Search for packages
| purl | pkg:maven/org.apache.tomcat/tomcat-websocket@10.1.4 |
| Next non-vulnerable version | 10.1.19 |
| Latest non-vulnerable version | 11.0.0-M17 |
| Risk | 4.0 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-exnf-s6zc-aaah
Aliases: CVE-2024-23672 GHSA-v682-8vv8-vpwr |
Denial of Service via incomplete cleanup vulnerability in Apache Tomcat. It was possible for WebSocket clients to keep WebSocket connections open leading to increased resource consumption.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M16, from 10.1.0-M1 through 10.1.18, from 9.0.0-M1 through 9.0.85, from 8.5.0 through 8.5.98. Users are recommended to upgrade to version 11.0.0-M17, 10.1.19, 9.0.86 or 8.5.99 which fix the issue. |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2024-10-07T22:04:36.450674+00:00 | GHSA Importer | Affected by | VCID-exnf-s6zc-aaah | https://github.com/advisories/GHSA-v682-8vv8-vpwr | 34.0.2 |
| 2024-09-22T22:26:38.206673+00:00 | GHSA Importer | Affected by | VCID-exnf-s6zc-aaah | https://github.com/advisories/GHSA-v682-8vv8-vpwr | 34.0.1 |
| 2024-05-17T21:13:53.165970+00:00 | GHSA Importer | Affected by | VCID-exnf-s6zc-aaah | https://github.com/advisories/GHSA-v682-8vv8-vpwr | 34.0.0rc4 |