org.apache.tomcat.embed:tomcat-embed-jasper
Maven2 known CVEs affecting this package
Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.
CVEs affecting org.apache.tomcat.embed:tomcat-embed-jasperpage 1 of 1
- CVE-2016-5018CRITICALCVSS 9.1EG 9.1✓ Fixed in 6.0.472017-08-10
In Apache Tomcat 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 and 6.0.0 to 6.0.45 a malicious web application was able to bypass a configured SecurityManager via a Tomcat utility method that was accessible to …
- CVE-2024-52318MEDIUMCVSS 6.1EG 6.1✓ Fixed in 10.1.322024-11-18
vulnerable: 10.1.31
Incorrect object recycling and reuse vulnerability in Apache Tomcat. This issue affects Apache Tomcat: 11.0.0, 10.1.31, 9.0.96. Users are recommended to upgrade to version 11.0.1, 10.1.32 or 9.0.97, which fixes the issue.
Check whether org.apache.tomcat.embed:tomcat-embed-jasper is used in your infrastructure
EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for org.apache.tomcat.embed:tomcat-embed-jasper CVEs against the assets you own.
Start Free Scan →