Lucene search
K

44 matches found

OSV
OSV
added 2026/05/18 1:35 p.m.21 views

CLEANSTART-2026-MR27796 Security fixes for CVE-2022-23181, CVE-2022-29885, CVE-2022-34305, CVE-2022-42252, CVE-2022-45143, CVE-2023-24998, CVE-2023-28708, CVE-2025-31650, CVE-2025-31651 applied in versions: 10.1.53-r0, 9.0.58-r0, 9.0.63-r0, 9.0.64-r0, 9.0.68-r0, 9.0.70-r0, 9.0.71-r0, 9.0.73-r0, 9.0.80-r0

Multiple security vulnerabilities affect the tomcat10 package. These issues are resolved in later releases. See references for individual vulnerability details...

9.8CVSS7.5AI score0.73139EPSS
Exploits27References19
IBM Security Bulletins
IBM Security Bulletins
added 2026/04/01 4:36 p.m.10 views

Security Bulletin: Vulnerabilities in Linux Kernel, MongoDB and Tomcat affect IBM Spectrum Protect Plus

Summary IBM Spectrum Protect Plus can be affected by vulnerabilities in MongoDB, Tomcat and Linux. Vulnerabilities include obtaining sensitive information, causing a denial of service condition, the elevation of privileges, remote execution of arbitrary code and bypassing security restrictions, a...

9.8CVSS7.2AI score0.66933EPSS
Exploits8Affected Software1
RedHat Linux
RedHat Linux
added 2026/02/16 11:56 a.m.21 views

Important: Red Hat Security Advisory: pki-deps:10.6 security update

An update for the pki-deps:10.6 module is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support and Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On. Red Hat Product Security has rated this update as having a security impact of Important. A...

9.8CVSS7.1AI score0.66535EPSS
Exploits5References3
RedHat Linux
RedHat Linux
added 2026/02/16 11:27 a.m.14 views

Important: Red Hat Security Advisory: pki-deps:10.6 security update

An update for the pki-deps:10.6 module is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating,...

9.8CVSS7.1AI score0.66535EPSS
Exploits5References3
Tenable Nessus
Tenable Nessus
added 2026/01/13 12:0 a.m.7 views

MiracleLinux 9 : tomcat-9.0.87-6.el9_7.1 (AXSA:2025-11556:10)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-11556:10 advisory. tomcat: Apache Tomcat: Bypass of rules in Rewrite Valve CVE-2025-31651 tomcat: org.apache.tomcat/tomcat-catalina: Apache Tomcat: Directory traversa...

9.8CVSS7.9AI score0.66535EPSS
Exploits5References3
Tenable Nessus
Tenable Nessus
added 2025/12/15 12:0 a.m.14 views

Alibaba Cloud Linux 3 : 0193: tomcat (ALINUX3-SA-2025:0193)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2025:0193 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2025-31651: Improper Neutralization of...

9.8CVSS8.1AI score0.66535EPSS
Exploits5References3
Tenable Nessus
Tenable Nessus
added 2025/12/15 12:0 a.m.10 views

Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-7.0.1.10)

The version of AOS installed on the remote host is prior to 7.0.1.10. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-7.0.1.10 advisory. - Improper Neutralization of Escape, Meta, or Control Sequences vulnerability in Apache Tomcat. For a subset of unlikely...

9.8CVSS6.9AI score0.66933EPSS
Exploits7References12
Tenable Nessus
Tenable Nessus
added 2025/12/12 12:0 a.m.10 views

AlmaLinux 8 : tomcat (ALSA-2025:23048)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:23048 advisory. tomcat: Apache Tomcat: Bypass of rules in Rewrite Valve CVE-2025-31651 tomcat: org.apache.tomcat/tomcat-catalina: Apache Tomcat: Directory traversal via...

9.8CVSS7.9AI score0.66535EPSS
Exploits5References4
OSV
OSV
added 2025/12/11 9:7 a.m.18 views

RLSA-2025:23049 Important: tomcat security update

Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages JSP technologies. Security Fixes: tomcat: Apache Tomcat: Bypass of rules in Rewrite Valve CVE-2025-31651 tomcat: org.apache.tomcat/tomcat-catalina: Apache Tomcat: Directory traversal via rewrite with possible RCE...

7.5CVSS7.9AI score0.66535EPSS
Exploits5References3
Tenable Nessus
Tenable Nessus
added 2025/12/10 12:0 a.m.7 views

RHEL 8 : tomcat (RHSA-2025:23045)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:23045 advisory. Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages JSP technologies. Security Fixes: tomcat: Apache Tomcat:...

9.8CVSS8AI score0.66535EPSS
Exploits5References6
Tenable Nessus
Tenable Nessus
added 2025/12/02 12:0 a.m.10 views

Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-6.10.1.11)

The version of AOS installed on the remote host is prior to 6.10.1.11. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-6.10.1.11 advisory. - Improper Neutralization of Escape, Meta, or Control Sequences vulnerability in Apache Tomcat. For a subset of unlikely...

9.8CVSS6.9AI score0.66933EPSS
Exploits7References12
RedHat Linux
RedHat Linux
added 2025/11/06 4:32 p.m.18 views

Important: Red Hat Security Advisory: Red Hat JBoss Web Server 6.1.3 release and security update

Red Hat JBoss Web Server 6.1.3 is now available for Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9, and Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives ...

9.8CVSS7AI score0.66535EPSS
Exploits5References6
IBM Security Bulletins
IBM Security Bulletins
added 2025/09/25 11:51 a.m.19 views

Security Bulletin: Vulnerability in Apache Tomcat affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge.

Summary Potential vulnerabilities in Apache Tomcat has been identified that affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component. . The vulnerability have been addressed. Refer to details for additional information...

10CVSS8.1AI score0.99945EPSS
Exploits61Affected Software3
OpenVAS
OpenVAS
added 2025/07/22 12:0 a.m.11 views

Debian: Security Advisory (DLA-4244-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.2AI score0.66933EPSS
Exploits8References2
Tenable Nessus
Tenable Nessus
added 2025/06/27 12:0 a.m.6 views

SUSE SLES12 Security Update : tomcat (SUSE-SU-2025:01882-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2025:01882-1 advisory. - CVE-2025-31651: Better handling of URLs with literal ';' and '?' bsc1242009. Tenable has extracted the preceding description block directly from the...

9.8CVSS7.6AI score0.0418EPSS
Exploits1References4
OSV
OSV
added 2025/06/11 5:42 a.m.9 views

SUSE-SU-2025:01882-1 Security update for tomcat

This update for tomcat fixes the following issues: - CVE-2025-31651: Better handling of URLs with literal ';' and '?' bsc1242009...

9.8CVSS7.5AI score0.0418EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2025/05/30 12:0 a.m.13 views

SUSE SLES15: tomcat / tomcat-admin-webapps / tomcat-el-3_0-api / etc (SUSE-SU-2025:01521-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:01521-1 advisory. Update to Tomcat 9.0.104 - CVE-2025-31650: invalid priority field values should be ignored bsc1242008 - CVE-2025-31651: Better...

9.8CVSS7.1AI score0.66933EPSS
Exploits6References7
OSV
OSV
added 2025/05/29 2:4 p.m.8 views

SUSE-SU-2025:01521-1 Security update for tomcat

This update for tomcat fixes the following issues: Update to Tomcat 9.0.104 - CVE-2025-31650: invalid priority field values should be ignored bsc1242008 - CVE-2025-31651: Better handling of URLs with literal ';' and '?' bsc1242009 Full changelog:...

9.8CVSS7.5AI score0.66933EPSS
Exploits6References5
F5 Networks
F5 Networks
added 2025/05/19 12:0 a.m.21 views

K000151411: Apache Tomcat vulnerability CVE-2025-31651

Security Advisory Description CVE-2025-31650 Improper Input Validation vulnerability in Apache Tomcat. Incorrect error handling for some invalid HTTP priority headers resulted in incomplete clean-up of the failed request which created a memory leak. A large number of such requests could trigger a...

9.8CVSS9.3AI score0.66933EPSS
Exploits6Affected Software36
IBM Security Bulletins
IBM Security Bulletins
added 2025/05/16 8:6 a.m.31 views

Security Bulletin: Due to the use of Apache Tomcat, IBM ApplinX is vulnerable to an Improper Encoding or Escaping of Output vulnerability (CVE-2025-31651) and an Improper Input Validation vulnerability (CVE-2025-31651).

Summary Due to the use of Apache Tomcat, IBM ApplinX is vulnerable to an Improper Encoding or Escaping of Output vulnerability CVE-2025-31651 and an Improper Input Validation vulnerability CVE-2025-31651. Apache Tomcat has been updated within IBM ApplinX in order to address the vulnerabilities...

9.8CVSS7.1AI score0.66933EPSS
Exploits6Affected Software1
Rows per page
Query Builder