ROOT-APP-MAVEN-CVE-2025-48989 CVE-2025-48989 in io.root.org.apache.tomcat:tomcat-coyote - Patched by Root

Root has patched CVE-2025-48989 in the io.root.org.apache.tomcat:tomcat-coyote package for Root:Maven. Multiple fixed versions available...

MiracleLinux 9 : tomcat-9.0.87-3.el9_6.3 (AXSA:2025-10779:06)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-10779:06 advisory. tomcat: Apache Tomcat DoS in multipart upload CVE-2025-48988 tomcat: Apache Tomcat: Security constraint bypass for pre/post-resources CVE-2025-4912...

Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-7.0.1.10)

The version of AOS installed on the remote host is prior to 7.0.1.10. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-7.0.1.10 advisory. - Improper Neutralization of Escape, Meta, or Control Sequences vulnerability in Apache Tomcat. For a subset of unlikely...

Important: Red Hat Security Advisory: Red Hat JBoss Web Server 5.8.6 release and security update

An update is now available for Red Hat JBoss Web Server 5.8 on Red Hat Enterprise Linux versions 7, 8, and 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-6.10.1.11)

The version of AOS installed on the remote host is prior to 6.10.1.11. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-6.10.1.11 advisory. - Improper Neutralization of Escape, Meta, or Control Sequences vulnerability in Apache Tomcat. For a subset of unlikely...

K000157302: Apache Tomcat vulnerability CVE-2025-48989

Security Advisory Description Improper Resource Shutdown or Release vulnerability in Apache Tomcat made Tomcat vulnerable to the made you reset attack. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.9, from 10.1.0-M1 through 10.1.43 and from 9.0.0.M1 through 9.0.107. Older, EOL...

TencentOS Server 3: tomcat (TSSA-2025:0797)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0797 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

Advisory ROSA-SA-2025-3033

software: tomcat 9.0.37 WASP: ROSA-CHROME unaffected versions = tomcat-9.0.37-14 affected versions tomcat-9.0.37-14 CVE-ID: CVE-2025-48989 BDU-ID: 2025-09899 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the HTTP2 handler of the Apache Tomcat application server is related to incorrect resource...

tomcat9 security update

An update is available for tomcat9. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Tomcat is the servlet container that is used in the official Reference...

Important: tomcat10

Issue Overview: Improper Resource Shutdown or Release vulnerability in Apache Tomcat made Tomcat vulnerable to the made you reset attack. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.9, from 10.1.0-M1 through 10.1.43 and from 9.0.0.M1 through 9.0.107. Older, EOL versions may also...

CLSA-2025-1757011448 tomcat: Fix of CVE-2025-48989

CVE-2025-48989: fix improper resource shutdown vulnerability to prevent reset attack...

Important: tomcat

Issue Overview: Improper Resource Shutdown or Release vulnerability in Apache Tomcat made Tomcat vulnerable to the made you reset attack. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.9, from 10.1.0-M1 through 10.1.43 and from 9.0.0.M1 through 9.0.107. Older, EOL versions may also...

SUSE SLES15: tomcat10 / tomcat10-admin-webapps / tomcat10-doc / etc (SUSE-SU-2025:03006-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:03006-1 advisory. Updated to Tomcat 10.1.44: - CVE-2025-48989: Fixed 'MadeYouReset' DoS in HTTP/2 due to client triggered stream reset bsc12438...

Security update for tomcat10

This update for tomcat10 fixes the following issues: Updated to Tomcat 10.1.44: CVE-2025-48989: Fixed "MadeYouReset" DoS in HTTP/2 due to client triggered stream reset bsc1243895 Other fixes: Catalina Fix: Fix bloom filter population for archive indexing when using a packed WAR containing one or...

SUSE-SU-2025:02992-1 Security update for tomcat11

This update for tomcat11 fixes the following issues: Updated to Tomcat 11.0.10 - CVE-2025-48989: Fixed 'MadeYouReset' DoS in HTTP/2 due to client triggered stream reset bsc1243895 Other fixes: Catalina + Fix: Fix bloom filter population for archive indexing when using a packed WAR containing one ...

tomcat10-10.1.44-1.1 on GA media (moderate)

tomcat10-10.1.44-1.1 on GA media Announcement ID: openSUSE-SU-2025:15490-1 Rating: moderate Cross-References: CVE-2025-48989 CVSS scores: CVE-2025-48989 SUSE : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2025-48989 SUSE : 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:...

tomcat11-11.0.10-1.1 on GA media (moderate)

tomcat11-11.0.10-1.1 on GA media Announcement ID: openSUSE-SU-2025:15491-1 Rating: moderate Cross-References: CVE-2025-48989 CVSS scores: CVE-2025-48989 SUSE : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2025-48989 SUSE : 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:...

tomcat-9.0.108-1.1 on GA media (moderate)

tomcat-9.0.108-1.1 on GA media Announcement ID: openSUSE-SU-2025:15489-1 Rating: moderate Cross-References: CVE-2025-48989 CVSS scores: CVE-2025-48989 SUSE : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2025-48989 SUSE : 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N...

Alibaba Cloud Linux 3 : 0142: tomcat (ALINUX3-SA-2025:0142)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2025:0142 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2025-48976: Allocation of resources fo...

Apache Tomcat 11.0.0.M1 < 11.0.10

The version of Tomcat installed on the remote host is prior to 11.0.10. It is, therefore, affected by a vulnerability as referenced in the fixedinapachetomcat11.0.10security-11 advisory. - Tomcat's HTTP/2 implementation was vulnerable to the made you reset attack. The denial of service typically...