Lucene search
K

6 matches found

OSV
OSV
added 2026/06/24 1:58 p.m.7 views

ROOT-APP-MAVEN-CVE-2025-31651 CVE-2025-31651 in io.root.org.apache.tomcat:tomcat-catalina - Patched by Root

Root has patched CVE-2025-31651 in the io.root.org.apache.tomcat:tomcat-catalina package for Root:Maven. Multiple fixed versions available...

9.8CVSS6.9AI score0.0418EPSS
Exploits1
OSV
OSV
added 2025/12/02 11:7 p.m.8 views

CLSA-2025-1764716872 tomcat: Fix of CVE-2025-31651

CVE-2025-31651: fix improper neutralization of escape, meta, or control sequences...

9.8CVSS7.2AI score0.0418EPSS
Exploits1References1
Rosalinux
Rosalinux
added 2025/09/09 10:17 a.m.12 views

Advisory ROSA-SA-2025-2970

software: tomcat 9.0.37 WASP: ROSA-CHROME unaffected versions = tomcat-9.0.37-8 affected versions tomcat-9.0.37-8 CVE-ID: CVE-2025-31651 BDU-ID: 2025-05707 CVE-Crit: CRITICAL CVE-DESC.: A vulnerability in the Apache Tomcat application server is related to a flaw in the output encoding or escaping...

9.8CVSS7.8AI score0.0418EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2025/08/20 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2025-31651

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper Neutralization of Escape, Meta, or Control Sequences vulnerability in Apache Tomcat. For a subset of unlikely rewrite rule configurations, it was...

9.8CVSS7AI score0.0418EPSS
Exploits1References3
OSV
OSV
added 2025/06/24 4:0 p.m.7 views

CLSA-2025-1750780819 Fix CVE(s): CVE-2025-31651

SECURITY UPDATE: Improper Neutralization of Escape, Meta, or Control Sequences vulnerability - debian/patches/CVE-2025-31651.patch: Enforces rewrite rules to preventing bypass of security constraints in specific configurations - CVE-2025-31651...

9.8CVSS7AI score0.0418EPSS
Exploits1References1
SUSE Linux
SUSE Linux
added 2025/05/13 2:49 a.m.9 views

Security update for tomcat10

This update for tomcat10 fixes the following issues: Update to Tomcat 10.1.40 CVE-2025-31650: invalid priority field values should be ignored bsc1242008 CVE-2025-31651: Better handling of URLs with literal ';' and '?' bsc1242009 Full changelog:...

8.7CVSS6.8AI score0.66933EPSS
Exploits6References8
Rows per page
Query Builder