Lucene search
K

7 matches found

OSV
OSV
added 2026/04/09 9:31 p.m.9 views

GHSA-8MC5-53M5-3QJ2 Apache Tomcat has an Improper Input Validation vulnerability

Improper Input Validation vulnerability in Apache Tomcat due to an incomplete fix of CVE-2025-66614. This issue affects Apache Tomcat: from 11.0.15 through 11.0.19, from 10.1.50 through 10.1.52, from 9.0.113 through 9.0.115. Users are recommended to upgrade to version 11.0.20, 10.1.53 or 9.0.116,...

6.9CVSS5.8AI score0.00307EPSS
Exploits0References10
EUVD
EUVD
added 2026/04/09 9:31 p.m.5 views

EUVD-2026-21018

Improper Input Validation vulnerability in Apache Tomcat due to an incomplete fix of CVE-2025-66614. This issue affects Apache Tomcat: from 11.0.15 through 11.0.19, from 10.1.50 through 10.1.52, from 9.0.113 through 9.0.115. Users are recommended to upgrade to version 11.0.20, 10.1.53 or 9.0.116,...

9.1CVSS6.6AI score0.00307EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2026/04/03 12:0 a.m.13 views

SUSE: Security Advisory (SUSE-SU-2026:20926-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.1CVSS7.3AI score0.00498EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2026/03/20 12:0 a.m.3 views

SUSE SLES15 / openSUSE 15 Security Update : tomcat (SUSE-SU-2026:0932-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0932-1 advisory. Update to Tomcat 9.0.115: - CVE-2025-66614: client certificate verification bypass due to virtual host mapping...

9.1CVSS7AI score0.00498EPSS
Exploits0References10
F5 Networks
F5 Networks
added 2026/03/13 4:52 a.m.15 views

K000160337: Apache Tomcat vulnerabilities CVE-2026-24733, CVE-2026-24734 and CVE-2025-66614

Security Advisory Description CVE-2026-24733 Improper Input Validation vulnerability in Apache Tomcat. Tomcat did not limit HTTP/0.9 requests to the GET method. If a security constraint was configured to allow HEAD requests to a URI but deny GET requests, the user could bypass that constraint on...

9.1CVSS7.5AI score0.00498EPSS
Exploits0
Circl
Circl
added 2026/02/18 7:35 a.m.4 views

CVE-2025-66614

creationtimestamp| type| source ---|---|--- 2026-02-18 07:35:39+00:00| seen| https://bsky.app/profile/shiojiri.com/post/3mf4kxjtp4c2e 2026-02-18 09:40:36+00:00| seen| https://bsky.app/profile/osanpo.bsky.social/post/3mf4rxhluqb2o 2026-03-12 17:33:55+00:00| seen|...

9.1CVSS6.7AI score0.00235EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2026/02/18 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2025-66614

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper Input Validation vulnerability. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.14, from 10.1.0-M1 through 10.1.49, from 9.0.0-M1 through...

9.1CVSS6.7AI score0.00235EPSS
Exploits0References3
Rows per page
Query Builder