GHSA-p543-jg43-9pm5, CVE-2002-0493
maven/org.apache.tomcat/tomcat
Apache Tomcat may be started without proper security settings
Apache Tomcat may be started without proper security settings if errors are encountered while reading the web.xml file, which could allow attackers to bypass intended restrictions.
All versions before 4.0b7
Upgrade to version 4.0b7 or above.
2024-02-13
source |