19 matches found
MiracleLinux 9 : tomcat-9.0.87-3.el9_6.3 (AXSA:2025-10779:06)
The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-10779:06 advisory. tomcat: Apache Tomcat DoS in multipart upload CVE-2025-48988 tomcat: Apache Tomcat: Security constraint bypass for pre/post-resources CVE-2025-4912...
Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to an interger overflow in Apache Tomcat [CVE-2025-52520]
Summary IBM Watson Speech Services Cartridge is vulnerable to a DOS in Apache Tomcat, due to an Integer Overflow vulnerability that could allow bypassing of size limits CVE-2025-52520. Apache Tomcat is used in our speech microservices. This vulnerabilitiy has been addressed. Please read the detai...
tomcat9 security update
An update is available for tomcat9. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Tomcat is the servlet container that is used in the official Reference...
Atlassian Jira Service Management Data Center and Server 5.12.x < 5.12.26 / 5.13.x < 10.3.9 / 10.4.x < 10.7.3 / 11.0.x < 11.0.1 DoS (JSDSERVER-16367)
The version of Atlassian Jira Service Management Data Center and Server Jira Service Desk running on the remote host is affected by a vulnerability as referenced in the JSDSERVER-16367 advisory. - For some unlikely configurations of multipart upload, an Integer Overflow vulnerability in Apache...
Security Bulletin: IBM DevOps Deploy / IBM UrbanCode Deploy (UCD) is affected by a Denial Of Service Vulnerability in Apache Tomcat (CVE-2025-52520)
Summary IBM DevOps Deploy / IBM UrbanCode Deploy UCD is affected by a Denial Of Service Vulnerability in Apache Tomcat. This issue affects Apache Tomcat: 11.0.8, 10.1.42, 9.0.106. Vulnerability Details CVEID:CVE-2025-52520 DESCRIPTION: For some unlikely configurations of multipart upload, an...
SUSE: Security Advisory (SUSE-SU-2025:02978-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Linux Distros Unpatched Vulnerability : CVE-2025-52520
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - For some unlikely configurations of multipart upload, an Integer Overflow vulnerability in Apache Tomcat could lead to a DoS via bypassing of size limits. This...
Amazon Linux 2 : tomcat (ALAS-2025-2953)
The version of tomcat installed on the remote host is prior to 7.0.76-10. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2953 advisory. For some unlikely configurations of multipart upload, an Integer Overflow vulnerability in Apache Tomcat could lead to a DoS via...
Important: tomcat
Issue Overview: For some unlikely configurations of multipart upload, an Integer Overflow vulnerability in Apache Tomcat could lead to a DoS via bypassing of size limits. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.8, from 10.1.0-M1 through 10.1.42, from 9.0.0.M1 through 9.0.106...
Photon OS 5.0: Apache PHSA-2025-5.0-0565
An update of the apache package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-5.0-0565. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
OESA-2025-1895 tomcat security update
Tomcat is the servlet container that is used in the official Reference Implementation for the Java Servlet and JavaServer Pages technologies. The Java Servlet and JavaServer Pages specifications are developed by Sun under the Java Community Process. Security Fixes: Concurrent Execution using Shar...
Debian: Security Advisory (DLA-4244-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2025-52520
For some unlikely configurations of multipart upload, an Integer Overflow vulnerability in Apache Tomcat could lead to a DoS via bypassing of size limits. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.8, from 10.1.0-M1 through 10.1.42, from 9.0.0.M1 through 9.0.106. The following...
Apache Tomcat 11.0.0.M1 < 11.0.9 multiple vulnerabilities
The version of Tomcat installed on the remote host is prior to 11.0.9. It is, therefore, affected by multiple vulnerabilities as referenced in the fixedinapachetomcat11.0.9security-11 advisory. - The vulnerability exists due to overflow in file upload limit. A remote attacker can send specially...
CVE-2025-52520
creationtimestamp| type| source ---|---|--- 2025-07-09 15:58:37+00:00| seen| https://bsky.app/profile/thedailytechfeed.com/post/3ltk6n4cbyk2d 2025-07-10 18:09:14+00:00| seen| https://seclists.org/oss-sec/2025/q3/30 2025-07-10 20:26:07+00:00| seen|...
Apache Tomcat Multiple DoS Vulnerabilities (Jul 2025) - Linux
Apache Tomcat is prone to multiple denial of service DoS vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Apache Tomcat Multiple DoS Vulnerabilities (Jul 2025) - Windows
Apache Tomcat is prone to multiple denial of service DoS vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
KLA85813 Multiple vulnerabilities in Apache Tomcat
Multiple vulnerabilities were found in Apache Tomcat. Malicious users can exploit these vulnerabilities to cause denial of service. Original advisories Apache Tomcat 9.x vulnerabilities Related products Apache-Tomcat CVE list CVE-2025-52434 critical CVE-2025-52520 critical CVE-2025-53506 critical...
Fixed in Apache Tomcat 11.0.9
Low: DoS due to overflow in file upload limit CVE-2025-52520 For some unlikely configurations of multipart upload, an Integer Overflow vulnerability could lead to a DoS via bypassing of size limits. This was fixed with commit a51e4bed. This issue was reported to the Tomcat security team on 7 June...