Fixed in Apache Tomcat Native Connector 2.0.12 / 1.3.5

Moderate: Incomplete OCSP verification checks CVE-2026-24734 When using an OCSP responder, Tomcat Native did complete verification or freshness checks on the OCSP response which could allow certificate revocation to be bypassed. This issue was reported to the Tomcat security team on 2 November...

CVE-2025-58361

CVE-2025-58361 : Promptcraft Forge Studio contains an incomplete URL scheme check in its validation.ts that does not block XSS via SVG/data URLs. User-controlled URLs pass through the check and, if used in href/src, can allow script execution. Affected: Promptcraft Forge Studio (all versions) wit...

libcurl would reuse a previously created connection even when a TLS or SSHrelated option had been changed that should have prohibited reuse.libcurl keeps previously used connections in a connection pool for subsequenttransfers to reuse if one of them matches the setup. However several TLS andSSH settings were left out from the configuration match checks making themmatch too easily.

...

DEBIAN-CVE-2022-27782

libcurl would reuse a previously created connection even when a TLS or SSHrelated option had been changed that should have prohibited reuse.libcurl keeps previously used connections in a connection pool for subsequenttransfers to reuse if one of them matches the setup. However, several TLS andSSH...

ALPINE-CVE-2022-27782

libcurl would reuse a previously created connection even when a TLS or SSHrelated option had been changed that should have prohibited reuse.libcurl keeps previously used connections in a connection pool for subsequenttransfers to reuse if one of them matches the setup. However, several TLS andSSH...

OpenJDK: Incomplete checks of StringBuffer and StringBuilder during deserialization (Libraries, 8270392)

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Libraries. Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability...

RHEL 7 : java-11-openjdk (RHSA-2022:0204)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:0204 advisory. The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fixe...

CVE-2018-5861

In all android releasesAndroid for MSM, Firefox OS for MSM, QRD Android from CAF using the linux kernel, existing checks in place on partition size are incomplete and can lead to heap overwrite vulnerabilities while loading a secure application from the boot loader...

CVE-2018-9062

In some Lenovo ThinkPad products, one BIOS region is not properly included in the checks, allowing injection of arbitrary code...