VulnerableCode Package Details - pkg:apache/tomcat@7.0.109

Search for packages

Package details: pkg:apache/tomcat@7.0.109

Essentials
History (1)

purl	pkg:apache/tomcat@7.0.109

Vulnerabilities affecting this package (0)

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerabilities fixed by this package (1)

Vulnerability	Summary	Aliases
VCID-9y7r-pxr5-x3e8	A vulnerability in the JNDI Realm of Apache Tomcat allows an attacker to authenticate using variations of a valid user name and/or to bypass some of the protection provided by the LockOut Realm. This issue affects Apache Tomcat 10.0.0-M1 to 10.0.5; 9.0.0.M1 to 9.0.45; 8.5.0 to 8.5.65.	CVE-2021-30640 GHSA-36qh-35cm-5w2w

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-07-01T15:07:11.092232+00:00	Apache Tomcat Importer	Fixing	VCID-9y7r-pxr5-x3e8	https://tomcat.apache.org/security-7.html	36.1.3