Search for packages
Package details: pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.98
purl pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@8.5.98
Next non-vulnerable version 8.5.99
Latest non-vulnerable version 11.0.8
Risk 10.0
Vulnerabilities affecting this package (1)
Vulnerability Summary Fixed by
VCID-7uaw-6w3w-aaar
Aliases:
CVE-2024-24549
GHSA-7w75-32cg-r6g2
Denial of Service due to improper input validation vulnerability for HTTP/2 requests in Apache Tomcat. When processing an HTTP/2 request, if the request exceeded any of the configured limits for headers, the associated HTTP/2 stream was not reset until after all of the headers had been processed.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M16, from 10.1.0-M1 through 10.1.18, from 9.0.0-M1 through 9.0.85, from 8.5.0 through 8.5.98. Users are recommended to upgrade to version 11.0.0-M17, 10.1.19, 9.0.86 or 8.5.99 which fix the issue.
8.5.99
Affected by 0 other vulnerabilities.
9.0.86
Affected by 3 other vulnerabilities.
10.1.19
Affected by 3 other vulnerabilities.
11.0.0-M17
Affected by 4 other vulnerabilities.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2025-06-20T16:55:10.958832+00:00 GitLab Importer Affected by VCID-7uaw-6w3w-aaar https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.tomcat.embed/tomcat-embed-core/CVE-2024-24549.yml 36.1.3
2025-06-03T23:32:02.260385+00:00 GitLab Importer Affected by VCID-7uaw-6w3w-aaar https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.tomcat.embed/tomcat-embed-core/CVE-2024-24549.yml 36.1.0
2025-06-02T23:29:53.076595+00:00 GitLab Importer Affected by VCID-7uaw-6w3w-aaar https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.tomcat.embed/tomcat-embed-core/CVE-2024-24549.yml 36.1.2
2025-04-03T21:59:43.349599+00:00 GitLab Importer Affected by VCID-7uaw-6w3w-aaar https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.tomcat.embed/tomcat-embed-core/CVE-2024-24549.yml 36.0.0
2025-02-18T03:48:10.213604+00:00 GitLab Importer Affected by VCID-7uaw-6w3w-aaar https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.tomcat.embed/tomcat-embed-core/CVE-2024-24549.yml 35.1.0
2024-11-21T01:03:02.329708+00:00 GitLab Importer Affected by VCID-7uaw-6w3w-aaar https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.tomcat.embed/tomcat-embed-core/CVE-2024-24549.yml 35.0.0
2024-11-19T00:51:59.975425+00:00 GitLab Importer Affected by VCID-7uaw-6w3w-aaar https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.tomcat.embed/tomcat-embed-core/CVE-2024-24549.yml 34.3.2
2024-10-08T01:23:06.412275+00:00 GitLab Importer Affected by VCID-7uaw-6w3w-aaar https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.tomcat.embed/tomcat-embed-core/CVE-2024-24549.yml 34.0.2
2024-10-07T22:05:13.980410+00:00 GHSA Importer Affected by VCID-7uaw-6w3w-aaar https://github.com/advisories/GHSA-7w75-32cg-r6g2 34.0.2
2024-09-23T01:28:09.133550+00:00 GitLab Importer Affected by VCID-7uaw-6w3w-aaar https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.tomcat.embed/tomcat-embed-core/CVE-2024-24549.yml 34.0.1
2024-09-17T22:00:28.523812+00:00 GHSA Importer Affected by VCID-7uaw-6w3w-aaar https://github.com/advisories/GHSA-7w75-32cg-r6g2 34.0.1
2024-04-24T03:59:55.521331+00:00 GitLab Importer Affected by VCID-7uaw-6w3w-aaar https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.tomcat.embed/tomcat-embed-core/CVE-2024-24549.yml 34.0.0rc4
2024-04-23T17:39:31.975267+00:00 GHSA Importer Affected by VCID-7uaw-6w3w-aaar https://github.com/advisories/GHSA-7w75-32cg-r6g2 34.0.0rc4