Search for packages
| purl | pkg:maven/org.apache.tomcat/tomcat-util@10.1.25 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
| This package is not known to be affected by vulnerabilities. | ||
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-u6f8-n1an-87hz | Allocation of Resources Without Limits or Throttling vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M20, from 10.1.0-M1 through 10.1.24, from 9.0.13 through 9.0.89. Older, unsupported versions may also be affected. Users are recommended to upgrade to version 11.0.0-M21, 10.1.25, or 9.0.90, which fixes the issue. Apache Tomcat, under certain configurations on any platform, allows an attacker to cause an OutOfMemoryError by abusing the TLS handshake process. |
CVE-2024-38286
GHSA-7jqf-v358-p8g7 |
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2025-08-01T11:19:04.049468+00:00 | GitLab Importer | Fixing | VCID-u6f8-n1an-87hz | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.tomcat/tomcat-util/CVE-2024-38286.yml | 37.0.0 |
| 2025-07-31T12:39:17.669048+00:00 | GHSA Importer | Fixing | VCID-u6f8-n1an-87hz | https://github.com/advisories/GHSA-7jqf-v358-p8g7 | 37.0.0 |
| 2025-07-31T08:33:41.719744+00:00 | GithubOSV Importer | Fixing | VCID-u6f8-n1an-87hz | https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2024/11/GHSA-7jqf-v358-p8g7/GHSA-7jqf-v358-p8g7.json | 37.0.0 |