Apache Tomcat: Delayed cleaning of multi-part upload temporary files may lead to DoS

Apache Tomcat: Directory traversal via rewrite with possible RCE if PUT is enabled

Apache Tomcat: console manipulation via escape sequences in log messages

Apache Tomcat: session fixation via rewrite valve

Apache Tomcat: h2 DoS - Made You Reset

Apache Tomcat: DoS via excessive h2 streams at connection start

Apache Tomcat: DoS via integer overflow in multipart file upload

Apache Tomcat: APR/Native Connector crash leading to DoS

Apache Tomcat: exe side-loading via icalcs.exe in Tomcat installer for Windows

Apache Tomcat: Security constraint bypass for pre/post-resources

Apache Tomcat: FileUpload large number of parts with headers DoS

Apache Tomcat: Security constraint bypass for CGI scripts

Apache Tomcat: Bypass of rules in Rewrite Valve

Apache Tomcat: DoS via malformed HTTP/2 PRIORITY_UPDATE frame

Apache Tomcat: Potential RCE and/or information disclosure and/or information corruption with partial PUT

Apache Tomcat: RCE due to TOCTOU issue in JSP compilation - CVE-2024-50379 mitigation was incomplete

Apache Tomcat: DoS in examples web application

Apache Tomcat: RCE due to TOCTOU issue in JSP compilation

Apache Tomcat: Incorrect JSP tag recycling leads to XSS

Apache Tomcat: Request/response mix-up with HTTP/2