VulnerableCode Package Details - pkg:maven/org.apache.tomcat/tomcat-util@8.0.41

Search for packages

Package details: pkg:maven/org.apache.tomcat/tomcat-util@8.0.41

Essentials
History (3)

purl	pkg:maven/org.apache.tomcat/tomcat-util@8.0.41

Next non-vulnerable version	8.0.52
Latest non-vulnerable version	11.0.1
Risk	4.0

Vulnerabilities affecting this package (1)

Vulnerability	Summary	Fixed by
VCID-t538-646q-pqf4 Aliases: CVE-2018-1336 GHSA-m59c-jpc8-m2x4	An improper handing of overflow in the UTF-8 decoder with supplementary characters can lead to an infinite loop in the decoder causing a Denial of Service. Versions Affected: Apache Tomcat 9.0.0.M9 to 9.0.7, 8.5.0 to 8.5.30, 8.0.0.RC1 to 8.0.51, and 7.0.28 to 7.0.86.	8.0.52 Affected by 0 other vulnerabilities. 8.5.31 Affected by 10 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 9.0.8 Affected by 10 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}

Vulnerability

Summary

Fixed by

VCID-t538-646q-pqf4
Aliases:
CVE-2018-1336
GHSA-m59c-jpc8-m2x4

An improper handing of overflow in the UTF-8 decoder with supplementary characters can lead to an infinite loop in the decoder causing a Denial of Service. Versions Affected: Apache Tomcat 9.0.0.M9 to 9.0.7, 8.5.0 to 8.5.30, 8.0.0.RC1 to 8.0.51, and 7.0.28 to 7.0.86.

8.0.52
Affected by 0 other vulnerabilities.

8.5.31
Affected by 10 other vulnerabilities.

9.0.8
Affected by 10 other vulnerabilities.

Vulnerabilities fixed by this package (1)

Vulnerability	Summary	Aliases
VCID-w67f-7ck2-83e2		CVE-2016-8745 GHSA-w3j5-q8f2-3cqq

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-09-09T19:34:02.428137+00:00	GHSA Importer	Fixing	VCID-w67f-7ck2-83e2	https://github.com/advisories/GHSA-w3j5-q8f2-3cqq	37.0.0
2025-09-09T17:19:50.373301+00:00	GithubOSV Importer	Fixing	VCID-w67f-7ck2-83e2	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-w3j5-q8f2-3cqq/GHSA-w3j5-q8f2-3cqq.json	37.0.0
2025-08-01T09:13:39.390387+00:00	GitLab Importer	Affected by	VCID-t538-646q-pqf4	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.tomcat/tomcat-util/CVE-2018-1336.yml	37.0.0