Количество 12
Количество 12
BDU:2025-05707
Уязвимость сервера приложений Apache Tomcat, связанная с недостатком механизма кодирования или экранирования выходных данных, позволяющая нарушителю оказать влияние на конфиденциальность, целостность и доступность защищаемой информации
CVE-2025-31651
Improper Neutralization of Escape, Meta, or Control Sequences vulnerability in Apache Tomcat. For a subset of unlikely rewrite rule configurations, it was possible for a specially crafted request to bypass some rewrite rules. If those rewrite rules effectively enforced security constraints, those constraints could be bypassed. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.5, from 10.1.0-M1 through 10.1.39, from 9.0.0.M1 through 9.0.102. Users are recommended to upgrade to version [FIXED_VERSION], which fixes the issue.
CVE-2025-31651
Improper Neutralization of Escape, Meta, or Control Sequences vulnerability in Apache Tomcat. For a subset of unlikely rewrite rule configurations, it was possible for a specially crafted request to bypass some rewrite rules. If those rewrite rules effectively enforced security constraints, those constraints could be bypassed. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.5, from 10.1.0-M1 through 10.1.39, from 9.0.0.M1 through 9.0.102. Users are recommended to upgrade to version [FIXED_VERSION], which fixes the issue.
CVE-2025-31651
Improper Neutralization of Escape, Meta, or Control Sequences vulnerability in Apache Tomcat. For a subset of unlikely rewrite rule configurations, it was possible for a specially crafted request to bypass some rewrite rules. If those rewrite rules effectively enforced security constraints, those constraints could be bypassed. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.5, from 10.1.0-M1 through 10.1.39, from 9.0.0.M1 through 9.0.102. Users are recommended to upgrade to version [FIXED_VERSION], which fixes the issue.
CVE-2025-31651
Improper Neutralization of Escape, Meta, or Control Sequences vulnerab ...
SUSE-SU-2025:01882-1
Security update for tomcat
GHSA-ff77-26x5-69cr
Apache Tomcat Rewrite rule bypass
SUSE-SU-2025:1537-1
Security update for tomcat10
SUSE-SU-2025:1521-1
Security update for tomcat
SUSE-SU-2025:01537-1
Security update for tomcat10
SUSE-SU-2025:01521-1
Security update for tomcat
ROS-20250515-10
Множественные уязвимости tomcat
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | BDU:2025-05707 Уязвимость сервера приложений Apache Tomcat, связанная с недостатком механизма кодирования или экранирования выходных данных, позволяющая нарушителю оказать влияние на конфиденциальность, целостность и доступность защищаемой информации | CVSS3: 9.8 | 0% Низкий | около 2 месяцев назад |
 | CVE-2025-31651 Improper Neutralization of Escape, Meta, or Control Sequences vulnerability in Apache Tomcat. For a subset of unlikely rewrite rule configurations, it was possible for a specially crafted request to bypass some rewrite rules. If those rewrite rules effectively enforced security constraints, those constraints could be bypassed. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.5, from 10.1.0-M1 through 10.1.39, from 9.0.0.M1 through 9.0.102. Users are recommended to upgrade to version [FIXED_VERSION], which fixes the issue. | CVSS3: 9.8 | 0% Низкий | около 2 месяцев назад |
 | CVE-2025-31651 Improper Neutralization of Escape, Meta, or Control Sequences vulnerability in Apache Tomcat. For a subset of unlikely rewrite rule configurations, it was possible for a specially crafted request to bypass some rewrite rules. If those rewrite rules effectively enforced security constraints, those constraints could be bypassed. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.5, from 10.1.0-M1 through 10.1.39, from 9.0.0.M1 through 9.0.102. Users are recommended to upgrade to version [FIXED_VERSION], which fixes the issue. | CVSS3: 5.3 | 0% Низкий | около 2 месяцев назад |
 | CVE-2025-31651 Improper Neutralization of Escape, Meta, or Control Sequences vulnerability in Apache Tomcat. For a subset of unlikely rewrite rule configurations, it was possible for a specially crafted request to bypass some rewrite rules. If those rewrite rules effectively enforced security constraints, those constraints could be bypassed. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.5, from 10.1.0-M1 through 10.1.39, from 9.0.0.M1 through 9.0.102. Users are recommended to upgrade to version [FIXED_VERSION], which fixes the issue. | CVSS3: 9.8 | 0% Низкий | около 2 месяцев назад |
| CVE-2025-31651 Improper Neutralization of Escape, Meta, or Control Sequences vulnerab ... | CVSS3: 9.8 | 0% Низкий | около 2 месяцев назад |
 | SUSE-SU-2025:01882-1 Security update for tomcat | 0% Низкий | 8 дней назад | |
| GHSA-ff77-26x5-69cr Apache Tomcat Rewrite rule bypass | 0% Низкий | около 2 месяцев назад | |
| SUSE-SU-2025:1537-1 Security update for tomcat10 | около 1 месяца назад | ||
| SUSE-SU-2025:1521-1 Security update for tomcat | около 1 месяца назад | ||
| SUSE-SU-2025:01537-1 Security update for tomcat10 | 21 день назад | ||
| SUSE-SU-2025:01521-1 Security update for tomcat | 21 день назад | ||
 | ROS-20250515-10 Множественные уязвимости tomcat | CVSS3: 9.8 | около 1 месяца назад |
Уязвимостей на страницу