logo
DATABASE RESOURCES PRICING ABOUT US

CVE-2021-25329

Description

The fix for CVE-2020-9484 was incomplete. When using Apache Tomcat 10.0.0-M1 to 10.0.0, 9.0.0.M1 to 9.0.41, 8.5.0 to 8.5.61 or 7.0.0. to 7.0.107 with a configuration edge case that was highly unlikely to be used, the Tomcat instance was still vulnerable to CVE-2020-9494. Note that both the previously published prerequisites for CVE-2020-9484 and the previously published mitigations for CVE-2020-9484 also apply to this issue.


Affected Software


CPE Name Name Version
apache:tomcat apache tomcat 9.0.0
apache:tomcat apache tomcat 9.0.0
apache:tomcat apache tomcat 9.0.0
apache:tomcat apache tomcat 9.0.0
apache:tomcat apache tomcat 9.0.0
apache:tomcat apache tomcat 9.0.0
apache:tomcat apache tomcat 9.0.0
apache:tomcat apache tomcat 9.0.0
apache:tomcat apache tomcat 9.0.0
apache:tomcat apache tomcat 9.0.0
apache:tomcat apache tomcat 9.0.0
apache:tomcat apache tomcat 9.0.0
apache:tomcat apache tomcat 9.0.0
apache:tomcat apache tomcat 9.0.0
apache:tomcat apache tomcat 9.0.0
apache:tomcat apache tomcat 9.0.0
apache:tomcat apache tomcat 9.0.0
apache:tomcat apache tomcat 9.0.0
apache:tomcat apache tomcat 9.0.0
apache:tomcat apache tomcat 9.0.0
apache:tomcat apache tomcat 9.0.0
apache:tomcat apache tomcat 9.0.0
apache:tomcat apache tomcat 9.0.0
apache:tomcat apache tomcat 9.0.0
apache:tomcat apache tomcat 9.0.0
apache:tomcat apache tomcat 9.0.0
apache:tomcat apache tomcat 9.0.0
apache:tomcat apache tomcat 10.0.0
apache:tomcat apache tomcat 7.0.107
apache:tomcat apache tomcat 8.5.61
apache:tomcat apache tomcat 9.0.41
apache:tomcat apache tomcat 10.0.0
apache:tomcat apache tomcat 10.0.0
apache:tomcat apache tomcat 10.0.0
apache:tomcat apache tomcat 10.0.0
apache:tomcat apache tomcat 10.0.0
apache:tomcat apache tomcat 10.0.0
apache:tomcat apache tomcat 10.0.0
apache:tomcat apache tomcat 10.0.0
apache:tomcat apache tomcat 10.0.0
apache:tomcat apache tomcat 10.0.0
debian:debian_linux debian debian linux 9.0
debian:debian_linux debian debian linux 10.0
oracle:managed_file_transfer oracle managed file transfer 12.2.1.3.0
oracle:instantis_enterprisetrack oracle instantis enterprisetrack 17.1
oracle:instantis_enterprisetrack oracle instantis enterprisetrack 17.2
oracle:instantis_enterprisetrack oracle instantis enterprisetrack 17.3
oracle:agile_plm oracle agile plm 9.3.3
oracle:agile_plm oracle agile plm 9.3.6
oracle:database oracle database 12.2.0.1
oracle:database oracle database 19c
oracle:managed_file_transfer oracle managed file transfer 12.2.1.4.0
oracle:communications_cloud_native_core_policy oracle communications cloud native core policy 1.14.0
oracle:communications_cloud_native_core_security_edge_protection_proxy oracle communications cloud native core security edge protection proxy 1.6.0
oracle:communications_instant_messaging_server oracle communications instant messaging server 10.0.1.5.0
oracle:database oracle database 21c
oracle:graph_server_and_client oracle graph server and client 21.3.0
oracle:mysql_enterprise_monitor oracle mysql enterprise monitor 8.0.23
oracle:siebel_ui_framework oracle siebel ui framework 21.9
oracle:siebel_ui_framework oracle siebel ui framework 21.9

Related