6 matches found
Security Bulletin: Multiple Vulnerabilities in IBM DevOps Build.
Summary Multiple vulnerabilities were addressed in IBM DevOps Build 7.1.0.2. Vulnerability Details CVEID:CVE-2025-52434 DESCRIPTION: Concurrent Execution using Shared Resource with Improper Synchronization 'Race Condition' vulnerability in Apache Tomcat when using the APR/Native connector. This w...
Atlassian Jira Service Management Data Center and Server 5.12.0 < 5.12.26 / 5.13.x < 10.3.16 (JSDSERVER-16499)
The version of Atlassian Jira Service Management Data Center and Server Jira Service Desk running on the remote host is affected by a vulnerability as referenced in the JSDSERVER-16499 advisory. - Concurrent Execution using Shared Resource with Improper Synchronization 'Race Condition'...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: tomcat (UTSA-2025-986105)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986105 advisory. Concurrent Execution using Shared Resource with Improper Synchronization 'Race Condition' vulnerability in Apache Tomcat when using the APR/Native connector. This wa...
CVE-2025-52434
Concurrent Execution using Shared Resource with Improper Synchronization 'Race Condition' vulnerability in Apache Tomcat when using the APR/Native connector. This was particularly noticeable with client initiated closes of HTTP/2 connections. This issue affects Apache Tomcat: from 9.0.0.M1 throug...
Race Condition
Overview org.apache.tomcat.embed:tomcat-embed-core is a Core Tomcat implementation. Affected versions of this package are vulnerable to Race Condition on connection close when using the APR/Native connector. An attacker could trigger a JVM crash by rapidly opening and closing HTTP/2 connections...
CVE-2024-56337
Time-of-check Time-of-use TOCTOU Race Condition vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.1, from 10.1.0-M1 through 10.1.33, from 9.0.0.M1 through 9.0.97. The following versions were EOL at the time the CVE was created but are known to be...