exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 16

BDU:2025-05708

6 месяцев назад

Уязвимость сервера приложений Apache Tomcat, связанная с неполной очисткой временных или вспомогательных ресурсов, позволяющая нарушителю вызвать отказ в обслуживании

CVSS3: 7.5

EPSS: Низкий

CVE-2025-31650

6 месяцев назад

Improper Input Validation vulnerability in Apache Tomcat. Incorrect error handling for some invalid HTTP priority headers resulted in incomplete clean-up of the failed request which created a memory leak. A large number of such requests could trigger an OutOfMemoryException resulting in a denial of service. This issue affects Apache Tomcat: from 9.0.76 through 9.0.102, from 10.1.10 through 10.1.39, from 11.0.0-M2 through 11.0.5. The following versions were EOL at the time the CVE was created but are known to be affected: 8.5.90 though 8.5.100. Users are recommended to upgrade to version 9.0.104, 10.1.40 or 11.0.6 which fix the issue.

CVSS3: 7.5

EPSS: Низкий

CVE-2025-31650

6 месяцев назад

CVSS3: 7.5

EPSS: Низкий

CVE-2025-31650

6 месяцев назад

CVSS3: 7.5

EPSS: Низкий

CVE-2025-31650

6 месяцев назад

Improper Input Validation vulnerability in Apache Tomcat. Incorrect er ...

CVSS3: 7.5

EPSS: Низкий

GHSA-3p2h-wqq4-wf4h

6 месяцев назад

Apache Tomcat Denial of Service via invalid HTTP priority header

EPSS: Низкий

SUSE-SU-2025:1537-1

6 месяцев назад

Security update for tomcat10

EPSS: Низкий

SUSE-SU-2025:1521-1

6 месяцев назад

Security update for tomcat

EPSS: Низкий

SUSE-SU-2025:01537-1

5 месяцев назад

Security update for tomcat10

EPSS: Низкий

SUSE-SU-2025:01521-1

5 месяцев назад

Security update for tomcat

EPSS: Низкий

ROS-20250515-10

6 месяцев назад

Множественные уязвимости tomcat

CVSS3: 9.8

EPSS: Низкий

RLSA-2025:11333

3 месяца назад

Important: tomcat security update

EPSS: Низкий

RLSA-2025:11332

около 1 месяца назад

Important: tomcat9 security update

EPSS: Низкий

ELSA-2025-11335

4 месяца назад

ELSA-2025-11335: tomcat security update (IMPORTANT)

EPSS: Низкий

ELSA-2025-11333

4 месяца назад

ELSA-2025-11333: tomcat security update (IMPORTANT)

EPSS: Низкий

ELSA-2025-11332

4 месяца назад

ELSA-2025-11332: tomcat9 security update (IMPORTANT)

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
BDU:2025-05708 Уязвимость сервера приложений Apache Tomcat, связанная с неполной очисткой временных или вспомогательных ресурсов, позволяющая нарушителю вызвать отказ в обслуживании	CVSS3: 7.5	5% Низкий	6 месяцев назад
CVE-2025-31650 Improper Input Validation vulnerability in Apache Tomcat. Incorrect error handling for some invalid HTTP priority headers resulted in incomplete clean-up of the failed request which created a memory leak. A large number of such requests could trigger an OutOfMemoryException resulting in a denial of service. This issue affects Apache Tomcat: from 9.0.76 through 9.0.102, from 10.1.10 through 10.1.39, from 11.0.0-M2 through 11.0.5. The following versions were EOL at the time the CVE was created but are known to be affected: 8.5.90 though 8.5.100. Users are recommended to upgrade to version 9.0.104, 10.1.40 or 11.0.6 which fix the issue.	CVSS3: 7.5	5% Низкий	6 месяцев назад
CVE-2025-31650 Improper Input Validation vulnerability in Apache Tomcat. Incorrect error handling for some invalid HTTP priority headers resulted in incomplete clean-up of the failed request which created a memory leak. A large number of such requests could trigger an OutOfMemoryException resulting in a denial of service. This issue affects Apache Tomcat: from 9.0.76 through 9.0.102, from 10.1.10 through 10.1.39, from 11.0.0-M2 through 11.0.5. The following versions were EOL at the time the CVE was created but are known to be affected: 8.5.90 though 8.5.100. Users are recommended to upgrade to version 9.0.104, 10.1.40 or 11.0.6 which fix the issue.	CVSS3: 7.5	5% Низкий	6 месяцев назад
CVE-2025-31650 Improper Input Validation vulnerability in Apache Tomcat. Incorrect error handling for some invalid HTTP priority headers resulted in incomplete clean-up of the failed request which created a memory leak. A large number of such requests could trigger an OutOfMemoryException resulting in a denial of service. This issue affects Apache Tomcat: from 9.0.76 through 9.0.102, from 10.1.10 through 10.1.39, from 11.0.0-M2 through 11.0.5. The following versions were EOL at the time the CVE was created but are known to be affected: 8.5.90 though 8.5.100. Users are recommended to upgrade to version 9.0.104, 10.1.40 or 11.0.6 which fix the issue.	CVSS3: 7.5	5% Низкий	6 месяцев назад
CVE-2025-31650 Improper Input Validation vulnerability in Apache Tomcat. Incorrect er ...	CVSS3: 7.5	5% Низкий	6 месяцев назад
GHSA-3p2h-wqq4-wf4h Apache Tomcat Denial of Service via invalid HTTP priority header		5% Низкий	6 месяцев назад
SUSE-SU-2025:1537-1 Security update for tomcat10			6 месяцев назад
SUSE-SU-2025:1521-1 Security update for tomcat			6 месяцев назад
SUSE-SU-2025:01537-1 Security update for tomcat10			5 месяцев назад
SUSE-SU-2025:01521-1 Security update for tomcat			5 месяцев назад
ROS-20250515-10 Множественные уязвимости tomcat	CVSS3: 9.8		6 месяцев назад
RLSA-2025:11333 Important: tomcat security update			3 месяца назад
RLSA-2025:11332 Important: tomcat9 security update			около 1 месяца назад
ELSA-2025-11335 ELSA-2025-11335: tomcat security update (IMPORTANT)			4 месяца назад
ELSA-2025-11333 ELSA-2025-11333: tomcat security update (IMPORTANT)			4 месяца назад
ELSA-2025-11332 ELSA-2025-11332: tomcat9 security update (IMPORTANT)			4 месяца назад

Уязвимостей на страницу