Vulnerability Directory
If you’re currently using these frameworks in your application’s tech stack, your application could be vulnerable.
Secure drop-in replacements for open source software from HeroDevs helps you stay secure, compliant, and compatible while you migrate.
Switch to Never-Ending Support (NES) from HeroDevs to immediately mitigate these vulnerabilities.
Secure drop-in replacements for open source software from HeroDevs helps you stay secure, compliant, and compatible while you migrate.
Switch to Never-Ending Support (NES) from HeroDevs to immediately mitigate these vulnerabilities.
Vulnerability Directory
If you’re currently using these frameworks in your application’s tech stack, your application could be vulnerable.
Secure drop-in replacements for open source software from HeroDevs helps you stay secure, compliant, and compatible while you migrate.
Switch to Never-Ending Support (NES) from HeroDevs to immediately mitigate these vulnerabilities.
Severity
ID
Technology
Libraries Affected
Category
Version(s) Affected
Published Date
High
Apache Tomcat
Apache Tomcat
Remote Code Execution
>=9.0.0.M1 <9.0.98, >=10.1.0-M1 <10.1.34, >=11.0.0-M1 <11.0.2
May 28, 2025
Medium
Apache Tomcat
Apache Tomcat
Denial of Service
>=9.0.0.M1 <9.0.98, >=10.1.0-M1 <10.1.34, >=11.0.0-M1 <11.0.2
May 28, 2025
Medium
Apache Tomcat
Apache Tomcat
Information Exposure
>=9.0.92 <9.0.96, >=10.1.27 <10.1.31, >=11.0.0-M23 <11.0.0
May 28, 2025
Critical
Apache Tomcat
Apache Tomcat
Authorization Bypass
>=9.0.0.M1 <9.0.96, >=10.1.0-M1 <10.1.31, >=11.0.0-M1 <11.0.0
May 28, 2025
High
Apache Tomcat
Apache Tomcat
Remote Code Execution
>=9.0.0.M1 <9.0.98, >=10.1.0-M1 <10.1.34, >=11.0.0-M1 <11.0.2
May 28, 2025
High
Apache Tomcat
Apache Tomcat
Denial of Service
>=9.0.13 <9.0.90, >=10.1.0-M1 <10.1.25, >=11.0.0-M1 <11.0.0.M21
May 28, 2025
High
Apache Tomcat
Apache Tomcat
Denial of Service
>=9.0.0.M1 <9.0.90, >=10.1.0-M1 <10.1.25, >=11.0.0-M1 <11.0.0-M21
May 28, 2025
Low
Spring
Spring Framework
Authorization Bypass
>=4.3.0 <=4.3.30, >=5.3.0 <=5.3.42, >=6.0.0 <=6.0.27, >=6.1.0 <6.1.20, >=6.2.0 <6.2.7
May 15, 2025
High
Node.js
Node.js
Cryptographic Weakness
4.0 < 20.19.1, 22 < 22.15.0, 24 < 24.0.1
May 14, 2025
No results found
Please enter a valid Vulnerability ID number or Technology name.