Search for packages
Package details: pkg:deb/debian/tomcat9@9.0.43-2~deb11u9
purl pkg:deb/debian/tomcat9@9.0.43-2~deb11u9
Tags Ghost
Next non-vulnerable version 9.0.95-1
Latest non-vulnerable version 9.0.95-1
Risk 4.0
Vulnerabilities affecting this package (1)
Vulnerability Summary Fixed by
VCID-pcvp-wv2z-aaas
Aliases:
CVE-2023-46589
GHSA-fccv-jmmp-qg76
Improper Input Validation vulnerability in Apache Tomcat.Tomcat from 11.0.0-M1 through 11.0.0-M10, from 10.1.0-M1 through 10.1.15, from 9.0.0-M1 through 9.0.82 and from 8.5.0 through 8.5.95 did not correctly parse HTTP trailer headers. A trailer header that exceeded the header size limit could cause Tomcat to treat a single request as multiple requests leading to the possibility of request smuggling when behind a reverse proxy. Users are recommended to upgrade to version 11.0.0-M11 onwards, 10.1.16 onwards, 9.0.83 onwards or 8.5.96 onwards, which fix the issue.
9.0.43-2~deb11u10
Affected by 15 other vulnerabilities.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2024-04-26T05:50:51.897267+00:00 Debian Importer Fixing VCID-pcvp-wv2z-aaas https://security-tracker.debian.org/tracker/data/json 34.0.0rc4
2024-04-26T05:50:51.055330+00:00 Debian Importer Affected by VCID-pcvp-wv2z-aaas https://security-tracker.debian.org/tracker/data/json 34.0.0rc4
2024-04-26T05:27:41.544706+00:00 Debian Importer Fixing VCID-r78u-gre6-aaaj None 34.0.0rc4
2024-04-26T05:24:20.590721+00:00 Debian Importer Fixing VCID-6y3x-kyj7-aaaf None 34.0.0rc4
2024-04-26T05:00:03.539058+00:00 Debian Importer Fixing VCID-f68z-z5n7-aaae None 34.0.0rc4
2024-04-26T04:44:26.665304+00:00 Debian Importer Fixing VCID-e318-2aad-aaag None 34.0.0rc4
2024-04-26T02:06:40.801517+00:00 Debian Importer Fixing VCID-2c6h-srga-aaap None 34.0.0rc4
2024-04-25T21:40:18.746193+00:00 Debian Importer Fixing VCID-y9c8-mem2-aaam None 34.0.0rc4
2024-04-25T20:46:22.311941+00:00 Debian Importer Fixing VCID-7tp8-ektn-aaan None 34.0.0rc4
2024-04-25T16:21:40.109774+00:00 Debian Importer Affected by VCID-c5mx-k2k4-aaag https://security-tracker.debian.org/tracker/data/json 34.0.0rc4
2024-04-25T16:21:37.837021+00:00 Debian Importer Fixing VCID-c5mx-k2k4-aaag https://security-tracker.debian.org/tracker/data/json 34.0.0rc4
2024-04-25T16:21:30.183384+00:00 Debian Importer Fixing VCID-c5mx-k2k4-aaag None 34.0.0rc4
2024-04-25T14:29:36.120461+00:00 Debian Importer Fixing VCID-gyd5-cdaj-aaae None 34.0.0rc4
2024-04-25T12:24:06.861830+00:00 Debian Importer Fixing VCID-dwgf-f1eg-aaaf None 34.0.0rc4
2024-04-25T05:44:27.322915+00:00 Debian Importer Fixing VCID-a1en-zn2z-aaab None 34.0.0rc4
2024-04-24T21:55:22.991028+00:00 Debian Importer Fixing VCID-w4d3-t13k-aaab https://security-tracker.debian.org/tracker/data/json 34.0.0rc4
2024-04-24T21:55:22.206561+00:00 Debian Importer Fixing VCID-w4d3-t13k-aaab None 34.0.0rc4
2024-01-12T14:07:48.000976+00:00 Debian Importer Fixing VCID-e318-2aad-aaag None 34.0.0rc2
2024-01-12T12:05:39.645359+00:00 Debian Importer Fixing VCID-2c6h-srga-aaap None 34.0.0rc2
2024-01-11T19:21:11.827135+00:00 Debian Importer Fixing VCID-c5mx-k2k4-aaag https://security-tracker.debian.org/tracker/data/json 34.0.0rc2
2024-01-11T19:21:06.658712+00:00 Debian Importer Fixing VCID-c5mx-k2k4-aaag None 34.0.0rc2
2024-01-05T09:37:18.088759+00:00 Debian Importer Fixing VCID-e318-2aad-aaag None 34.0.0rc1
2024-01-05T08:07:16.189940+00:00 Debian Importer Fixing VCID-2c6h-srga-aaap None 34.0.0rc1
2024-01-05T03:04:22.726638+00:00 Debian Importer Fixing VCID-c5mx-k2k4-aaag https://security-tracker.debian.org/tracker/data/json 34.0.0rc1
2024-01-05T03:04:17.632744+00:00 Debian Importer Fixing VCID-c5mx-k2k4-aaag None 34.0.0rc1