Количество 12
Количество 12
BDU:2025-09498
Уязвимость компонента компоненте pathInfo URI сервера приложений Apache Tomcat, позволяющая нарушителю обойти существующие ограничения безопасности
ROS-20250911-06
Уязвимость tomcat11
ROS-20250911-05
Уязвимость tomcat10
ROS-20250911-04
Уязвимость tomcat
CVE-2025-46701
Improper Handling of Case Sensitivity vulnerability in Apache Tomcat's GCI servlet allows security constraint bypass of security constraints that apply to the pathInfo component of a URI mapped to the CGI servlet. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.6, from 10.1.0-M1 through 10.1.40, from 9.0.0.M1 through 9.0.104. The following versions were EOL at the time the CVE was created but are known to be affected: 8.5.0 though 8.5.100. Other, older, EOL versions may also be affected. Users are recommended to upgrade to version 11.0.7, 10.1.41 or 9.0.105, which fixes the issue.
CVE-2025-46701
Improper Handling of Case Sensitivity vulnerability in Apache Tomcat's GCI servlet allows security constraint bypass of security constraints that apply to the pathInfo component of a URI mapped to the CGI servlet. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.6, from 10.1.0-M1 through 10.1.40, from 9.0.0.M1 through 9.0.104. The following versions were EOL at the time the CVE was created but are known to be affected: 8.5.0 though 8.5.100. Other, older, EOL versions may also be affected. Users are recommended to upgrade to version 11.0.7, 10.1.41 or 9.0.105, which fixes the issue.
CVE-2025-46701
Improper Handling of Case Sensitivity vulnerability in Apache Tomcat's GCI servlet allows security constraint bypass of security constraints that apply to the pathInfo component of a URI mapped to the CGI servlet. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.6, from 10.1.0-M1 through 10.1.40, from 9.0.0.M1 through 9.0.104. The following versions were EOL at the time the CVE was created but are known to be affected: 8.5.0 though 8.5.100. Other, older, EOL versions may also be affected. Users are recommended to upgrade to version 11.0.7, 10.1.41 or 9.0.105, which fixes the issue.
CVE-2025-46701
Improper Handling of Case Sensitivity vulnerability in Apache Tomcat's ...
GHSA-h2fw-rfh5-95r3
Apache Tomcat - CGI security constraint bypass
SUSE-SU-2025:02280-1
Security update for tomcat
SUSE-SU-2025:02261-1
Security update for tomcat10
SUSE-SU-2025:02214-1
Security update for tomcat
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | BDU:2025-09498 Уязвимость компонента компоненте pathInfo URI сервера приложений Apache Tomcat, позволяющая нарушителю обойти существующие ограничения безопасности | CVSS3: 7.3 | 0% Низкий | 5 месяцев назад |
 | ROS-20250911-06 Уязвимость tomcat11 | CVSS3: 7.3 | 0% Низкий | около 2 месяцев назад |
| ROS-20250911-05 Уязвимость tomcat10 | CVSS3: 7.3 | 0% Низкий | около 2 месяцев назад |
| ROS-20250911-04 Уязвимость tomcat | CVSS3: 7.3 | 0% Низкий | около 2 месяцев назад |
 | CVE-2025-46701 Improper Handling of Case Sensitivity vulnerability in Apache Tomcat's GCI servlet allows security constraint bypass of security constraints that apply to the pathInfo component of a URI mapped to the CGI servlet. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.6, from 10.1.0-M1 through 10.1.40, from 9.0.0.M1 through 9.0.104. The following versions were EOL at the time the CVE was created but are known to be affected: 8.5.0 though 8.5.100. Other, older, EOL versions may also be affected. Users are recommended to upgrade to version 11.0.7, 10.1.41 or 9.0.105, which fixes the issue. | CVSS3: 7.3 | 0% Низкий | 5 месяцев назад |
 | CVE-2025-46701 Improper Handling of Case Sensitivity vulnerability in Apache Tomcat's GCI servlet allows security constraint bypass of security constraints that apply to the pathInfo component of a URI mapped to the CGI servlet. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.6, from 10.1.0-M1 through 10.1.40, from 9.0.0.M1 through 9.0.104. The following versions were EOL at the time the CVE was created but are known to be affected: 8.5.0 though 8.5.100. Other, older, EOL versions may also be affected. Users are recommended to upgrade to version 11.0.7, 10.1.41 or 9.0.105, which fixes the issue. | CVSS3: 6.5 | 0% Низкий | 5 месяцев назад |
 | CVE-2025-46701 Improper Handling of Case Sensitivity vulnerability in Apache Tomcat's GCI servlet allows security constraint bypass of security constraints that apply to the pathInfo component of a URI mapped to the CGI servlet. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.6, from 10.1.0-M1 through 10.1.40, from 9.0.0.M1 through 9.0.104. The following versions were EOL at the time the CVE was created but are known to be affected: 8.5.0 though 8.5.100. Other, older, EOL versions may also be affected. Users are recommended to upgrade to version 11.0.7, 10.1.41 or 9.0.105, which fixes the issue. | CVSS3: 7.3 | 0% Низкий | 5 месяцев назад |
| CVE-2025-46701 Improper Handling of Case Sensitivity vulnerability in Apache Tomcat's ... | CVSS3: 7.3 | 0% Низкий | 5 месяцев назад |
| GHSA-h2fw-rfh5-95r3 Apache Tomcat - CGI security constraint bypass | 0% Низкий | 5 месяцев назад | |
 | SUSE-SU-2025:02280-1 Security update for tomcat | 4 месяца назад | ||
| SUSE-SU-2025:02261-1 Security update for tomcat10 | 4 месяца назад | ||
| SUSE-SU-2025:02214-1 Security update for tomcat | 4 месяца назад |
Уязвимостей на страницу