OESA-2024-2564 tomcat security update

🗓️ 20 Dec 2024 01:42:52Reported by GoogleType

osv🔗 osv.dev👁 6 Views

Tomcat security update fixes JSP TOCTOU race causing remote code execution and DoS from the examples app; upgrade to 11.0.2, 10.1.34, or 9.0.98.

Reporter	Title	Published	Views	Family All 335
GithubExploit	Exploit for Time-of-check Time-of-use (TOCTOU) Race Condition in Apache Tomcat	20 Dec 202421:30	–	githubexploit
GithubExploit	Exploit for Time-of-check Time-of-use (TOCTOU) Race Condition in Apache Tomcat	19 Dec 202402:43	–	githubexploit
GithubExploit	Exploit for CVE-2025-55752	29 Oct 202508:27	–	githubexploit
GithubExploit	Exploit for Time-of-check Time-of-use (TOCTOU) Race Condition in Apache Tomcat	23 Dec 202414:11	–	githubexploit
GithubExploit	Exploit for Time-of-check Time-of-use (TOCTOU) Race Condition in Apache Tomcat	25 Dec 202418:42	–	githubexploit
GithubExploit	Exploit for Time-of-check Time-of-use (TOCTOU) Race Condition in Apache Tomcat	18 Dec 202419:53	–	githubexploit
GithubExploit	Exploit for Time-of-check Time-of-use (TOCTOU) Race Condition in Apache Tomcat	30 Mar 202517:15	–	githubexploit
GithubExploit	Exploit for Time-of-check Time-of-use (TOCTOU) Race Condition in Apache Tomcat	20 Dec 202405:24	–	githubexploit
GithubExploit	Exploit for Time-of-check Time-of-use (TOCTOU) Race Condition in Apache Tomcat	21 Dec 202405:54	–	githubexploit
GithubExploit	Exploit for Time-of-check Time-of-use (TOCTOU) Race Condition in Apache Tomcat	23 Dec 202407:20	–	githubexploit

Source	Link
openeuler	www.openeuler.org/zh/security/security-bulletins/detail/
nvd	www.nvd.nist.gov/vuln/detail/CVE-2024-50379
nvd	www.nvd.nist.gov/vuln/detail/CVE-2024-54677

03 Sep 2025 06:20Current

6.8Medium risk

Vulners AI Score6.8

CVSS 3.19.8

EPSS0.84587

SSVC