Vulners
Lucene search
Apache Tomcat 10.1.50 < 10.1.53 multiple vulnerabilities
10
| Source | Link |
|---|---|
| nessus | www.nessus.org/u |
| nessus | www.nessus.org/u |
| nessus | www.nessus.org/u |
| nessus | www.nessus.org/u |
| nessus | www.nessus.org/u |
| nessus | www.nessus.org/u |
| nessus | www.nessus.org/u |
| nessus | www.nessus.org/u |
| cve | www.cve.mitre.org/cgi-bin/cvename.cgi |
| cve | www.cve.mitre.org/cgi-bin/cvename.cgi |
10
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##
include('compat.inc');
if (description)
{
script_id(307001);
script_version("1.1");
script_set_attribute(attribute:"plugin_modification_date", value:"2026/04/17");
script_cve_id(
"CVE-2026-24880",
"CVE-2026-25854",
"CVE-2026-29129",
"CVE-2026-29145",
"CVE-2026-29146",
"CVE-2026-32990"
);
script_name(english:"Apache Tomcat 10.1.50 < 10.1.53 multiple vulnerabilities");
script_set_attribute(attribute:"synopsis", value:
"The remote Apache Tomcat server is affected by multiple vulnerabilities");
script_set_attribute(attribute:"description", value:
"The version of Tomcat installed on the remote host is prior to 10.1.53. It is, therefore, affected by multiple
vulnerabilities as referenced in the fixed_in_apache_tomcat_10.1.53_security-10 advisory.
- CLIENT_CERT authentication does not fail as expected for some scenarios when soft fail is disabled
vulnerability in Apache Tomcat, Apache Tomcat Native. This issue affects Apache Tomcat: from 11.0.0-M1
through 11.0.18, from 10.1.0-M7 through 10.1.52, from 9.0.83 through 9.0.115; Apache Tomcat Native: from
1.1.23 through 1.1.34, from 1.2.0 through 1.2.39, from 1.3.0 through 1.3.6, from 2.0.0 through 2.0.13.
Users are recommended to upgrade to version Tomcat Native 1.3.7 or 2.0.14 and Tomcat 11.0.20, 10.1.53 and
9.0.116, which fix the issue. (CVE-2026-29145)
- Improper Input Validation vulnerability in Apache Tomcat due to an incomplete fix of CVE-2025-66614. This
issue affects Apache Tomcat: from 11.0.15 through 11.0.19, from 10.1.50 through 10.1.52, from 9.0.113
through 9.0.115. Users are recommended to upgrade to version 11.0.20, 10.1.53 or 9.0.116, which fix the
issue. (CVE-2026-32990)
- Padding Oracle vulnerability in Apache Tomcat's EncryptInterceptor with default configuration. This issue
affects Apache Tomcat: from 11.0.0-M1 through 11.0.18, from 10.0.0-M1 through 10.1.52, from 9.0.13 through
9..115, from 8.5.38 through 8.5.100, from 7.0.100 through 7.0.109. Users are recommended to upgrade to
version 11.0.19, 10.1.53 and 9.0.116, which fixes the issue. (CVE-2026-29146)
- Configured cipher preference order not preserved vulnerability in Apache Tomcat. This issue affects Apache
Tomcat: from 11.0.16 through 11.0.18, from 10.1.51 through 10.1.52, from 9.0.114 through 9.0.115. Users
are recommended to upgrade to version 11.0.20, 10.1.53 or 9.0.116, which fix the issue. (CVE-2026-29129)
- Occasional URL redirection to untrusted Site ('Open Redirect') vulnerability in Apache Tomcat via the
LoadBalancerDrainingValve. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.18, from
10.1.0-M1 through 10.1.52, from 9.0.0.M23 through 9.0.115, from 8.5.30 through 8.5.100. Other, unsupported
versions may also be affected Users are recommended to upgrade to version 11.0.20, 10.1.53 or 9.0.116,
which fix the issue. (CVE-2026-25854)
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
# https://github.com/apache/tomcat/commit/4d0615a5c718c260d6d4e0b944a050f09a490c02
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?9e693762");
# https://github.com/apache/tomcat/commit/607ebc0fa522bd9e8c05517baa2d179bbd1e659c
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?21dea794");
# https://github.com/apache/tomcat/commit/fe26667cd2385045ac73f4dea086cc9971209b90
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?cf236728");
# https://github.com/apache/tomcat/commit/8d69b33764dba81dce89e3a768de6093a35620ae
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?7778a236");
# https://github.com/apache/tomcat/commit/5fb910f9a9dafa37a0c0965a1bd62a21dcf437f2
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?b7fd3e23");
# https://github.com/apache/tomcat/commit/f07df938d00f7419b40fa65aa912966d0efac522
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?4063477b");
# https://github.com/apache/tomcat/commit/1e71441a15972f56e661b0b549fb9e5d838b83bb
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?5d9be7dd");
# https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.53
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?2b9e7006");
script_set_attribute(attribute:"solution", value:
"Upgrade to Apache Tomcat version 10.1.53 or later.");
script_set_attribute(attribute:"agent", value:"all");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:N");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N");
script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
script_set_attribute(attribute:"cvss4_vector", value:"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N");
script_set_attribute(attribute:"cvss4_threat_vector", value:"CVSS:4.0/E:P");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2026-29145");
script_set_attribute(attribute:"cvss4_score_source", value:"CVE-2026-29146");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"vuln_publication_date", value:"2026/03/20");
script_set_attribute(attribute:"patch_publication_date", value:"2026/03/23");
script_set_attribute(attribute:"plugin_publication_date", value:"2026/04/17");
script_set_attribute(attribute:"plugin_type", value:"combined");
script_set_attribute(attribute:"cpe", value:"cpe:/a:apache:tomcat:10");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Web Servers");
script_copyright(english:"This script is Copyright (C) 2026 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("os_fingerprint.nasl", "tomcat_error_version.nasl", "tomcat_win_installed.nbin", "apache_tomcat_nix_installed.nbin");
script_require_keys("installed_sw/Apache Tomcat");
exit(0);
}
include('vcf_extras.inc');
vcf::tomcat::initialize();
var app_info = vcf::combined_get_app_info(app:'Apache Tomcat');
var constraints = [
{ 'min_version' : '10.1.50', 'max_version' : '10.1.52', 'fixed_version' : '10.1.53' }
];
vcf::check_all_backporting(app_info:app_info);
vcf::check_granularity(app_info:app_info, sig_segments:3);
vcf::check_version_and_report(
app_info:app_info,
constraints:constraints,
severity:SECURITY_HOLE
);
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
17 Apr 2026 00:00Current
6.4Medium risk
Vulners AI Score6.4
CVSS 3.19.1
EPSS0.12919
SSVC