Lucene search
K

44 matches found

Vulnrichment
Vulnrichment
added 2025/03/10 4:44 p.m.18 views

CVE-2025-24813 Apache Tomcat: Potential RCE and/or information disclosure and/or information corruption with partial PUT

Path Equivalence: 'file.Name' Internal Dot leading to Remote Code Execution and/or Information disclosure and/or malicious content added to uploaded files via write enabled Default Servlet in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.2, from 10.1.0-M1 through...

9.3AI score0.99945EPSS
Exploits46References1
ATTACKERKB
ATTACKERKB
added 2025/03/10 12:0 a.m.20 views

CVE-2025-24813

Path Equivalence: ‘file.Name’ Internal Dot leading to Remote Code Execution and/or Information disclosure and/or malicious content added to uploaded files via write enabled Default Servlet in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.2, from 10.1.0-M1 through...

10CVSS9.6AI score0.99945EPSS
In wildExploits46References3
Apache Tomcat
Apache Tomcat
added 2025/02/10 12:0 a.m.28 views

Fixed in Apache Tomcat 10.1.35

Important: Remote Code Execution and/or Information disclosure and/or malicious content added to uploaded files via write enabled Default Servlet - CVE-2025-24813 The original implementation of partial PUT used a temporary file based on the user provided file name and path with the path separator...

10CVSS9.2AI score0.99945EPSS
Exploits46Affected Software1
Apache Tomcat
Apache Tomcat
added 2025/02/10 12:0 a.m.31 views

Fixed in Apache Tomcat 9.0.99

Important: Remote Code Execution and/or Information disclosure and/or malicious content added to uploaded files via write enabled Default Servlet - CVE-2025-24813 The original implementation of partial PUT used a temporary file based on the user provided file name and path with the path separator...

10CVSS9.2AI score0.99945EPSS
Exploits46Affected Software1
Rows per page
Query Builder