VulnerableCode Package Details - pkg:apache/tomcat@7.0.109

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:apache/tomcat@7.0.109

purl	pkg:apache/tomcat@7.0.109

Vulnerabilities affecting this package (0)

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerabilities fixed by this package (1)

Vulnerability	Summary	Aliases
VCID-kwab-3s4q-eka4	A vulnerability in the JNDI Realm of Apache Tomcat allows an attacker to authenticate using variations of a valid user name and/or to bypass some of the protection provided by the LockOut Realm. This issue affects Apache Tomcat 10.0.0-M1 to 10.0.5; 9.0.0.M1 to 9.0.45; 8.5.0 to 8.5.65.	CVE-2021-30640 GHSA-36qh-35cm-5w2w

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-01T12:38:13.414692+00:00	Apache Tomcat Importer	Fixing	VCID-kwab-3s4q-eka4	https://tomcat.apache.org/security-7.html	38.0.0