tomcat vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the tomcat package. This does not include vulnerabilities belonging to this package’s dependencies.

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Vulnerability	Vulnerable Version
H Improper Encoding or Escaping of Output	<1:10.1.36-3.el10_1.1
H Directory Traversal	<1:10.1.36-3.el10_1.1
H Improper Resource Shutdown or Release	<1:10.1.36-3.el10_1.1
H Authentication Bypass	<1:10.1.36-1.el10_0.2
H Allocation of Resources Without Limits or Throttling	<1:10.1.36-1.el10_0.2
H CVE-2025-48976	<1:10.1.36-1.el10_0.2
H Integer Overflow or Wraparound	<1:10.1.36-1.el10_0.2
H Improper Resource Shutdown or Release	<1:10.1.36-1.el10_0.2
H Resource Exhaustion	<1:10.1.36-1.el10_0.2
M Deserialization of Untrusted Data	<1:10.1.36-1.el10_0
M Resource Exhaustion	<1:10.1.36-1.el10_0
M Improper Check for Unusual or Exceptional Conditions	<1:10.1.36-1.el10_0