Total vulnerabilities in the database
Apache Tomcat 5.5.0 and 4.1.0 through 4.1.31 allows remote attackers to bypass an IP address restriction and obtain sensitive information via a request that is processed concurrently with another request but in a different thread, leading to an instance-variable overwrite associated with a "synchronization problem" and lack of thread safety, and related to RemoteFilterValve, RemoteAddrValve, and RemoteHostValve.
| Software | From | Fixed in |
|---|---|---|
| apache / tomcat | 4.1.2 | 4.1.2.x |
| apache / tomcat | 4.1.21 | 4.1.21.x |
| apache / tomcat | 4.1.24 | 4.1.24.x |
| apache / tomcat | 4.1.25 | 4.1.25.x |
| apache / tomcat | 4.1.4 | 4.1.4.x |
| apache / tomcat | 4.1.27 | 4.1.27.x |
| apache / tomcat | 4.1.30 | 4.1.30.x |
| apache / tomcat | 4.1.7 | 4.1.7.x |
| apache / tomcat | 4.1.11 | 4.1.11.x |
| apache / tomcat | 4.1.18 | 4.1.18.x |
| apache / tomcat | 4.1.14 | 4.1.14.x |
| apache / tomcat | 4.1.19 | 4.1.19.x |
| apache / tomcat | 4.1.31 | 4.1.31.x |
| apache / tomcat | 4.1.16 | 4.1.16.x |
| apache / tomcat | 4.1.29 | 4.1.29.x |
| apache / tomcat | 4.1.22 | 4.1.22.x |
| apache / tomcat | 4.1.5 | 4.1.5.x |
| apache / tomcat | 4.1.26 | 4.1.26.x |
| apache / tomcat | 4.1.13 | 4.1.13.x |
| apache / tomcat | 4.1.8 | 4.1.8.x |
| apache / tomcat | 4.1.17 | 4.1.17.x |
| apache / tomcat | 5.5.0 | 5.5.0.x |
| apache / tomcat | 4.1.1 | 4.1.1.x |
| apache / tomcat | 4.1.12 | 4.1.12.x |
| apache / tomcat | 4.1.28 | 4.1.28.x |
| apache / tomcat | 4.1.15 | 4.1.15.x |
| apache / tomcat | 4.1.3-beta | 4.1.3-beta.x |
| apache / tomcat | 4.1.10 | 4.1.10.x |
| apache / tomcat | 4.1.0 | 4.1.0.x |
| apache / tomcat | 4.1.20 | 4.1.20.x |
| apache / tomcat | 4.1.3 | 4.1.3.x |
| apache / tomcat | 4.1.23 | 4.1.23.x |
| apache / tomcat | 4.1.6 | 4.1.6.x |
| apache / tomcat | 4.1.9 | 4.1.9.x |