Search for packages
| purl | pkg:maven/org.apache.tomcat/tomcat@10.1.0-M4 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-wptr-hkjx-s7c3
Aliases: CVE-2021-42340 GHSA-wph7-x527-w3h5 |
The fix for bug 63362 present in Apache Tomcat 10.1.0-M1 to 10.1.0-M5, 10.0.0-M1 to 10.0.11, 9.0.40 to 9.0.53 and 8.5.60 to 8.5.71 introduced a memory leak. The object introduced to collect metrics for HTTP upgrade connections was not released for WebSocket connections once the connection was closed. This created a memory leak that, over time, could lead to a denial of service via an OutOfMemoryError. |
Affected by 1 other vulnerability. Affected by 3 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-16T21:32:22.655954+00:00 | GitLab Importer | Affected by | VCID-wptr-hkjx-s7c3 | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.tomcat/tomcat/CVE-2021-42340.yml | 38.4.0 |
| 2026-04-11T22:45:41.415283+00:00 | GitLab Importer | Affected by | VCID-wptr-hkjx-s7c3 | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.tomcat/tomcat/CVE-2021-42340.yml | 38.3.0 |
| 2026-04-02T22:55:34.546117+00:00 | GitLab Importer | Affected by | VCID-wptr-hkjx-s7c3 | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.tomcat/tomcat/CVE-2021-42340.yml | 38.1.0 |
| 2026-04-01T17:13:53.551116+00:00 | GitLab Importer | Affected by | VCID-wptr-hkjx-s7c3 | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.tomcat/tomcat/CVE-2021-42340.yml | 38.0.0 |