Package impact
MAVEN / org.apache.tomcat:tomcat-coyote
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-44487 | high | 7.5 | 9.0 | 3y ago | HTTP/2 contains a rapid reset vulnerability that allows for a distributed denial-of-service attack (DDoS). | |||
| CVE-2026-24880 | high | — | 8.0 | 2mo ago | Apache Tomcat has an HTTP Request/Response Smuggling vulnerability | |||
| CVE-2026-29129 | high | — | 8.0 | 2mo ago | Apache Tomcat: Configured cipher preference order not preserved | |||
| CVE-2020-13934 | high | — | 8.0 | 4y ago | Improper Restriction of Operations within the Bounds of a Memory Buffer in Apache Tomcat | |||
| CVE-2019-0199 | high | — | 8.0 | 6y ago | Apache Tomcat Denial of Service vulnerability | |||
| CVE-2025-48989 | high | 7.5 | 7.5 | 9mo ago | Apache Tomcat Improper Resource Shutdown or Release vulnerability |