Vulnerabilities > Apache > Tomcat > 7.0.78

DATE CVE VULNERABILITY TITLE RISK
2017-09-19 CVE-2017-12615 Unrestricted Upload of File with Dangerous Type vulnerability in multiple products
When running Apache Tomcat 7.0.0 to 7.0.79 on Windows with HTTP PUTs enabled (e.g.
network
high complexity
apache netapp redhat CWE-434
8.1
8.1
2017-08-11 CVE-2017-7674 Insufficient Verification of Data Authenticity vulnerability in Apache Tomcat
The CORS Filter in Apache Tomcat 9.0.0.M1 to 9.0.0.M21, 8.5.0 to 8.5.15, 8.0.0.RC1 to 8.0.44 and 7.0.41 to 7.0.78 did not add an HTTP Vary header indicating that the response varies depending on Origin.
network
low complexity
apache CWE-345
4.3
4.3