virus logo Endpoint Vulnerability

Apache Tomcat CVE-2018-8014 Code Injection Vulnerability

description-logoDescription

Apache Tomcat CORS filter defaults enable supportsCredentials for all origins, allowing credentials to be sent to any origin; this insecure configuration could expose user credentials, affecting Tomcat 9.0.0.M1-9.0.8, 8.5.0-8.5.31, 8.0.0.RC1-8.0.52, 7.0.41-7.0.88.

affected-products-logoAffected Applications

Apache Tomcat

Version Updates

Date Version Status Detail
2025-07-10 1.00878
Modified
 Apache Tomcat
2024-11-08 1.00770
New
 Apache Tomcat

References

https://tomcat.apache.org/security-9.html
ID 82151
Created Nov 08, 2024
Description
Updated		 Jan 10, 2026
CVE ID
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon
Coverage FortiClient
OS Windows
Vendor Apache
Patch manual
Application Apache Tomcat