VulnerableCode Package Details - pkg:maven/org.apache.tomcat/tomcat-util@9.0.107

Search for packages

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerability

Summary

Fixed by

This package is not known to be affected by vulnerabilities.

Vulnerability	Summary	Aliases
VCID-9kfe-1esf-uydm	Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') vulnerability in Apache Tomcat when using the APR/Native connector. This was particularly noticeable with client initiated closes of HTTP/2 connections. This issue affects Apache Tomcat: from 9.0.0.M1 through 9.0.106. The following versions were EOL at the time the CVE was created but are known to be affected: 8.5.0 through 8.5.100. Other, older, EOL versions may also be affected. Users are recommended to upgrade to version 9.0.107, which fixes the issue.	CVE-2025-52434 GHSA-4j3c-42xv-3f84

Vulnerability

Summary

Aliases

VCID-9kfe-1esf-uydm

Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') vulnerability in Apache Tomcat when using the APR/Native connector. This was particularly noticeable with client initiated closes of HTTP/2 connections. This issue affects Apache Tomcat: from 9.0.0.M1 through 9.0.106. The following versions were EOL at the time the CVE was created but are known to be affected: 8.5.0 through 8.5.100. Other, older, EOL versions may also be affected. Users are recommended to upgrade to version 9.0.107, which fixes the issue.

CVE-2025-52434
GHSA-4j3c-42xv-3f84

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T23:32:58.270785+00:00	GitLab Importer	Fixing	VCID-9kfe-1esf-uydm	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.tomcat/tomcat-util/CVE-2025-52434.yml	38.4.0
2026-04-12T00:52:56.599854+00:00	GitLab Importer	Fixing	VCID-9kfe-1esf-uydm	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.tomcat/tomcat-util/CVE-2025-52434.yml	38.3.0
2026-04-07T04:58:11.466887+00:00	GHSA Importer	Fixing	VCID-9kfe-1esf-uydm	https://github.com/advisories/GHSA-4j3c-42xv-3f84	38.1.0
2026-04-03T01:01:06.344610+00:00	GitLab Importer	Fixing	VCID-9kfe-1esf-uydm	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.tomcat/tomcat-util/CVE-2025-52434.yml	38.1.0
2026-04-02T12:41:41.448768+00:00	GitLab Importer	Fixing	VCID-9kfe-1esf-uydm	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.tomcat/tomcat-util/CVE-2025-52434.yml	38.0.0
2026-04-01T12:56:43.177416+00:00	GithubOSV Importer	Fixing	VCID-9kfe-1esf-uydm	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2025/07/GHSA-4j3c-42xv-3f84/GHSA-4j3c-42xv-3f84.json	38.0.0