Lucene search
K

9 matches found

F5 Networks
F5 Networks
added 2026/06/05 3:17 p.m.14 views

K000161603: Apache Tomcat vulnerability CVE-2026-32990

Security Advisory Description Improper Input Validation vulnerability in Apache Tomcat due to an incomplete fix of CVE-2025-66614. This issue affects Apache Tomcat: from 11.0.15 through 11.0.19, from 10.1.50 through 10.1.52, from 9.0.113 through 9.0.115. Users are recommended to upgrade to versio...

5.3CVSS5.8AI score0.00307EPSS
Exploits0Affected Software1
SUSE CVE
SUSE CVE
added 2026/04/10 11:25 p.m.7 views

SUSE CVE-2026-34486

Missing Encryption of Sensitive Data vulnerability in Apache Tomcat due to the fix for CVE-2026-29146 allowing the bypass of the EncryptInterceptor. This issue affects Apache Tomcat: 11.0.20, 10.1.53, 9.0.116. Users are recommended to upgrade to version 11.0.21, 10.1.54 or 9.0.117, which fix the...

7.5CVSS5.8AI score0.15831EPSS
Exploits5References12
OSV
OSV
added 2026/04/09 8:16 p.m.6 views

UBUNTU-CVE-2026-34487

Insertion of Sensitive Information into Log File vulnerability in the cloud membership for clustering component of Apache Tomcat exposed the Kubernetes bearer token. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.20, from 10.1.0-M1 through 10.1.53, from 9.0.13 through 9.0.116. User...

7.5CVSS5.8AI score0.00447EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/04/09 7:13 p.m.35 views

CVE-2026-25854 Apache Tomcat: Occasionally open redirect

Occasional URL redirection to untrusted Site 'Open Redirect' vulnerability in Apache Tomcat via the LoadBalancerDrainingValve. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.18, from 10.1.0-M1 through 10.1.52, from 9.0.0.M23 through 9.0.115, from 8.5.30 through 8.5.100. Other,...

0.00526EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/11/20 12:0 a.m.6 views

TencentOS Server 4: tomcat (TSSA-2025:0736)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0736 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

7.5CVSS7AI score0.03389EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2025/09/01 2:50 p.m.11 views

Security Bulletin: Improper Handling of Case Sensitivity vulnerability in Apache Tomcat's GCI servlet allows security constraint, which affects IBM watsonx.data

Summary Improper Handling of Case Sensitivity vulnerability in Apache Tomcat's GCI servlet allows security constraint bypass of security constraints that apply to the pathInfo component of a URI mapped to the CGI servlet. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.6, from...

7.3CVSS6.7AI score0.02608EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/08/12 9:33 a.m.19 views

Security Bulletin: Multiple security vulnerabilities in IBM Business Automation Manager Open Editions.

Summary Multiple vulnerabilities were addressed in IBM Business Automation Manager Open Editions 8.0.8. Vulnerability Details CVEID:CVE-2025-53506 DESCRIPTION: Uncontrolled Resource Consumption vulnerability in Apache Tomcat if an HTTP/2 client did not acknowledge the initial settings frame that...

9.1CVSS9.7AI score0.63258EPSS
Exploits4Affected Software1
SUSE CVE
SUSE CVE
added 2025/06/17 2:18 a.m.5 views

SUSE CVE-2025-49125

Authentication Bypass Using an Alternate Path or Channel vulnerability in Apache Tomcat. When using PreResources or PostResources mounted other than at the root of the web application, it was possible to access those resources via an unexpected path. That path was likely not to be protected by th...

7.4CVSS7.6AI score0.03163EPSS
Exploits0References12
OSV
OSV
added 2025/06/16 3:15 p.m.3 views

UBUNTU-CVE-2025-48988

Allocation of Resources Without Limits or Throttling vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.7, from 10.1.0-M1 through 10.1.41, from 9.0.0.M1 through 9.0.105. The following versions were EOL at the time the CVE was created but are known to be...

7.5CVSS7.1AI score0.53228EPSS
Exploits1References7
Rows per page
Query Builder