VulnerableCode Package Details - pkg:apache/tomcat@8.5.15

Search for packages

Package details: pkg:apache/tomcat@8.5.15

purl	pkg:apache/tomcat@8.5.15

Next non-vulnerable version	8.5.24
Latest non-vulnerable version	11.0.10
Risk	4.0

Vulnerabilities affecting this package (2)

Vulnerability	Summary	Fixed by
VCID-snze-gjzq-dudy Aliases: CVE-2017-7674 GHSA-73rx-3f9r-x949		8.5.16 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} 9.0.0+M22 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-ta6y-kc43-e3ap Aliases: CVE-2017-7675 GHSA-68g5-8q7f-m384		8.5.16 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} 9.0.0+M22 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}

Vulnerability

Summary

Fixed by

VCID-snze-gjzq-dudy
Aliases:
CVE-2017-7674
GHSA-73rx-3f9r-x949

8.5.16
Affected by 1 other vulnerability.

9.0.0+M22
Affected by 1 other vulnerability.

VCID-ta6y-kc43-e3ap
Aliases:
CVE-2017-7675
GHSA-68g5-8q7f-m384

8.5.16
Affected by 1 other vulnerability.

9.0.0+M22
Affected by 1 other vulnerability.

Vulnerabilities fixed by this package (1)

Vulnerability	Summary	Aliases
VCID-uy2u-497k-y7fh		CVE-2017-5664 GHSA-jmvv-524f-hj5j

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-07-31T08:03:23.078844+00:00	Apache Tomcat Importer	Fixing	VCID-uy2u-497k-y7fh	https://tomcat.apache.org/security-8.html	37.0.0
2025-07-31T08:03:23.017745+00:00	Apache Tomcat Importer	Affected by	VCID-snze-gjzq-dudy	https://tomcat.apache.org/security-8.html	37.0.0
2025-07-31T08:03:22.985748+00:00	Apache Tomcat Importer	Affected by	VCID-ta6y-kc43-e3ap	https://tomcat.apache.org/security-8.html	37.0.0