CVE-2002-0493

Apache Tomcat may be started without proper security settings in maven/org.apache.tomcat/tomcat

Identifiers

GHSA-p543-jg43-9pm5, CVE-2002-0493

Package Slug

maven/org.apache.tomcat/tomcat

Vulnerability

Apache Tomcat may be started without proper security settings

Description

Apache Tomcat may be started without proper security settings if errors are encountered while reading the web.xml file, which could allow attackers to bypass intended restrictions.

Affected Versions

All versions before 4.0b7

Solution

Upgrade to version 4.0b7 or above.

Last Modified

2024-02-13

source