Apache Tomcat 11.0.0-M1 < 11.0.12 Denial of Service

The version of Apache Tomcat installed on the remote host is 9.0.0-M1 prior to 9.0.110, 10.1.0-M1 prior to 10.1.47 or 11.0.0-M1 prior to 11.0.12. It is, therefore, affected by a denial of service vulnerability due to delayed cleaning of multipart upload temporary files. Note that the scanner has...

MGASA-2025-0250 Updated tomcat packages fix security vulnerabilities

Directory traversal via rewrite with possible RCE if PUT is enabled. CVE-2025-55752 Console manipulation via escape sequences in log messages. CVE-2025-55754 Delayed cleaning of multi-part upload temporary files may lead to DoS. CVE-2025-61795...

Updated tomcat packages fix security vulnerabilities

Directory traversal via rewrite with possible RCE if PUT is enabled. CVE-2025-55752 Console manipulation via escape sequences in log messages. CVE-2025-55754 Delayed cleaning of multi-part upload temporary files may lead to DoS. CVE-2025-61795...

Apache Tomcat 10.1.0.M1 < 10.1.47

The version of Tomcat installed on the remote host is prior to 10.1.47. It is, therefore, affected by a vulnerability as referenced in the fixedinapachetomcat10.1.47security-10 advisory. - Improper Resource Shutdown or Release vulnerability in Apache Tomcat. If an error occurred including exceedi...