org.apache.tomcat.embed:tomcat-embed-core vulnerabilities

Browse known CVEs and advisories by package and ecosystem. Severity tells you the worst case. What determines real risk is whether the vulnerable code actually runs in your applications.

Get a demo

Browse by ecosystem

npmPyPIMavenGoRubyGemsCargoNuGetComposerpubSwiftGitHub Actions
CVE-IDSeverityPackage summary
CVE-2025-46701Loworg.apache.tomcat:tomcat-catalina: Apache Tomcat - CGI security constraint bypassCVE-2025-31651Loworg.apache.tomcat:tomcat-catalina: Apache Tomcat Rewrite rule bypassCVE-2025-31650Mediumorg.apache.tomcat:tomcat-coyote: Apache Tomcat Denial of Service via invalid HTTP priority headerCVE-2025-24813Criticalorg.apache.tomcat:tomcat-catalina: Apache Tomcat: Potential RCE and/or information disclosure and/or information corruption with…CVE-2024-56337Highorg.apache.tomcat:tomcat-catalina: Apache Tomcat Time-of-check Time-of-use (TOCTOU) Race Condition vulnerabilityCVE-2024-50379Highorg.apache.tomcat:tomcat-catalina: Apache Tomcat Time-of-check Time-of-use (TOCTOU) Race Condition vulnerabilityCVE-2024-52317Mediumorg.apache.tomcat.embed:tomcat-embed-core: Apache Tomcat Request and/or response mix-upCVE-2024-38286Highorg.apache.tomcat:tomcat-coyote: Apache Tomcat Allocation of Resources Without Limits or Throttling vulnerabilityCVE-2024-34750Highorg.apache.tomcat.embed:tomcat-embed-core: Apache Tomcat - Denial of ServiceCVE-2024-24549Mediumorg.apache.tomcat.embed:tomcat-embed-core: Apache Tomcat Denial of Service due to improper input validation vulnerability for HTTP/2 requestsCVE-2024-21733Mediumorg.apache.tomcat:tomcat-coyote: Apache Tomcat vulnerable to Generation of Error Message Containing Sensitive InformationCVE-2023-46589Highorg.apache.tomcat:tomcat-catalina: Apache Tomcat Improper Input Validation vulnerabilityCVE-2023-45648Mediumorg.apache.tomcat:tomcat: Apache Tomcat Improper Input Validation vulnerabilityCVE-2023-44487Mediumgolang.org/x/net: HTTP/2 Stream Cancellation AttackCVE-2023-42795Mediumorg.apache.tomcat:tomcat: Apache Tomcat Incomplete Cleanup vulnerabilityCVE-2023-41080Mediumorg.apache.tomcat:tomcat: Apache Tomcat Open Redirect vulnerabilityCVE-2023-28709Highorg.apache.tomcat.embed:tomcat-embed-core: Apache Tomcat - Fix for CVE-2023-24998 was incompleteCVE-2023-34981Highorg.apache.tomcat.embed:tomcat-embed-core: Apache Tomcat vulnerable to information leakCVE-2023-24998Highcommons-fileupload:commons-fileupload: Apache Commons FileUpload denial of service vulnerabilityCVE-2022-45143Highorg.apache.tomcat.embed:tomcat-embed-core: Apache Tomcat improperly escapes input from JsonErrorReportValveCVE-2022-42252Highorg.apache.tomcat.embed:tomcat-embed-core: Apache Tomcat may reject request containing invalid Content-Length headerCVE-2014-0095Mediumorg.apache.tomcat:tomcat-coyote: Denial of service in Apache TomcatCVE-2017-12617Highorg.apache.tomcat:tomcat-catalina: Unrestricted Upload of File with Dangerous Type Apache TomcatCVE-2017-5651Criticalorg.apache.tomcat:tomcat-coyote: Expected Behavior Violation in Apache TomcatCVE-2017-5648Criticalorg.apache.tomcat:tomcat-catalina: Exposure of Resource to Wrong Sphere in Apache Tomcat

Stop the waste.
Protect your environment with Kodem.