Data

Tools

Indexes

Applications

Experiments

Dependabot

An open index of dependabot pull requests across open source projects.

org.apache.tomcat.embed:tomcat-embed-core

Ecosystem:
maven
Package URL:
pkg:maven/org.apache.tomcat.embed:tomcat-embed-core
Total PRs:
726 Dependabot PRs
Latest PR:
10 days ago
Unique Repositories:
274 repositories
Unique Repos (30 days):
11 repositories
Security Advisories
When running Apache Tomcat on Windows with HTTP PUTs enabled it was possible to upload a JSP file to the server
GHSA-pjfr-qf3p-3q25 CVE-2017-12615 HIGH published over 7 years ago • updated 1 day ago
When running Apache Tomcat 7.0.0 to 7.0.79 on Windows with HTTP PUTs enabled (e.g. via setting the readonly initialisation parameter of the Default...
Apache Tomcat Cross-site scripting (XSS) vulnerability
GHSA-f98p-9pp6-7q6c CVE-2008-1947 MODERATE published about 4 years ago • updated 9 days ago
Cross-site scripting (XSS) vulnerability in Apache Tomcat 5.5.9 through 5.5.26 and 6.0.0 through 6.0.16 allows remote attackers to inject arbitrary...
Apache Tomcat - Digest authenticator will authenticate any unknown user
GHSA-h6fc-48rj-7qqh CVE-2026-43512 CRITICAL published 18 days ago • updated about 10 hours ago
Versions Affected: Apache Tomcat 11.0.0-M1 to 11.0.21 Apache Tomcat 10.1.0-M1 to 10.1.54 Apache Tomcat 9.0.0.M1 to 9.0.117 Older, unsupported versi...
Apache Tomcat - HTTP/2 request headers not validated
GHSA-r29c-68gh-xp6x CVE-2026-41293 CRITICAL published 18 days ago • updated about 10 hours ago
Versions Affected: Apache Tomcat 11.0.0-M1 to 11.0.21 Apache Tomcat 10.1.0-M1 to 10.1.54 Apache Tomcat 9.0.0.M1 to 9.0.117 Older, unsupported versi...
Expected Behavior Violation in Apache Tomcat
GHSA-9hg2-395j-83rm CVE-2017-5651 CRITICAL published about 4 years ago • updated 22 days ago
In Apache Tomcat 9.0.0.M1 to 9.0.0.M18 and 8.5.0 to 8.5.12, the refactoring of the HTTP connectors introduced a regression in the send file process...
View all 57 advisories
Recent PRs
RSS Feed
Bump org.apache.tomcat.embed:tomcat-embed-core from 7.0.52 to 9.0.118

flyingkatsudon/insight-board #46

7.0.52 → 9.0.118 Major PR
Closed 10 days ago 1 comment
flyingkatsudon
Bump the maven group across 2 directories with 3 updates

bedrin/kerb4j #96

10.1.15 → 10.1.54 Patch PR
Closed 11 days ago 3 comments
bedrin
Bump org.apache.tomcat.embed:tomcat-embed-core from 10.1.54 to 10.1.55 in /javamelody-for-standalone

javamelody/javamelody #1304

10.1.54 → 10.1.55 Patch PR
Closed 12 days ago 2 comments
javamelody
Bump org.apache.tomcat.embed:tomcat-embed-core from 10.1.54 to 10.1.55 in /javamelody-offline-viewer

javamelody/javamelody #1303

10.1.54 → 10.1.55 Patch PR
Closed 12 days ago 2 comments
javamelody
Bump org.apache.tomcat.embed:tomcat-embed-core from 11.0.20 to 11.0.22

companieshouse/registers-data-api #21

11.0.20 → 11.0.22 Patch PR
Open 12 days ago 2 comments
companieshouse
Bump the maven group across 7 directories with 16 updates

vishakha-mali/dubbo #7

8.5.100 → 9.0.117 Major PR
Closed 12 days ago 1 comment
vishakha-mali
chore(deps): bump org.apache.tomcat.embed:tomcat-embed-core from 10.1.54 to 10.1.55 in /backend in the all-backend-non-major-dependencies group across 1 directory

digitalservicebund/ris-norms #2317

10.1.54 → 10.1.55 Patch PR
Closed 19 days ago 1 comment
digitalservicebund
chore(deps): Bump the all-dependencies group across 1 directory with 3 updates

bjcoombs/spring-boot-template #7

11.0.21 → 11.0.22 Patch PR
Closed 19 days ago 1 comment
bjcoombs
chore(deps): bump org.apache.tomcat.embed:tomcat-embed-core from 11.0.21 to 11.0.22

ChrisSamo632/bedding-plants #288

11.0.21 → 11.0.22 Patch PR
Open 20 days ago 2 comments
ChrisSamo632
build(deps): bump org.apache.tomcat.embed:tomcat-embed-core from 11.0.21 to 11.0.22

anyulled/superhero-battle-arena #93

11.0.21 → 11.0.22 Patch PR
Open 20 days ago 3 comments
anyulled
Bump the backend-prod group across 1 directory with 4 updates

OpenConext/openconext-saml-java #23

11.0.21 → 11.0.22 Patch PR
Closed 25 days ago 1 comment
OpenConext
Bump org.apache.tomcat.embed:tomcat-embed-core from 11.0.21 to 11.0.22 in /pgp-keys-map-test1

s4u/pgp-keys-map #3466

11.0.21 → 11.0.22 Patch PR
Closed 25 days ago 1 comment
s4u
Bump the maven group across 18 directories with 24 updates

abrahem79/glowroot #5

7.0.109 → 9.0.117 Major PR
Open about 1 month ago 2 comments
abrahem79
Bump the maven group across 11 directories with 16 updates

GizzZmo/dubbo #4

8.5.87 → 9.0.117 Major PR
Closed about 1 month ago 1 comment
GizzZmo
Bump org.apache.tomcat.embed:tomcat-embed-core from 10.1.42 to 10.1.54 in /jag-ccd-application

bcgov/jag-ccd #251

10.1.42 → 10.1.54 Patch PR
Closed about 1 month ago 1 comment
bcgov
deps: bump the maven-dependencies group with 6 updates

jka2498/bom-migrate #45

10.1.53 → 11.0.21 Major PR
Closed about 1 month ago 1 comment
jka2498
Bump the maven group across 4 directories with 18 updates

jadenblack/product-ei #9

7.0.85 → 9.0.117 Major PR
Open about 2 months ago 2 comments
jadenblack
Bump the maven group across 12 directories with 10 updates

AKJUS/YCSB #59

8.0.28 → 9.0.117 Major PR
Open about 2 months ago 1 comment
AKJUS
Bump org.apache.tomcat.embed:tomcat-embed-core from 7.0.109 to 9.0.117 in /redisson-tomcat/redisson-tomcat-7

redisson/redisson #7044

7.0.109 → 9.0.117 Major PR
Closed about 2 months ago 1 comment
redisson
Bump org.apache.tomcat.embed:tomcat-embed-core from 11.0.14 to 11.0.21

companieshouse/orders.api.ch.gov.uk #210

11.0.14 → 11.0.21 Patch PR
Open about 2 months ago 2 comments
companieshouse
Bump org.apache.tomcat.embed:tomcat-embed-core from 8.5.99 to 9.0.117 in /agent/agent-sentinel

FrankChen021/bithon #1177

8.5.99 → 9.0.117 Major PR
Closed about 2 months ago 1 comment
FrankChen021
Bump org.apache.tomcat.embed:tomcat-embed-core from 10.1.45 to 10.1.54 in /forms-flow-bpm

AOT-Technologies/forms-flow-ai #3260

10.1.45 → 10.1.54 Patch PR
Open about 2 months ago 3 comments
AOT-Technologies
chore(deps): bump org.apache.tomcat.embed:tomcat-embed-core from 10.1.50 to 10.1.54

cds-snc/dto-feedback-viewer #53

10.1.50 → 10.1.54 Patch PR
Closed about 2 months ago 1 comment
cds-snc
Bump org.apache.tomcat.embed:tomcat-embed-core from 11.0.18 to 11.0.21 in /redisson-tomcat/redisson-tomcat-11

redisson/redisson #7041

11.0.18 → 11.0.21 Patch PR
Closed about 2 months ago 1 comment
redisson
Bump org.apache.tomcat.embed:tomcat-embed-core from 11.0.18 to 11.0.21

companieshouse/disqualified-officers-delta-consumer #95

11.0.18 → 11.0.21 Patch PR
Open about 2 months ago 2 comments
companieshouse
Bump org.apache.tomcat.embed:tomcat-embed-core from 11.0.18 to 11.0.21

companieshouse/customer-feedback-api #55

11.0.18 → 11.0.21 Patch PR
Closed about 2 months ago 3 comments
companieshouse
Bump org.apache.tomcat.embed:tomcat-embed-core from 10.1.52 to 10.1.54

skjolber/mockito-rest-spring #66

10.1.52 → 10.1.54 Patch PR
Open about 2 months ago 1 comment
skjolber
Bump org.apache.tomcat.embed:tomcat-embed-core from 11.0.18 to 11.0.21

companieshouse/chs-notification-kafka-consumer #109

11.0.18 → 11.0.21 Patch PR
Open about 2 months ago 2 comments
companieshouse
chore(deps): Bump org.apache.tomcat.embed:tomcat-embed-core from 9.0.115 to 9.0.117 in /waitt-tomcat9

kawasima/waitt #92

9.0.115 → 9.0.117 Patch PR
Closed about 2 months ago 2 comments
kawasima
Bump the maven group across 12 directories with 10 updates

ljishen/YCSB #6

8.0.28 → 9.0.116 Major PR
Closed about 2 months ago 1 comment
ljishen
Bump org.apache.tomcat.embed:tomcat-embed-core from 9.0.102 to 9.0.116

Mastercard/promotions-digital-enablement-reference-app #55

9.0.102 → 9.0.116 Patch PR
Closed about 2 months ago 1 comment
Mastercard
Bump the maven group across 7 directories with 16 updates

vishakha-mali/dubbo #2

8.5.100 → 9.0.115 Major PR
Closed about 2 months ago 1 comment
vishakha-mali
Bump the maven group across 4 directories with 17 updates

jadenblack/product-ei #6

7.0.85 → 9.0.115 Major PR
Closed about 2 months ago 2 comments
jadenblack
build(deps): bump org.apache.tomcat.embed:tomcat-embed-core from 10.1.52 to 11.0.21

Activiti/Activiti #5365

10.1.52 → 11.0.21 Major PR
Closed about 2 months ago 2 comments
Activiti
Bump the gradle-updates group across 1 directory with 14 updates

ministryofjustice/laa-fee-scheme-api #310

11.0.18 → 11.0.20 Patch PR
Closed 2 months ago 1 comment
ministryofjustice
build(deps): bump org.apache.tomcat.embed:tomcat-embed-core from 11.0.15 to 11.0.20

Crown-Commercial-Service/ccs-scale-agreements-service #491

11.0.15 → 11.0.20 Patch PR
Open 2 months ago 1 comment
Crown-Commercial-Service
build(deps): bump org.apache.tomcat.embed:tomcat-embed-core from 10.1.50 to 10.1.52

cds-snc/dto-feedback-viewer #50

10.1.50 → 10.1.52 Patch PR
Closed 2 months ago 1 comment
cds-snc
Bump org.apache.tomcat.embed:tomcat-embed-core from 10.1.50 to 10.1.52 in /javamelody-offline-viewer

javamelody/javamelody #1288

10.1.50 → 10.1.52 Patch PR
Closed 2 months ago 1 comment
javamelody
build(deps): bump org.apache.tomcat.embed:tomcat-embed-core from 10.1.49 to 10.1.52 in /rdepot-app

openanalytics/RDepot #10

10.1.49 → 10.1.52 Patch PR
Closed 2 months ago 1 comment
openanalytics
chore(deps): Bump org.apache.tomcat.embed:tomcat-embed-core from 10.1.47 to 10.1.52

BeatrixZselezny/patchy-core #10

10.1.47 → 10.1.52 Patch PR
Closed 2 months ago 1 comment
BeatrixZselezny
Bump org.apache.tomcat.embed:tomcat-embed-core from 9.0.113 to 9.0.115

wso2/product-is #27177

9.0.113 → 9.0.115 Patch PR
Closed 2 months ago 2 comments
wso2
chore(deps): bump org.apache.tomcat.embed:tomcat-embed-core from 10.1.35 to 10.1.52

nanotecnologista/api-social-meli #26

10.1.35 → 10.1.52 Patch PR
Closed 2 months ago 1 comment
nanotecnologista
Bump org.apache.tomcat.embed:tomcat-embed-core from 10.1.28 to 10.1.52 in /jag-staffnet-biometrics-application

bcgov/jag-staffnet #72

10.1.28 → 10.1.52 Patch PR
Closed 2 months ago 1 comment
bcgov
Bump org.apache.tomcat.embed:tomcat-embed-core from 11.0.14 to 11.0.18

companieshouse/orders.api.ch.gov.uk #209

11.0.14 → 11.0.18 Patch PR
Open 2 months ago 2 comments
companieshouse
Bump org.apache.tomcat.embed:tomcat-embed-core from 11.0.14 to 11.0.18 in /sample-jndi

yoloz/samples-java #46

11.0.14 → 11.0.18 Patch PR
Closed 2 months ago 1 comment
yoloz
build(deps): bump org.apache.tomcat.embed:tomcat-embed-core from 9.0.90 to 9.0.115

testingisdocumenting/webtau #1667

9.0.90 → 9.0.115 Patch PR
Closed 2 months ago 1 comment
testingisdocumenting
chore(deps): bump org.apache.tomcat.embed:tomcat-embed-core from 9.0.113 to 9.0.115 in /backend in the maven group across 1 directory

infinite-kube/dependa-repo-config-demo #53

9.0.113 → 9.0.115 Patch PR
Closed 2 months ago 5 comments
infinite-kube
Bump org.apache.tomcat.embed:tomcat-embed-core from 9.0.107 to 9.0.115 in /com.tugalsan.java.core.tomcat.embedded.gwt

tugalsan/com.tugalsan.java.core_public #9

9.0.107 → 9.0.115 Patch PR
Closed 2 months ago 1 comment
tugalsan
chore(deps): Bump org.apache.tomcat.embed:tomcat-embed-core from 11.0.12 to 11.0.18

T1WiLLi/Jolt #236

11.0.12 → 11.0.18 Patch PR
Closed 2 months ago 1 comment
T1WiLLi
Bump org.apache.tomcat.embed:tomcat-embed-core from 11.0.10 to 11.0.18

companieshouse/authcode-changed-consumer #29

11.0.10 → 11.0.18 Patch PR
Open 2 months ago 2 comments
companieshouse
Package Details
Name: org.apache.tomcat.embed:tomcat-embed-core
Ecosystem: maven
PURL Type: maven
Package URL: pkg:maven/org.apache.tomcat.embed:tomcat-embed-core
JSON API: View JSON
Security Advisories

57

Active advisories
CRITICAL 7
HIGH 27
MODERATE 18
LOW 5
View All maven Advisories
Package Information
Description:

Core Tomcat implementation

Repository:
Homepage: https://tomcat.apache.org/
Latest Release: 11.0.1
over 1 year ago
Dependent Repos: 14,197
Dependent Packages: 1,044
Ranking: Top 0.0609% by dependent repos Top 0.0709% by dependent pkgs
PR Status
Open 299 (41.2%)
Merged 113 (15.6%)
Closed 250 (34.4%)
PR Types
Major 81 (11.2%)
Minor 5 (0.7%)
Patch 576 (79.3%)