VulnerableCode Package Details - pkg:maven/org.apache.tomcat/tomcat-websocket@11.0.0-M17

Search for packages

Package details: pkg:maven/org.apache.tomcat/tomcat-websocket@11.0.0-M17

Essentials
History (3)

purl	pkg:maven/org.apache.tomcat/tomcat-websocket@11.0.0-M17

Vulnerabilities affecting this package (0)

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerabilities fixed by this package (1)

Vulnerability	Summary	Aliases
VCID-g7xq-ftd5-dfeb	Denial of Service via incomplete cleanup vulnerability in Apache Tomcat. It was possible for WebSocket clients to keep WebSocket connections open leading to increased resource consumption.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M16, from 10.1.0-M1 through 10.1.18, from 9.0.0-M1 through 9.0.85, from 8.5.0 through 8.5.98. Users are recommended to upgrade to version 11.0.0-M17, 10.1.19, 9.0.86 or 8.5.99 which fix the issue.	CVE-2024-23672 GHSA-v682-8vv8-vpwr

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-07-31T12:37:01.864973+00:00	GHSA Importer	Fixing	VCID-g7xq-ftd5-dfeb	https://github.com/advisories/GHSA-v682-8vv8-vpwr	37.0.0
2025-07-31T09:31:32.929295+00:00	GitLab Importer	Fixing	VCID-g7xq-ftd5-dfeb	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.tomcat/tomcat-websocket/CVE-2024-23672.yml	37.0.0
2025-07-31T08:33:27.216290+00:00	GithubOSV Importer	Fixing	VCID-g7xq-ftd5-dfeb	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2024/03/GHSA-v682-8vv8-vpwr/GHSA-v682-8vv8-vpwr.json	37.0.0