SUSE CVE-2025-55668

🗓️ 14 Aug 2025 02:53:05Reported by Suse CVEType

susecve

susecve🔗 www.suse.com👁 1 Views

Tomcat session fixation flaw affects specific 11.0, 10.1, and 9.0 releases; upgrade to fixed versions.

Reporter	Title	Published	Views	Family All 83
IBM Security Bulletins	Security Bulletin: Common Vulnerabilities Addressed in Cloudera Data Platform Private Cloud Base with IBM 7.3.1	15 May 202615:09	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities in Apache Tomcat Server (CVE-2025-52434, CVE-2025-48989, CVE-2025-52520, CVE-2025-53506, CVE-2025-55668, CVE-2025-49125, CVE-2025-48988, CVE-2025-46701, CVE-2025-31651, CVE-2025-31650) affect Power HMC.	20 Nov 202506:10	–	ibm
IBM Security Bulletins	Security Bulletin: IBM webMethods BPM is affected by multiple vulnerabilities	12 Nov 202514:34	–	ibm
Tenable Nessus	Amazon Linux 2023 : tomcat9, tomcat9-admin-webapps, tomcat9-el-3.0-api (ALAS2023-2025-1065)	10 Jul 202500:00	–	nessus
Tenable Nessus	Amazon Linux 2023 : tomcat10, tomcat10-admin-webapps, tomcat10-el-5.0-api (ALAS2023-2025-1093)	4 Aug 202500:00	–	nessus
Tenable Nessus	Amazon Linux 2 : tomcat, --advisory ALAS2TOMCAT9-2025-020 (ALASTOMCAT9-2025-020)	10 Jul 202500:00	–	nessus
Tenable Nessus	Debian dsa-6120 : libtomcat10-embed-java - security update	5 Feb 202600:00	–	nessus
Tenable Nessus	Debian dsa-6121 : libtomcat11-embed-java - security update	5 Feb 202600:00	–	nessus
Tenable Nessus	RHEL 10 : tomcat9 (RHSA-2026:18536)	19 May 202600:00	–	nessus
Tenable Nessus	RHEL 10 : tomcat (RHSA-2026:18537)	19 May 202600:00	–	nessus

Source	Link
suse	www.suse.com/security/cve/CVE-2025-55668
suse	www.suse.com/support/security/rating/
bugzilla	www.bugzilla.suse.com/1248001

21 May 2026 02:34Current

7High risk

Vulners AI Score7

CVSS 3.16.5

EPSS0.00775

SSVC

Tomcat session fixation Apache Tomcat versions Affected releases Upgrade recommended