VulnerableCode Package Details - pkg:deb/debian/tomcat9@9.0.38-1?distro=trixie

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:deb/debian/tomcat9@9.0.38-1?distro=trixie

purl	pkg:deb/debian/tomcat9@9.0.38-1?distro=trixie

Vulnerabilities affecting this package (0)

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerabilities fixed by this package (1)

Vulnerability	Summary	Aliases
VCID-wgsc-dnn1-ukeq	If an HTTP/2 client connecting to Apache Tomcat 10.0.0-M1 to 10.0.0-M7, 9.0.0.M1 to 9.0.37 or 8.5.0 to 8.5.57 exceeded the agreed maximum number of concurrent streams for a connection (in violation of the HTTP/2 protocol), it was possible that a subsequent request made on that connection could contain HTTP headers - including HTTP/2 pseudo headers - from a previous request rather than the intended headers. This could lead to users seeing responses for unexpected resources.	CVE-2020-13943 GHSA-f268-65qc-98vg

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T09:49:33.245301+00:00	Debian Importer	Fixing	VCID-wgsc-dnn1-ukeq	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-13T06:33:56.377721+00:00	Debian Importer	Fixing	VCID-wgsc-dnn1-ukeq	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-03T07:55:24.521803+00:00	Debian Importer	Fixing	VCID-wgsc-dnn1-ukeq	https://security-tracker.debian.org/tracker/data/json	38.1.0