Org.apache.tomcat:tomcat-jasper
This hub aggregates every CVE we track for Org.apache.tomcat:tomcat-jasper, a product in the oss libraries space. Use it to gauge the current risk picture and drill into individual advisories.
3
CVEs tracked
1
Critical
0
High
0
In CISA KEV
Severity distribution
MEDIUM2CRITICAL1
Monthly trend
0
0
0
0
1
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2024-072026-06
Latest CVEs
The 3 most recently published vulnerabilities affecting Org.apache.tomcat:tomcat-jasper.
- CVE-2024-52318Apache Tomcat: Incorrect JSP tag recycling leads to XSS6.1
- CVE-2016-5018In Apache Tomcat 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 and 6.0.0 to 6.0.45 a malicious web application was able to bypass a configured SecurityManager via a Tom...9.1
- CVE-2014-0119Apache Tomcat before 6.0.40, 7.x before 7.0.54, and 8.x before 8.0.6 does not properly constrain the class loader that accesses the XML parser used with an XSLT stylesheet, which allows remote atta...4.3
Product normalization is registry-driven with AI assist and human review. How it works