CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

13 matches found

RedHat Linux•added 2026/05/26 12:59 p.m.•10 views

Apache Tomcat: Apache Tomcat: Open Redirect vulnerability via LoadBalancerDrainingValve

A flaw was found in Apache Tomcat. This open redirect vulnerability allows an attacker to redirect a user to an untrusted site. This occurs through the LoadBalancerDrainingValve, which can be exploited to manipulate URL redirection. The primary impact is that users may be unknowingly directed to...

6.1CVSS6.3AI score0.00526EPSS

Exploits0References5

AstraLinux•added 2026/05/03 11:59 p.m.•4 views

Astra Linux – Vulnerability in Tomcat9

Occasional URL redirection to untrusted sites is a vulnerability in Apache Tomcat, caused by the LoadBalancerDrainingValve. This issue affects Apache Tomcat versions as follows: 11.0.0-M1 through 11.0.18, 10.1.0-M1 through 10.1.52, 9.0.0.M23 through 9.0.115, and 8.5.30 through 8.5.100. Other,...

6.1CVSS5.3AI score0.00526EPSS

Exploits0References1

SUSE CVE•added 2026/04/10 11:27 p.m.•3 views

SUSE CVE-2026-25854

Occasional URL redirection to untrusted Site 'Open Redirect' vulnerability in Apache Tomcat via the LoadBalancerDrainingValve. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.18, from 10.1.0-M1 through 10.1.52, from 9.0.0.M23 through 9.0.115, from 8.5.30 through 8.5.100. Other,...

4.8CVSS5.8AI score0.00526EPSS

Exploits0References10

OSV•added 2026/04/09 9:31 p.m.•2 views

GHSA-9M3C-QCXR-9X87 Apache Tomcat has an Open Redirect vulnerability

6.9CVSS5.8AI score0.00526EPSS

Exploits0References4

Github Security Blog•added 2026/04/09 9:31 p.m.•3 views

Apache Tomcat has an Open Redirect vulnerability

6.1CVSS5.8AI score0.00526EPSS

Exploits0References4Affected Software3

OSV•added 2026/04/09 8:16 p.m.•1 views

DEBIAN-CVE-2026-25854

6.1CVSS5.2AI score0.00526EPSS

Exploits0References1

UbuntuCve•added 2026/04/09 8:16 p.m.•3 views

CVE-2026-25854

6.1CVSS5.8AI score0.00526EPSS

Exploits0References3

Cvelist•added 2026/04/09 7:13 p.m.•27 views

CVE-2026-25854 Apache Tomcat: Occasionally open redirect

0.00526EPSS

Exploits0References1

Vulnrichment•added 2026/04/09 7:13 p.m.•2 views

CVE-2026-25854 Apache Tomcat: Occasionally open redirect

5.8AI score0.00526EPSS

Exploits0References1

ATTACKERKB•added 2026/04/09 7:13 p.m.•6 views

CVE-2026-25854

5.8AI score0.00526EPSS

Exploits0References2Affected Software1

Snyk•added 2026/04/08 9:0 p.m.•3 views

Open Redirect

Overview org.apache.tomcat:tomcat-catalina is a Tomcat Servlet Engine Core Classes and Standard implementations. Affected versions of this package are vulnerable to Open Redirect via the LoadBalancerDrainingValve.invoke function. When the LoadBalancerDrainingValve is in the disabled draining stat...

6.1CVSS5.8AI score0.00526EPSS

Exploits0References2

Snyk•added 2026/04/08 9:0 p.m.•2 views

Open Redirect

Overview org.apache.tomcat.embed:tomcat-embed-core is a Core Tomcat implementation. Affected versions of this package are vulnerable to Open Redirect via the LoadBalancerDrainingValve.invoke function. When the LoadBalancerDrainingValve is in the disabled draining state, an attacker can redirect...

6.1CVSS5.8AI score0.00526EPSS

Exploits0References2

Positive Technologies•added 2026/03/23 12:0 a.m.•4 views

PT-2026-31697

Name of the Vulnerable Software and Affected Versions Apache Tomcat versions 11.0.0-M1 through 11.0.18, 10.1.0-M1 through 10.1.52, 9.0.0.M23 through 9.0.115, and 8.5.30 through 8.5.100. Description An open redirect issue exists in Apache Tomcat due to a flaw in the LoadBalancerDrainingValve. This...

9.1CVSS5.8AI score0.15447EPSS

Exploits6References84

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by