Search for packages
| purl | pkg:deb/debian/tomcat9@9.0.53-1?distro=trixie |
| Vulnerability | Summary | Fixed by |
|---|---|---|
| This package is not known to be affected by vulnerabilities. | ||
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-dy6m-zt6r-9ubd | Apache Tomcat 8.5.0 to 8.5.63, 9.0.0-M1 to 9.0.43 and 10.0.0-M1 to 10.0.2 did not properly validate incoming TLS packets. When Tomcat was configured to use NIO+OpenSSL or NIO2+OpenSSL for TLS, a specially crafted packet could be used to trigger an infinite loop resulting in a denial of service. |
CVE-2021-41079
GHSA-59g9-7gfx-c72p |
| VCID-k9cg-ehdw-dbh6 | Generation of Error Message Containing Sensitive Information vulnerability in Apache Tomcat.This issue affects Apache Tomcat: from 8.5.7 through 8.5.63, from 9.0.0-M11 through 9.0.43. Other, EOL versions may also be affected. Users are recommended to upgrade to version 8.5.64 onwards or 9.0.44 onwards, which contain a fix for the issue. |
CVE-2024-21733
GHSA-f4qf-m5gf-8jm8 |
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-16T12:29:30.105941+00:00 | Debian Importer | Fixing | VCID-k9cg-ehdw-dbh6 | https://security-tracker.debian.org/tracker/data/json | 38.4.0 |
| 2026-04-16T11:19:18.642968+00:00 | Debian Importer | Fixing | VCID-dy6m-zt6r-9ubd | https://security-tracker.debian.org/tracker/data/json | 38.4.0 |
| 2026-04-13T08:33:08.714311+00:00 | Debian Importer | Fixing | VCID-k9cg-ehdw-dbh6 | https://security-tracker.debian.org/tracker/data/json | 38.3.0 |
| 2026-04-13T07:42:16.546913+00:00 | Debian Importer | Fixing | VCID-dy6m-zt6r-9ubd | https://security-tracker.debian.org/tracker/data/json | 38.3.0 |
| 2026-04-03T07:55:25.849968+00:00 | Debian Importer | Fixing | VCID-k9cg-ehdw-dbh6 | https://security-tracker.debian.org/tracker/data/json | 38.1.0 |
| 2026-04-03T07:55:25.024195+00:00 | Debian Importer | Fixing | VCID-dy6m-zt6r-9ubd | https://security-tracker.debian.org/tracker/data/json | 38.1.0 |