ELSA-2025-14179

Опубликовано: 22 авг. 2025

Источник: oracle-oval

Платформа: Oracle Linux 10

Описание

ELSA-2025-14179: tomcat security update (IMPORTANT)

[1:10.1.36-1.2]

tomcat: Apache Tomcat DoS in multipart upload (CVE-2025-48988)
tomcat: Apache Tomcat: Security constraint bypass for pre/post-resources (CVE-2025-49125)
apache-commons-fileupload: Apache Commons FileUpload DoS via part headers (CVE-2025-48976)
tomcat: http/2 'MadeYouReset' DoS attack through HTTP/2 control frames (CVE-2025-48989)
tomcat: Apache Tomcat denial of service (CVE-2025-52520)
tomcat: Apache Tomcat denial of service (CVE-2025-53506)

Обновленные пакеты

Oracle Linux 10

Oracle Linux aarch64

tomcat

10.1.36-1.el10_0.2

tomcat-admin-webapps

10.1.36-1.el10_0.2

tomcat-docs-webapp

10.1.36-1.el10_0.2

tomcat-el-5.0-api

10.1.36-1.el10_0.2

tomcat-jsp-3.1-api

10.1.36-1.el10_0.2

tomcat-lib

10.1.36-1.el10_0.2

tomcat-servlet-6.0-api

10.1.36-1.el10_0.2

tomcat-webapps

10.1.36-1.el10_0.2

Oracle Linux x86_64

tomcat

10.1.36-1.el10_0.2

tomcat-admin-webapps

10.1.36-1.el10_0.2

tomcat-docs-webapp

10.1.36-1.el10_0.2

tomcat-el-5.0-api

10.1.36-1.el10_0.2

tomcat-jsp-3.1-api

10.1.36-1.el10_0.2

tomcat-lib

10.1.36-1.el10_0.2

tomcat-servlet-6.0-api

10.1.36-1.el10_0.2

tomcat-webapps

10.1.36-1.el10_0.2

Связанные CVE

Ссылки на источники

Связанные уязвимости

ELSA-2025-14181

oracle-oval

12 дней назад

ELSA-2025-14181: tomcat security update (IMPORTANT)

ELSA-2025-14178

oracle-oval

11 дней назад

ELSA-2025-14178: tomcat9 security update (IMPORTANT)

ELSA-2025-14177

oracle-oval

12 дней назад

ELSA-2025-14177: tomcat security update (IMPORTANT)

SUSE-SU-2025:03024-1

suse-cvrf

3 дня назад

Security update for tomcat

SUSE-SU-2025:02979-1

suse-cvrf

7 дней назад

Security update for tomcat11