11.0.23
15 years ago
17 days ago
Known vulnerabilities in the org.apache.tomcat:tomcat-util package. This does not include vulnerabilities belonging to this package’s dependencies.
Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.
Fix for free| Vulnerability | Vulnerable Version |
|---|---|
org.apache.tomcat:tomcat-util is a Common code shared by multiple Tomcat components. Affected versions of this package are vulnerable to Always-Incorrect Control Flow Implementation due to the incomplete logging of the effective How to fix Always-Incorrect Control Flow Implementation? Upgrade | [9.0.0.M1,9.0.119)[10.1.0-M1,10.1.56)[11.0.0-M1,11.0.23) |
org.apache.tomcat:tomcat-util is a Common code shared by multiple Tomcat components. Affected versions of this package are vulnerable to Detection of Error Condition Without Action due to improper handling of invalid certificate revocation list (CRL) configurations in the FFM connector. An attacker can bypass intended certificate validation by supplying an invalid CRL configuration. How to fix Detection of Error Condition Without Action? Upgrade | [9.0.83,9.0.119)[10.1.0-M7,10.1.56)[11.0.0-M1,11.0.23) |