VulnerableCode Package Details - pkg:maven/org.apache.tomcat/tomcat-coyote@11.0.0-M25

Search for packages

Package details: pkg:maven/org.apache.tomcat/tomcat-coyote@11.0.0-M25

Essentials
History (2)

purl	pkg:maven/org.apache.tomcat/tomcat-coyote@11.0.0-M25

Next non-vulnerable version	11.0.6
Latest non-vulnerable version	11.0.9
Risk	10.0

Vulnerabilities affecting this package (2)

Vulnerability	Summary	Fixed by
VCID-bfxu-nwcp-1kd6 Aliases: CVE-2025-31650 GHSA-3p2h-wqq4-wf4h	multiple issues	11.0.6 Affected by 0 other vulnerabilities.
VCID-rcr4-rbsk-myej Aliases: CVE-2024-52317 GHSA-qvf5-hvjx-wm27	Apache Tomcat Request and/or response mix-up Incorrect object re-cycling and re-use vulnerability in Apache Tomcat. Incorrect recycling of the request and response used by HTTP/2 requests could lead to request and/or response mix-up between users. This issue affects Apache Tomcat: from 11.0.0-M23 through 11.0.0-M26, from 10.1.27 through 10.1.30, from 9.0.92 through 9.0.95. Users are recommended to upgrade to version 11.0.0, 10.1.31 or 9.0.96, which fixes the issue.	11.0.0 Affected by 3 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-07-03T19:26:19.041540+00:00	GitLab Importer	Affected by	VCID-bfxu-nwcp-1kd6	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.tomcat/tomcat-coyote/CVE-2025-31650.yml	37.0.0
2025-07-03T19:15:56.450070+00:00	GitLab Importer	Affected by	VCID-rcr4-rbsk-myej	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.tomcat/tomcat-coyote/CVE-2024-52317.yml	37.0.0