Search for packages
| purl | pkg:maven/org.apache.tomcat/tomcat-coyote@10.0.21 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-nmq2-8ysj-4fbc
Aliases: CVE-2022-42252 GHSA-p22x-g9px-3945 |
If Apache Tomcat 8.5.0 to 8.5.82, 9.0.0-M1 to 9.0.67, 10.0.0-M1 to 10.0.26 or 10.1.0-M1 to 10.1.0 was configured to ignore invalid HTTP headers via setting rejectIllegalHeader to false (the default for 8.5.x only), Tomcat did not reject a request containing an invalid Content-Length header making a request smuggling attack possible if Tomcat was located behind a reverse proxy that also failed to reject the request with the invalid header. |
Affected by 0 other vulnerabilities. Affected by 2 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-16T22:14:40.022401+00:00 | GitLab Importer | Affected by | VCID-nmq2-8ysj-4fbc | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.tomcat/tomcat-coyote/CVE-2022-42252.yml | 38.4.0 |
| 2026-04-11T23:31:40.486348+00:00 | GitLab Importer | Affected by | VCID-nmq2-8ysj-4fbc | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.tomcat/tomcat-coyote/CVE-2022-42252.yml | 38.3.0 |
| 2026-04-02T23:37:03.826904+00:00 | GitLab Importer | Affected by | VCID-nmq2-8ysj-4fbc | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.tomcat/tomcat-coyote/CVE-2022-42252.yml | 38.1.0 |
| 2026-04-01T17:59:14.831994+00:00 | GitLab Importer | Affected by | VCID-nmq2-8ysj-4fbc | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.tomcat/tomcat-coyote/CVE-2022-42252.yml | 38.0.0 |