- v0.25.15,v0.26.10,v0.27.7,v0.28.3,v0.29.0

:rescue_worker_helmet: Automatic Remediation will be attempted for this issue.

CVE-2023-24998

### Vulnerable Library - tomcat-embed-core-8.5.34.jar

Core Tomcat implementation

Library home page: https://tomcat.apache.org/

Path to dependency file: /tools/nibrs-summary-report/pom.xml

Dependency Hierarchy: - :x: **tomcat-embed-core-8.5.34.jar** (Vulnerable Library)

Found in base branch: master

### Vulnerability Details

Apache Commons FileUpload before 1.5 does not limit the number of request parts to be processed resulting in the possibility of an attacker triggering a DoS with a malicious upload or series of uploads. Note that, like all of the file upload limits, the new configuration option (FileUploadBase#setFileCountMax) is not enabled by default and must be explicitly configured.

Publish Date: 2023-02-20

URL: CVE-2023-24998

### CVSS 3 Score Details (7.5)

For more information on CVSS3 Scores, click here.

### Suggested Fix

Type: Upgrade version

Origin: https://tomcat.apache.org/security-10.html

Release Date: 2023-02-20

Fix Resolution: 8.5.85

:rescue_worker_helmet: Automatic Remediation will be attempted for this issue.

CVE-2022-42252

### Vulnerable Library - tomcat-embed-core-8.5.34.jar

Core Tomcat implementation

Library home page: https://tomcat.apache.org/

Path to dependency file: /tools/nibrs-summary-report/pom.xml

Dependency Hierarchy: - :x: **tomcat-embed-core-8.5.34.jar** (Vulnerable Library)

Found in base branch: master

### Vulnerability Details

If Apache Tomcat 8.5.0 to 8.5.82, 9.0.0-M1 to 9.0.67, 10.0.0-M1 to 10.0.26 or 10.1.0-M1 to 10.1.0 was configured to ignore invalid HTTP headers via setting rejectIllegalHeader to false (the default for 8.5.x only), Tomcat did not reject a request containing an invalid Content-Length header making a request smuggling attack possible if Tomcat was located behind a reverse proxy that also failed to reject the request with the invalid header.

Publish Date: 2022-11-01

URL: CVE-2022-42252

### CVSS 3 Score Details (7.5)

For more information on CVSS3 Scores, click here.

### Suggested Fix

Type: Upgrade version

Origin: https://github.com/advisories/GHSA-p22x-g9px-3945

Release Date: 2022-11-01

Fix Resolution: org.apache.tomcat:tomcat:8.5.83,9.0.68,10.0.27,10.1.1

:rescue_worker_helmet: Automatic Remediation will be attempted for this issue.

CVE-2021-41079

### Vulnerable Library - tomcat-embed-core-8.5.34.jar

Core Tomcat implementation

Library home page: https://tomcat.apache.org/

Path to dependency file: /tools/nibrs-summary-report/pom.xml

Dependency Hierarchy: - :x: **tomcat-embed-core-8.5.34.jar** (Vulnerable Library)

Found in base branch: master

### Vulnerability Details

Apache Tomcat 8.5.0 to 8.5.63, 9.0.0-M1 to 9.0.43 and 10.0.0-M1 to 10.0.2 did not properly validate incoming TLS packets. When Tomcat was configured to use NIO+OpenSSL or NIO2+OpenSSL for TLS, a specially crafted packet could be used to trigger an infinite loop resulting in a denial of service.

Publish Date: 2021-09-16

URL: CVE-2021-41079

### CVSS 3 Score Details (7.5)

For more information on CVSS3 Scores, click here.

### Suggested Fix

Type: Upgrade version

Origin: https://tomcat.apache.org/security-10.html

Release Date: 2021-09-16

Fix Resolution: 8.5.64

:rescue_worker_helmet: Automatic Remediation will be attempted for this issue.

CVE-2021-25122

### Vulnerable Library - tomcat-embed-core-8.5.34.jar

Core Tomcat implementation

Library home page: https://tomcat.apache.org/

Path to dependency file: /tools/nibrs-summary-report/pom.xml

Dependency Hierarchy: - :x: **tomcat-embed-core-8.5.34.jar** (Vulnerable Library)

Found in base branch: master

### Vulnerability Details

When responding to new h2c connection requests, Apache Tomcat versions 10.0.0-M1 to 10.0.0, 9.0.0.M1 to 9.0.41 and 8.5.0 to 8.5.61 could duplicate request headers and a limited amount of request body from one request to another meaning user A and user B could both see the results of user A's request.

Publish Date: 2021-03-01

URL: CVE-2021-25122

### CVSS 3 Score Details (7.5)

Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: None - Availability Impact: None

For more information on CVSS3 Scores, click here.

### Suggested Fix

Type: Upgrade version

Origin: https://lists.apache.org/thread.html/r7b95bc248603360501f18c8eb03bb6001ec0ee3296205b34b07105b7%40%3Cannounce.tomcat.apache.org%3E

Release Date: 2021-03-01

Fix Resolution: 8.5.63

:rescue_worker_helmet: Automatic Remediation will be attempted for this issue.

CVE-2020-17527

### Vulnerable Library - tomcat-embed-core-8.5.34.jar

Core Tomcat implementation

Library home page: https://tomcat.apache.org/

Path to dependency file: /tools/nibrs-summary-report/pom.xml

Dependency Hierarchy: - :x: **tomcat-embed-core-8.5.34.jar** (Vulnerable Library)

Found in base branch: master

### Vulnerability Details

While investigating bug 64830 it was discovered that Apache Tomcat 10.0.0-M1 to 10.0.0-M9, 9.0.0-M1 to 9.0.39 and 8.5.0 to 8.5.59 could re-use an HTTP request header value from the previous stream received on an HTTP/2 connection for the request associated with the subsequent stream. While this would most likely lead to an error and the closure of the HTTP/2 connection, it is possible that information could leak between requests.

Publish Date: 2020-12-03

URL: CVE-2020-17527

### CVSS 3 Score Details (7.5)

Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: None - Availability Impact: None

For more information on CVSS3 Scores, click here.

### Suggested Fix

Type: Upgrade version

Origin: https://lists.apache.org/thread/0nl7j4lr5j6jvwh45d2lhtjysqvnwnqx

Release Date: 2020-12-03

Fix Resolution: 8.5.60

:rescue_worker_helmet: Automatic Remediation will be attempted for this issue.

CVE-2020-13934

### Vulnerable Library - tomcat-embed-core-8.5.34.jar

Core Tomcat implementation

Library home page: https://tomcat.apache.org/

Path to dependency file: /tools/nibrs-summary-report/pom.xml

Dependency Hierarchy: - :x: **tomcat-embed-core-8.5.34.jar** (Vulnerable Library)

Found in base branch: master

### Vulnerability Details

An h2c direct connection to Apache Tomcat 10.0.0-M1 to 10.0.0-M6, 9.0.0.M5 to 9.0.36 and 8.5.1 to 8.5.56 did not release the HTTP/1.1 processor after the upgrade to HTTP/2. If a sufficient number of such requests were made, an OutOfMemoryException could occur leading to a denial of service.

Publish Date: 2020-07-14

URL: CVE-2020-13934

### CVSS 3 Score Details (7.5)

For more information on CVSS3 Scores, click here.

### Suggested Fix

Type: Upgrade version

Origin: https://lists.apache.org/thread.html/r61f411cf82488d6ec213063fc15feeeb88e31b0ca9c29652ee4f962e%40%3Cannounce.tomcat.apache.org%3E

Release Date: 2020-07-14

Fix Resolution: 8.5.57

:rescue_worker_helmet: Automatic Remediation will be attempted for this issue.

CVE-2019-17563

### Vulnerable Library - tomcat-embed-core-8.5.34.jar

Core Tomcat implementation

Library home page: https://tomcat.apache.org/

Path to dependency file: /tools/nibrs-summary-report/pom.xml

Dependency Hierarchy: - :x: **tomcat-embed-core-8.5.34.jar** (Vulnerable Library)

Found in base branch: master

### Vulnerability Details

When using FORM authentication with Apache Tomcat 9.0.0.M1 to 9.0.29, 8.5.0 to 8.5.49 and 7.0.0 to 7.0.98 there was a narrow window where an attacker could perform a session fixation attack. The window was considered too narrow for an exploit to be practical but, erring on the side of caution, this issue has been treated as a security vulnerability.

Publish Date: 2019-12-23

URL: CVE-2019-17563

### CVSS 3 Score Details (7.5)

Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: High - Privileges Required: None - User Interaction: Required - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: High - Availability Impact: High

For more information on CVSS3 Scores, click here.

### Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17563

Release Date: 2019-12-23

Fix Resolution: 8.5.50

:rescue_worker_helmet: Automatic Remediation will be attempted for this issue.

CVE-2019-10072

### Vulnerable Library - tomcat-embed-core-8.5.34.jar

Core Tomcat implementation

Library home page: https://tomcat.apache.org/

Path to dependency file: /tools/nibrs-summary-report/pom.xml

Dependency Hierarchy: - :x: **tomcat-embed-core-8.5.34.jar** (Vulnerable Library)

Found in base branch: master

### Vulnerability Details

The fix for CVE-2019-0199 was incomplete and did not address HTTP/2 connection window exhaustion on write in Apache Tomcat versions 9.0.0.M1 to 9.0.19 and 8.5.0 to 8.5.40 . By not sending WINDOW_UPDATE messages for the connection window (stream 0) clients were able to cause server-side threads to block eventually leading to thread exhaustion and a DoS.

Publish Date: 2019-06-21

URL: CVE-2019-10072

### CVSS 3 Score Details (7.5)

For more information on CVSS3 Scores, click here.

### Suggested Fix

Type: Upgrade version

Origin: http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.41

Release Date: 2019-06-21

Fix Resolution: 8.5.41

:rescue_worker_helmet: Automatic Remediation will be attempted for this issue.

CVE-2019-0199

### Vulnerable Library - tomcat-embed-core-8.5.34.jar

Core Tomcat implementation

Library home page: https://tomcat.apache.org/

Path to dependency file: /tools/nibrs-summary-report/pom.xml

Dependency Hierarchy: - :x: **tomcat-embed-core-8.5.34.jar** (Vulnerable Library)

Found in base branch: master

### Vulnerability Details

The HTTP/2 implementation in Apache Tomcat 9.0.0.M1 to 9.0.14 and 8.5.0 to 8.5.37 accepted streams with excessive numbers of SETTINGS frames and also permitted clients to keep streams open without reading/writing request/response data. By keeping streams open for requests that utilised the Servlet API's blocking I/O, clients were able to cause server-side threads to block eventually leading to thread exhaustion and a DoS.

Publish Date: 2019-04-10

URL: CVE-2019-0199

### CVSS 3 Score Details (7.5)

For more information on CVSS3 Scores, click here.

### Suggested Fix

Type: Upgrade version

Origin: https://tomcat.apache.org/security-9.html

Release Date: 2019-04-10

Fix Resolution: 8.5.38

:rescue_worker_helmet: Automatic Remediation will be attempted for this issue.

CVE-2021-25329

### Vulnerable Library - tomcat-embed-core-8.5.34.jar

Core Tomcat implementation

Library home page: https://tomcat.apache.org/

Path to dependency file: /tools/nibrs-summary-report/pom.xml

Dependency Hierarchy: - :x: **tomcat-embed-core-8.5.34.jar** (Vulnerable Library)

Found in base branch: master

### Vulnerability Details

The fix for CVE-2020-9484 was incomplete. When using Apache Tomcat 10.0.0-M1 to 10.0.0, 9.0.0.M1 to 9.0.41, 8.5.0 to 8.5.61 or 7.0.0. to 7.0.107 with a configuration edge case that was highly unlikely to be used, the Tomcat instance was still vulnerable to CVE-2020-9494. Note that both the previously published prerequisites for CVE-2020-9484 and the previously published mitigations for CVE-2020-9484 also apply to this issue.

Publish Date: 2021-03-01

URL: CVE-2021-25329

### CVSS 3 Score Details (7.0)

Base Score Metrics: - Exploitability Metrics: - Attack Vector: Local - Attack Complexity: High - Privileges Required: Low - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: High - Availability Impact: High

For more information on CVSS3 Scores, click here.

### Suggested Fix

Type: Upgrade version

Origin: https://lists.apache.org/thread.html/rfe62fbf9d4c314f166fe8c668e50e5d9dd882a99447f26f0367474bf%40%3Cannounce.tomcat.apache.org%3E

Release Date: 2021-03-01

Fix Resolution: 8.5.63

:rescue_worker_helmet: Automatic Remediation will be attempted for this issue.

CVE-2020-9484

### Vulnerable Library - tomcat-embed-core-8.5.34.jar

Core Tomcat implementation

Library home page: https://tomcat.apache.org/

Path to dependency file: /tools/nibrs-summary-report/pom.xml

Dependency Hierarchy: - :x: **tomcat-embed-core-8.5.34.jar** (Vulnerable Library)

Found in base branch: master

### Vulnerability Details

When using Apache Tomcat versions 10.0.0-M1 to 10.0.0-M4, 9.0.0.M1 to 9.0.34, 8.5.0 to 8.5.54 and 7.0.0 to 7.0.103 if a) an attacker is able to control the contents and name of a file on the server; and b) the server is configured to use the PersistenceManager with a FileStore; and c) the PersistenceManager is configured with sessionAttributeValueClassNameFilter="null" (the default unless a SecurityManager is used) or a sufficiently lax filter to allow the attacker provided object to be deserialized; and d) the attacker knows the relative file path from the storage location used by FileStore to the file the attacker has control over; then, using a specifically crafted request, the attacker will be able to trigger remote code execution via deserialization of the file under their control. Note that all of conditions a) to d) must be true for the attack to succeed.

Publish Date: 2020-05-20

URL: CVE-2020-9484

### CVSS 3 Score Details (7.0)

For more information on CVSS3 Scores, click here.

### Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9484

Release Date: 2020-05-20

Fix Resolution: 8.5.55

:rescue_worker_helmet: Automatic Remediation will be attempted for this issue.

CVE-2021-30640

### Vulnerable Library - tomcat-embed-core-8.5.34.jar

Core Tomcat implementation

Library home page: https://tomcat.apache.org/

Path to dependency file: /tools/nibrs-summary-report/pom.xml

Dependency Hierarchy: - :x: **tomcat-embed-core-8.5.34.jar** (Vulnerable Library)

Found in base branch: master

### Vulnerability Details

A vulnerability in the JNDI Realm of Apache Tomcat allows an attacker to authenticate using variations of a valid user name and/or to bypass some of the protection provided by the LockOut Realm. This issue affects Apache Tomcat 10.0.0-M1 to 10.0.5; 9.0.0.M1 to 9.0.45; 8.5.0 to 8.5.65.

Publish Date: 2021-07-12

URL: CVE-2021-30640

### CVSS 3 Score Details (6.5)

Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: High - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: Low - Integrity Impact: High - Availability Impact: None

For more information on CVSS3 Scores, click here.

### Suggested Fix

Type: Upgrade version

Origin: https://lists.apache.org/thread/3qcmnprbtft3phn3vyk06hpycm7p4sgx

Release Date: 2021-07-12

Fix Resolution: 8.5.66

:rescue_worker_helmet: Automatic Remediation will be attempted for this issue.

CVE-2023-41080

### Vulnerable Library - tomcat-embed-core-8.5.34.jar

Core Tomcat implementation

Library home page: https://tomcat.apache.org/

Path to dependency file: /tools/nibrs-summary-report/pom.xml

Dependency Hierarchy: - :x: **tomcat-embed-core-8.5.34.jar** (Vulnerable Library)

Found in base branch: master

### Vulnerability Details

URL Redirection to Untrusted Site ('Open Redirect') vulnerability in FORM authentication feature Apache Tomcat.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M10, from 10.1.0-M1 through 10.0.12, from 9.0.0-M1 through 9.0.79 and from 8.5.0 through 8.5.92. The vulnerability is limited to the ROOT (default) web application.

Publish Date: 2023-08-25

URL: CVE-2023-41080

### CVSS 3 Score Details (6.1)

Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: Required - Scope: Changed - Impact Metrics: - Confidentiality Impact: Low - Integrity Impact: Low - Availability Impact: None

For more information on CVSS3 Scores, click here.

### Suggested Fix

Type: Upgrade version

Origin: https://lists.apache.org/thread/71wvwprtx2j2m54fovq9zr7gbm2wow2f

Release Date: 2023-08-25

Fix Resolution: 8.5.93

:rescue_worker_helmet: Automatic Remediation will be attempted for this issue.

CVE-2019-0221

### Vulnerable Library - tomcat-embed-core-8.5.34.jar

Core Tomcat implementation

Library home page: https://tomcat.apache.org/

Path to dependency file: /tools/nibrs-summary-report/pom.xml

Dependency Hierarchy: - :x: **tomcat-embed-core-8.5.34.jar** (Vulnerable Library)

Found in base branch: master

### Vulnerability Details

The SSI printenv command in Apache Tomcat 9.0.0.M1 to 9.0.0.17, 8.5.0 to 8.5.39 and 7.0.0 to 7.0.93 echoes user provided data without escaping and is, therefore, vulnerable to XSS. SSI is disabled by default. The printenv command is intended for debugging and is unlikely to be present in a production website.

Publish Date: 2019-05-28

URL: CVE-2019-0221

### CVSS 3 Score Details (6.1)

For more information on CVSS3 Scores, click here.

### Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0221

Release Date: 2019-05-28

Fix Resolution: 8.5.40

:rescue_worker_helmet: Automatic Remediation will be attempted for this issue.

CVE-2021-24122

### Vulnerable Library - tomcat-embed-core-8.5.34.jar

Core Tomcat implementation

Library home page: https://tomcat.apache.org/

Path to dependency file: /tools/nibrs-summary-report/pom.xml

Dependency Hierarchy: - :x: **tomcat-embed-core-8.5.34.jar** (Vulnerable Library)

Found in base branch: master

### Vulnerability Details

When serving resources from a network location using the NTFS file system, Apache Tomcat versions 10.0.0-M1 to 10.0.0-M9, 9.0.0.M1 to 9.0.39, 8.5.0 to 8.5.59 and 7.0.0 to 7.0.106 were susceptible to JSP source code disclosure in some configurations. The root cause was the unexpected behaviour of the JRE API File.getCanonicalPath() which in turn was caused by the inconsistent behaviour of the Windows API (FindFirstFileW) in some circumstances.

Publish Date: 2021-01-14

URL: CVE-2021-24122

### CVSS 3 Score Details (5.9)

For more information on CVSS3 Scores, click here.

### Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24122

Release Date: 2021-01-14

Fix Resolution: 8.5.60

:rescue_worker_helmet: Automatic Remediation will be attempted for this issue.

CVE-2024-21733

### Vulnerable Library - tomcat-embed-core-8.5.34.jar

Core Tomcat implementation

Library home page: https://tomcat.apache.org/

Path to dependency file: /tools/nibrs-summary-report/pom.xml

Dependency Hierarchy: - :x: **tomcat-embed-core-8.5.34.jar** (Vulnerable Library)

Found in base branch: master

### Vulnerability Details

Generation of Error Message Containing Sensitive Information vulnerability in Apache Tomcat.This issue affects Apache Tomcat: from 8.5.7 through 8.5.63, from 9.0.0-M11 through 9.0.43. Users are recommended to upgrade to version 8.5.64 onwards or 9.0.44 onwards, which contain a fix for the issue.

Publish Date: 2024-01-19

URL: CVE-2024-21733

### CVSS 3 Score Details (5.3)

Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: Low - Integrity Impact: None - Availability Impact: None

For more information on CVSS3 Scores, click here.

### Suggested Fix

Type: Upgrade version

Origin: https://lists.apache.org/thread/h9bjqdd0odj6lhs2o96qgowcc6hb0cfz

Release Date: 2024-01-19

Fix Resolution: 8.5.64

:rescue_worker_helmet: Automatic Remediation will be attempted for this issue.

:rescue_worker_helmet:Automatic Remediation will be attempted for this issue.

snowdensb / nibrs

tomcat-embed-core-8.5.34.jar: 27 vulnerabilities (highest severity is: 8.1) - autoclosed #497

Vulnerabilities

Details