Tomcat — контейнер сервлетов с открытым исходным кодом

Релизный цикл, информация об уязвимостях

Продукт: Tomcat

Вендор: apache

График релизов

Недавние уязвимости Tomcat

Количество 1 243

RLSA-2025:7494

30 дней назад

Moderate: tomcat9 security update

EPSS: Критический

SUSE-SU-2025:03006-1

2 месяца назад

Security update for tomcat10

EPSS: Низкий

SUSE-SU-2025:02992-1

2 месяца назад

Security update for tomcat11

EPSS: Низкий

GHSA-23hv-mwm6-g8jf

3 месяца назад

Apache Tomcat Session Fixation vulnerability

CVSS3: 6.5

EPSS: Низкий

GHSA-gqp3-2cvr-x8m3

3 месяца назад

Apache Tomcat Improper Resource Shutdown or Release vulnerability

CVSS3: 7.5

EPSS: Низкий

CVE-2025-55668

3 месяца назад

Session Fixation vulnerability in Apache Tomcat via rewrite valve. Th ...

CVSS3: 6.5

EPSS: Низкий

CVE-2025-55668

3 месяца назад

Session Fixation vulnerability in Apache Tomcat via rewrite valve. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.7, from 10.1.0-M1 through 10.1.41, from 9.0.0.M1 through 9.0.105. Older, EOL versions may also be affected. Users are recommended to upgrade to version 11.0.8, 10.1.42 or 9.0.106, which fix the issue.

CVSS3: 6.5

EPSS: Низкий

CVE-2025-55668

3 месяца назад

Session Fixation vulnerability in Apache Tomcat via rewrite valve. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.7, from 10.1.0-M1 through 10.1.41, from 9.0.0.M1 through 9.0.105. Older, EOL versions may also be affected. Users are recommended to upgrade to version 11.0.8, 10.1.42 or 9.0.106, which fix the issue.

CVSS3: 6.5

EPSS: Низкий

CVE-2025-55668

3 месяца назад

Session Fixation vulnerability in Apache Tomcat via rewrite valve. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.7, from 10.1.0-M1 through 10.1.41, from 9.0.0.M1 through 9.0.105. Older, EOL versions may also be affected. Users are recommended to upgrade to version 11.0.8, 10.1.42 or 9.0.106, which fix the issue.

CVSS3: 6.5

EPSS: Низкий

CVE-2025-48989

3 месяца назад

Improper Resource Shutdown or Release vulnerability in Apache Tomcat m ...

CVSS3: 7.5

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано 1
RLSA-2025:7494 Moderate: tomcat9 security update		94% Критический	30 дней назад
SUSE-SU-2025:03006-1 Security update for tomcat10		0% Низкий	2 месяца назад
SUSE-SU-2025:02992-1 Security update for tomcat11		0% Низкий	2 месяца назад
GHSA-23hv-mwm6-g8jf Apache Tomcat Session Fixation vulnerability	CVSS3: 6.5	0% Низкий	3 месяца назад
GHSA-gqp3-2cvr-x8m3 Apache Tomcat Improper Resource Shutdown or Release vulnerability	CVSS3: 7.5	0% Низкий	3 месяца назад
CVE-2025-55668 Session Fixation vulnerability in Apache Tomcat via rewrite valve. Th ...	CVSS3: 6.5	0% Низкий	3 месяца назад
CVE-2025-55668 Session Fixation vulnerability in Apache Tomcat via rewrite valve. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.7, from 10.1.0-M1 through 10.1.41, from 9.0.0.M1 through 9.0.105. Older, EOL versions may also be affected. Users are recommended to upgrade to version 11.0.8, 10.1.42 or 9.0.106, which fix the issue.	CVSS3: 6.5	0% Низкий	3 месяца назад
CVE-2025-55668 Session Fixation vulnerability in Apache Tomcat via rewrite valve. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.7, from 10.1.0-M1 through 10.1.41, from 9.0.0.M1 through 9.0.105. Older, EOL versions may also be affected. Users are recommended to upgrade to version 11.0.8, 10.1.42 or 9.0.106, which fix the issue.	CVSS3: 6.5	0% Низкий	3 месяца назад
CVE-2025-55668 Session Fixation vulnerability in Apache Tomcat via rewrite valve. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.7, from 10.1.0-M1 through 10.1.41, from 9.0.0.M1 through 9.0.105. Older, EOL versions may also be affected. Users are recommended to upgrade to version 11.0.8, 10.1.42 or 9.0.106, which fix the issue.	CVSS3: 6.5	0% Низкий	3 месяца назад
CVE-2025-48989 Improper Resource Shutdown or Release vulnerability in Apache Tomcat m ...	CVSS3: 7.5	0% Низкий	3 месяца назад

Уязвимостей на страницу