Analyzed
1 day
ago.
based on code collected
1 day
ago.
Project Summary
The Apache Tomcat software is an open source implementation of the Java Servlet, JavaServer Pages, Java Expression Language and Java WebSocket technologies.
In a Nutshell, Apache Tomcat...
- ...
- ...
-
...
has a well established, mature codebase
maintained by a very large development team
with stable Y-O-Y commits -
...
took an estimated 130 years of effort (COCOMO model)
starting with its first commit in March, 2006
ending with its most recent commit 2 days ago
Quick Reference
Organization:
https://github.com/apache/tomcat
Apache License 2.0
Permitted
Commercial Use
Modify
Distribute
Place Warranty
Sub-License
Private Use
Use Patent Claims
Forbidden
Hold Liable
Use Trademarks
Required
Include Copyright
State Changes
Include License
Include Notice
These details are provided for information only. No information here is legal advice and should not be used as such.
Project Security
Vulnerabilities per Version ( last 10 releases )
There are no reported vulnerabilities
Project Vulnerability Report
Security Confidence Index
Poor security track-record
Favorable security track-record
Vulnerability Exposure Index
Many reported vulnerabilities
Few reported vulnerabilities
Did You Know...
-
...
65% of companies leverage OSS to speed application development in 2016
-
...
you can subscribe to e-mail newsletters to receive update from the Open Hub blog
-
...
use of OSS increased in 65% of companies in 2016
-
...
compare projects before you chose one to use
30 Day SummaryDec 17 2025 — Jan 16 2026
|
12 Month SummaryJan 16 2025 — Jan 16 2026
|
Static Analysis ( Generated by Coverity Scan for Apache Tomcat )
Repository URL: https://github.com/apache/tomcat
Version: 12.0.x\ -\ 40dff11cd5391f2bb18421c44c14aba1874de8a7
- 2026-01-11
- Last Analyzed
- 250,969
- Lines of Code Analyze
- 0.01
- Defect Density
Defects by status for current build
- 1,332
- Total defects
- 3
- Outstanding
- 866
- Fixed
CWE Top 25 defects
No top 25 CWE defects were found.