SUSE SLES12 Security Update : tomcat (SUSE-SU-2026:2299-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2299-1 advisory. This update for tomcat fixes the following issues Update to Tomcat 9.0.118: - CVE-2026-41284: Unbounded read in WebDAV LOCK and PROPFIND handli...

Security update for tomcat

This update for tomcat fixes the following issues Update to Tomcat 9.0.118: CVE-2026-41284: Unbounded read in WebDAV LOCK and PROPFIND handling bsc1265162. CVE-2026-41293: HTTP/2 request headers not validated bsc1265163. CVE-2026-42498: WebSocket authentication header exposure bsc1265165...

tomcat11-11.0.22-1.1 on GA media (moderate)

tomcat11-11.0.22-1.1 on GA media Announcement ID: openSUSE-SU-2026:10927-1 Rating: moderate Cross-References: CVE-2026-41284 CVE-2026-41293 CVE-2026-42498 CVE-2026-43512 CVE-2026-43513 CVE-2026-43514 CVE-2026-43515 CVSS scores: CVE-2026-41284 SUSE : 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:...

tomcat10-10.1.55-1.1 on GA media (moderate)

tomcat10-10.1.55-1.1 on GA media Announcement ID: openSUSE-SU-2026:10926-1 Rating: moderate Cross-References: CVE-2026-41284 CVE-2026-41293 CVE-2026-42498 CVE-2026-43512 CVE-2026-43513 CVE-2026-43514 CVE-2026-43515 CVSS scores: CVE-2026-41284 SUSE : 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:...

geronimo:geronimo-tomcat (>=1.0 <=1.1.1), geronimo:geronimo-tomcat-builder (>=1.0 <=1.1.1) +17 more potentially affected by CVE-2026-41293 via tomcat:tomcat-coyote (>=5.5.15 <=5.5.9)

tomcat:tomcat-coyote MAVEN version =5.5.15, =1.0, =1.0, =1.1.1 - geronimo:tomcat =1.0 - org.apache.geronimo.assemblies:geronimo-tomcat-minimal =1.2-beta - org.apache.geronimo.configs:ca-helper-tomcat =1.2-beta - org.apache.geronimo.configs:dojo-tomcat =1.2-beta -...

br.com.arsmachina:tapestry-url-rewriter (>=1.0.1 <=2.0.0), com.butor:butor-mule (>=1.0.3 <=1.0.18) +167 more potentially affected by CVE-2026-41293 via org.apache.tomcat:coyote (>=6.0.13 <=6.0.53)

org.apache.tomcat:coyote MAVEN version =6.0.13, =1.0.1, =1.0.3, =1.5, =1.8.2, =1.40, =1.40, =1.40, =2.3.0, =2.3.0, =1.0.b1, =20250815, =20260429 and more Source cves: CVE-2026-41293 Source advisory: SNYK:JAVA-ORGAPACHETOMCAT-16691219...

CVE-2026-41293

creationtimestamp| type| source ---|---|--- 2026-05-12 17:15:01+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3mloc2ajsvu2j...

UBUNTU-CVE-2026-41293

Improper Input Validation vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.21, from 10.1.0-M1 through 10.1.54, from 9.0.0.M1 through 9.0.117, from 10.0.0-M1 through 10.0.27. Older, end of support versions may also be affected. Users are recommended to...