7 matches found
GHSA-8MC5-53M5-3QJ2 Apache Tomcat has an Improper Input Validation vulnerability
Improper Input Validation vulnerability in Apache Tomcat due to an incomplete fix of CVE-2025-66614. This issue affects Apache Tomcat: from 11.0.15 through 11.0.19, from 10.1.50 through 10.1.52, from 9.0.113 through 9.0.115. Users are recommended to upgrade to version 11.0.20, 10.1.53 or 9.0.116,...
EUVD-2026-21018
Improper Input Validation vulnerability in Apache Tomcat due to an incomplete fix of CVE-2025-66614. This issue affects Apache Tomcat: from 11.0.15 through 11.0.19, from 10.1.50 through 10.1.52, from 9.0.113 through 9.0.115. Users are recommended to upgrade to version 11.0.20, 10.1.53 or 9.0.116,...
SUSE: Security Advisory (SUSE-SU-2026:20926-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLES15 / openSUSE 15 Security Update : tomcat (SUSE-SU-2026:0932-1)
The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0932-1 advisory. Update to Tomcat 9.0.115: - CVE-2025-66614: client certificate verification bypass due to virtual host mapping...
K000160337: Apache Tomcat vulnerabilities CVE-2026-24733, CVE-2026-24734 and CVE-2025-66614
Security Advisory Description CVE-2026-24733 Improper Input Validation vulnerability in Apache Tomcat. Tomcat did not limit HTTP/0.9 requests to the GET method. If a security constraint was configured to allow HEAD requests to a URI but deny GET requests, the user could bypass that constraint on...
CVE-2025-66614
creationtimestamp| type| source ---|---|--- 2026-02-18 07:35:39+00:00| seen| https://bsky.app/profile/shiojiri.com/post/3mf4kxjtp4c2e 2026-02-18 09:40:36+00:00| seen| https://bsky.app/profile/osanpo.bsky.social/post/3mf4rxhluqb2o 2026-03-12 17:33:55+00:00| seen|...
Linux Distros Unpatched Vulnerability : CVE-2025-66614
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper Input Validation vulnerability. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.14, from 10.1.0-M1 through 10.1.49, from 9.0.0-M1 through...