VulnerableCode Package Details - pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.0.M18

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.0.M18

purl	pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.0.M18

Next non-vulnerable version	9.0.86
Latest non-vulnerable version	11.0.20
Risk	4.5

Vulnerabilities affecting this package (2)

Vulnerability	Summary	Fixed by
VCID-1hdb-24e3-f3d6 Aliases: CVE-2017-5651 GHSA-9hg2-395j-83rm	In Apache Tomcat 9.0.0.M1 to 9.0.0.M18 and 8.5.0 to 8.5.12, the refactoring of the HTTP connectors introduced a regression in the send file processing. If the send file processing completed quickly, it was possible for the Processor to be added to the processor cache twice. This could result in the same Processor being used for multiple requests which in turn could lead to unexpected errors and/or response mix-up.	9.0.0.M19 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-k9cg-ehdw-dbh6 Aliases: CVE-2024-21733 GHSA-f4qf-m5gf-8jm8	Generation of Error Message Containing Sensitive Information vulnerability in Apache Tomcat.This issue affects Apache Tomcat: from 8.5.7 through 8.5.63, from 9.0.0-M11 through 9.0.43. Other, EOL versions may also be affected. Users are recommended to upgrade to version 8.5.64 onwards or 9.0.44 onwards, which contain a fix for the issue.	9.0.44 Affected by 6 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T22:48:19.431566+00:00	GitLab Importer	Affected by	VCID-k9cg-ehdw-dbh6	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.tomcat/tomcat-coyote/CVE-2024-21733.yml	38.4.0
2026-04-12T00:08:07.915110+00:00	GitLab Importer	Affected by	VCID-k9cg-ehdw-dbh6	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.tomcat/tomcat-coyote/CVE-2024-21733.yml	38.3.0
2026-04-04T14:29:59.398090+00:00	GHSA Importer	Affected by	VCID-1hdb-24e3-f3d6	https://github.com/advisories/GHSA-9hg2-395j-83rm	38.1.0
2026-04-03T00:12:47.175156+00:00	GitLab Importer	Affected by	VCID-k9cg-ehdw-dbh6	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.tomcat/tomcat-coyote/CVE-2024-21733.yml	38.1.0