Generation of Error Message Containing Sensitive Information vulnerability in Apache Tomcat.This issue affects Apache Tomcat: from 8.5.7 through 8.5.63, from 9.0.0-M11 through 9.0.43.
Users are recommended to upgrade to version 8.5.64 onwards or 9.0.44 onwards, which contain a fix for the issue.
CVE ID: CVE-2024-21733
Vendor: Apache Software Foundation
Product: Apache Tomcat
EPSS Score: 0.53% (probability of being exploited)
EPSS Percentile: 77.29% (scored less or equal to compared to others)
EPSS Date: 2025-03-14 (when was this score calculated)