Search for packages
Package details: pkg:maven/org.apache.tomcat/tomcat@8.5.22
purl pkg:maven/org.apache.tomcat/tomcat@8.5.22
Tags Ghost
Next non-vulnerable version None.
Latest non-vulnerable version None.
Risk 10.0
Vulnerabilities affecting this package (1)
Vulnerability Summary Fixed by
VCID-1fxt-krrm-sqa4
Aliases:
CVE-2017-12617
GHSA-xjgh-84hx-56c5
8.5.23
Affected by 29 other vulnerabilities.
9.0.1
Affected by 30 other vulnerabilities.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2025-07-05T18:41:34.088981+00:00 GHSA Importer Affected by VCID-1fxt-krrm-sqa4 https://github.com/advisories/GHSA-xjgh-84hx-56c5 37.0.0
2025-07-01T15:07:09.383557+00:00 Apache Tomcat Importer Affected by VCID-1fxt-krrm-sqa4 https://tomcat.apache.org/security-8.html 36.1.3