Apache Tomcat 11.0.0-M1 < 11.0.12 Denial of Service

The version of Apache Tomcat installed on the remote host is 9.0.0-M1 prior to 9.0.110, 10.1.0-M1 prior to 10.1.47 or 11.0.0-M1 prior to 11.0.12. It is, therefore, affected by a denial of service vulnerability due to delayed cleaning of multipart upload temporary files. Note that the scanner has...

Updated tomcat packages fix security vulnerabilities

Directory traversal via rewrite with possible RCE if PUT is enabled. CVE-2025-55752 Console manipulation via escape sequences in log messages. CVE-2025-55754 Delayed cleaning of multi-part upload temporary files may lead to DoS. CVE-2025-61795...