VulnerableCode Package Details - pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.0.M19

Search for packages

Vulnerability	Summary	Fixed by
VCID-k9cg-ehdw-dbh6 Aliases: CVE-2024-21733 GHSA-f4qf-m5gf-8jm8	Generation of Error Message Containing Sensitive Information vulnerability in Apache Tomcat.This issue affects Apache Tomcat: from 8.5.7 through 8.5.63, from 9.0.0-M11 through 9.0.43. Other, EOL versions may also be affected. Users are recommended to upgrade to version 8.5.64 onwards or 9.0.44 onwards, which contain a fix for the issue.	9.0.44 Affected by 6 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}

Vulnerability

Summary

Fixed by

VCID-k9cg-ehdw-dbh6
Aliases:
CVE-2024-21733
GHSA-f4qf-m5gf-8jm8

Generation of Error Message Containing Sensitive Information vulnerability in Apache Tomcat.This issue affects Apache Tomcat: from 8.5.7 through 8.5.63, from 9.0.0-M11 through 9.0.43. Other, EOL versions may also be affected. Users are recommended to upgrade to version 8.5.64 onwards or 9.0.44 onwards, which contain a fix for the issue.

9.0.44
Affected by 6 other vulnerabilities.

Vulnerability	Summary	Aliases
VCID-1hdb-24e3-f3d6	In Apache Tomcat 9.0.0.M1 to 9.0.0.M18 and 8.5.0 to 8.5.12, the refactoring of the HTTP connectors introduced a regression in the send file processing. If the send file processing completed quickly, it was possible for the Processor to be added to the processor cache twice. This could result in the same Processor being used for multiple requests which in turn could lead to unexpected errors and/or response mix-up.	CVE-2017-5651 GHSA-9hg2-395j-83rm

Vulnerability

Summary

Aliases

VCID-1hdb-24e3-f3d6

In Apache Tomcat 9.0.0.M1 to 9.0.0.M18 and 8.5.0 to 8.5.12, the refactoring of the HTTP connectors introduced a regression in the send file processing. If the send file processing completed quickly, it was possible for the Processor to be added to the processor cache twice. This could result in the same Processor being used for multiple requests which in turn could lead to unexpected errors and/or response mix-up.

CVE-2017-5651
GHSA-9hg2-395j-83rm

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T22:48:19.435045+00:00	GitLab Importer	Affected by	VCID-k9cg-ehdw-dbh6	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.tomcat/tomcat-coyote/CVE-2024-21733.yml	38.4.0
2026-04-16T21:50:01.817668+00:00	GitLab Importer	Fixing	VCID-1hdb-24e3-f3d6	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.tomcat/tomcat-coyote/CVE-2017-5651.yml	38.4.0
2026-04-12T00:08:07.919091+00:00	GitLab Importer	Affected by	VCID-k9cg-ehdw-dbh6	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.tomcat/tomcat-coyote/CVE-2024-21733.yml	38.3.0
2026-04-11T23:06:04.013623+00:00	GitLab Importer	Fixing	VCID-1hdb-24e3-f3d6	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.tomcat/tomcat-coyote/CVE-2017-5651.yml	38.3.0
2026-04-04T14:29:59.402187+00:00	GHSA Importer	Fixing	VCID-1hdb-24e3-f3d6	https://github.com/advisories/GHSA-9hg2-395j-83rm	38.1.0
2026-04-03T00:12:47.178881+00:00	GitLab Importer	Affected by	VCID-k9cg-ehdw-dbh6	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.tomcat/tomcat-coyote/CVE-2024-21733.yml	38.1.0
2026-04-02T23:14:18.236860+00:00	GitLab Importer	Fixing	VCID-1hdb-24e3-f3d6	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.tomcat/tomcat-coyote/CVE-2017-5651.yml	38.1.0
2026-04-01T13:10:53.997167+00:00	GithubOSV Importer	Fixing	VCID-1hdb-24e3-f3d6	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-9hg2-395j-83rm/GHSA-9hg2-395j-83rm.json	38.0.0
2026-04-01T12:50:25.541495+00:00	GitLab Importer	Fixing	VCID-1hdb-24e3-f3d6	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.tomcat/tomcat-coyote/CVE-2017-5651.yml	38.0.0