VulnerableCode Package Details - pkg:apache/tomcat@9.0.108

Search for packages

Package details: pkg:apache/tomcat@9.0.108

Essentials
History (1)

purl	pkg:apache/tomcat@9.0.108

Vulnerabilities affecting this package (0)

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerabilities fixed by this package (1)

Vulnerability	Summary	Aliases
VCID-2c1v-7he2-4fe5	Improper Resource Shutdown or Release vulnerability in Apache Tomcat made Tomcat vulnerable to the made you reset attack. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.9, from 10.1.0-M1 through 10.1.43 and from 9.0.0.M1 through 9.0.107. Older, EOL versions may also be affected. Users are recommended to upgrade to one of versions 11.0.10, 10.1.44 or 9.0.108 which fix the issue.	CVE-2025-48989 GHSA-gqp3-2cvr-x8m3

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-08-14T08:24:36.495391+00:00	Apache Tomcat Importer	Fixing	VCID-2c1v-7he2-4fe5	https://tomcat.apache.org/security-9.html	37.0.0