Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2025-55752 (GCVE-0-2025-55752)
Vulnerability from cvelistv5
Published
2025-10-27 17:29
Modified
2025-11-10 21:38
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-23 - Relative Path Traversal
Summary
Relative Path Traversal vulnerability in Apache Tomcat.
The fix for bug 60013 introduced a regression where the rewritten URL was normalized before it was decoded. This introduced the possibility that, for rewrite rules that rewrite query parameters to the URL, an attacker could manipulate the request URI to bypass security constraints including the protection for /WEB-INF/ and /META-INF/. If PUT requests were also enabled then malicious files could be uploaded leading to remote code execution. PUT requests are normally limited to trusted users and it is considered unlikely that PUT requests would be enabled in conjunction with a rewrite that manipulated the URI.
This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.10, from 10.1.0-M1 through 10.1.44, from 9.0.0.M11 through 9.0.108.
The following versions were EOL at the time the CVE was created but are
known to be affected: 8.5.6 though 8.5.100. Other, older, EOL versions may also be affected.
Users are recommended to upgrade to version 11.0.11 or later, 10.1.45 or later or 9.0.109 or later, which fix the issue.
References
| URL | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache Tomcat |
Version: 11.0.0-M1 ≤ 11.0.10 Version: 10.1.0-M1 ≤ 10.1.44 Version: 9.0.0.M11 ≤ 9.0.108 Version: 8.5.6 ≤ 8.5.100 |
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-55752",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-27T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-28T03:56:05.552Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-10T21:38:09.790Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2025/10/27/4"
},
{
"url": "https://www.vicarius.io/vsociety/posts/cve-2025-55752-detect-apache-tomcat-vulnerability"
},
{
"url": "https://www.vicarius.io/vsociety/posts/cve-2025-55752-mitigate-apache-tomcat-vulnerability"
}
],
"title": "CVE Program Container",
"x_generator": {
"engine": "ADPogram 0.0.1"
}
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Apache Tomcat",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThanOrEqual": "11.0.10",
"status": "affected",
"version": "11.0.0-M1",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.1.44",
"status": "affected",
"version": "10.1.0-M1",
"versionType": "semver"
},
{
"lessThanOrEqual": "9.0.108",
"status": "affected",
"version": "9.0.0.M11",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.5.100",
"status": "affected",
"version": "8.5.6",
"versionType": "semver"
},
{
"lessThan": "8.5.0",
"status": "unknown",
"version": "3",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.0.27",
"status": "unknown",
"version": "10.0.0-M1",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Chumy Tsai (github.com/Jimmy01240397) @ CyCraft Technology Intern"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eRelative Path Traversal vulnerability in Apache Tomcat.\u003c/p\u003e\u003cdiv\u003e\u003cp\u003eThe fix for bug 60013 introduced a regression where the rewritten URL was normalized before it was decoded. This introduced the possibility that, for rewrite rules that rewrite query parameters to the URL, an attacker could manipulate the request URI to bypass security constraints including the protection for /WEB-INF/ and /META-INF/. If PUT requests were also enabled then malicious files could be uploaded leading to remote code execution. PUT requests are normally limited to trusted users and it is considered unlikely that PUT requests would be enabled in conjunction with a rewrite that manipulated the URI.\u003c/p\u003e\u003c/div\u003e\u003cp\u003eThis issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.10, from 10.1.0-M1 through 10.1.44, from 9.0.0.M11 through 9.0.108.\u003c/p\u003eThe following versions were EOL at the time the CVE was created but are \nknown to be affected: 8.5.6 though 8.5.100. Other, older, EOL versions may also be affected.\u003cbr\u003e\u003cp\u003eUsers are recommended to upgrade to version 11.0.11 or later, 10.1.45 or later or 9.0.109 or later, which fix the issue.\u003c/p\u003e"
}
],
"value": "Relative Path Traversal vulnerability in Apache Tomcat.\n\nThe fix for bug 60013 introduced a regression where the rewritten URL was normalized before it was decoded. This introduced the possibility that, for rewrite rules that rewrite query parameters to the URL, an attacker could manipulate the request URI to bypass security constraints including the protection for /WEB-INF/ and /META-INF/. If PUT requests were also enabled then malicious files could be uploaded leading to remote code execution. PUT requests are normally limited to trusted users and it is considered unlikely that PUT requests would be enabled in conjunction with a rewrite that manipulated the URI.\n\n\n\nThis issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.10, from 10.1.0-M1 through 10.1.44, from 9.0.0.M11 through 9.0.108.\n\nThe following versions were EOL at the time the CVE was created but are \nknown to be affected: 8.5.6 though 8.5.100. Other, older, EOL versions may also be affected.\nUsers are recommended to upgrade to version 11.0.11 or later, 10.1.45 or later or 9.0.109 or later, which fix the issue."
}
],
"metrics": [
{
"other": {
"content": {
"text": "important"
},
"type": "Textual description of severity"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-23",
"description": "CWE-23 Relative Path Traversal",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-29T11:38:56.846Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://lists.apache.org/thread/n05kjcwyj1s45ovs8ll1qrrojhfb1tog"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Apache Tomcat: Directory traversal via rewrite with possible RCE if PUT is enabled",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2025-55752",
"datePublished": "2025-10-27T17:29:56.060Z",
"dateReserved": "2025-08-15T08:14:18.969Z",
"dateUpdated": "2025-11-10T21:38:09.790Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2025-55752\",\"sourceIdentifier\":\"security@apache.org\",\"published\":\"2025-10-27T18:15:42.283\",\"lastModified\":\"2025-11-14T17:44:41.047\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Relative Path Traversal vulnerability in Apache Tomcat.\\n\\nThe fix for bug 60013 introduced a regression where the rewritten URL was normalized before it was decoded. This introduced the possibility that, for rewrite rules that rewrite query parameters to the URL, an attacker could manipulate the request URI to bypass security constraints including the protection for /WEB-INF/ and /META-INF/. If PUT requests were also enabled then malicious files could be uploaded leading to remote code execution. PUT requests are normally limited to trusted users and it is considered unlikely that PUT requests would be enabled in conjunction with a rewrite that manipulated the URI.\\n\\n\\n\\nThis issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.10, from 10.1.0-M1 through 10.1.44, from 9.0.0.M11 through 9.0.108.\\n\\nThe following versions were EOL at the time the CVE was created but are \\nknown to be affected: 8.5.6 though 8.5.100. Other, older, EOL versions may also be affected.\\nUsers are recommended to upgrade to version 11.0.11 or later, 10.1.45 or later or 9.0.109 or later, which fix the issue.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.6,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"security@apache.org\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-23\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"8.5.6\",\"versionEndIncluding\":\"8.5.100\",\"matchCriteriaId\":\"FE87467F-4329-41D6-B68F-EBF2881F7B70\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"9.0.1\",\"versionEndExcluding\":\"9.0.109\",\"matchCriteriaId\":\"5A5E503E-C3EC-4094-98E8-2CD3256D027E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"10.0.0\",\"versionEndExcluding\":\"10.0.27\",\"matchCriteriaId\":\"B30CA0D9-834D-4044-B03B-7E6E60A4B0E6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"10.1.0\",\"versionEndExcluding\":\"10.1.45\",\"matchCriteriaId\":\"27F4F718-AE8D-417A-BEE4-780FD77625D2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"11.0.0\",\"versionEndExcluding\":\"11.0.11\",\"matchCriteriaId\":\"FC2A3FE1-BC50-419D-AEFA-097C58A3F243\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:9.0.0:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"67BBBD83-E232-4198-9748-C512D9E0EEDD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:9.0.0:milestone11:*:*:*:*:*:*\",\"matchCriteriaId\":\"8B6787B6-54A8-475E-BA1C-AB99334B2535\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:9.0.0:milestone12:*:*:*:*:*:*\",\"matchCriteriaId\":\"EABB6FBC-7486-44D5-A6AD-FFF1D3F677E1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:9.0.0:milestone13:*:*:*:*:*:*\",\"matchCriteriaId\":\"E10C03BC-EE6B-45B2-83AE-9E8DFB58D7DB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:9.0.0:milestone14:*:*:*:*:*:*\",\"matchCriteriaId\":\"8A6DA0BE-908C-4DA8-A191-A0113235E99A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:9.0.0:milestone15:*:*:*:*:*:*\",\"matchCriteriaId\":\"39029C72-28B4-46A4-BFF5-EC822CFB2A4C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:9.0.0:milestone16:*:*:*:*:*:*\",\"matchCriteriaId\":\"1A2E05A3-014F-4C4D-81E5-88E725FBD6AD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:9.0.0:milestone17:*:*:*:*:*:*\",\"matchCriteriaId\":\"166C533C-0833-41D5-99B6-17A4FAB3CAF0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:9.0.0:milestone18:*:*:*:*:*:*\",\"matchCriteriaId\":\"D3768C60-21FA-4B92-B98C-C3A2602D1BC4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:9.0.0:milestone19:*:*:*:*:*:*\",\"matchCriteriaId\":\"DDD510FA-A2E4-4BAF-A0DE-F4E5777E9325\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:9.0.0:milestone20:*:*:*:*:*:*\",\"matchCriteriaId\":\"C2409CC7-6A85-4A66-A457-0D62B9895DC1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:9.0.0:milestone21:*:*:*:*:*:*\",\"matchCriteriaId\":\"B392A7E5-4455-4B1C-8FAC-AE6DDC70689E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:9.0.0:milestone22:*:*:*:*:*:*\",\"matchCriteriaId\":\"EF411DDA-2601-449A-9046-D250419A0E1A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:9.0.0:milestone23:*:*:*:*:*:*\",\"matchCriteriaId\":\"D7D8F2F4-AFE2-47EA-A3FD-79B54324DE02\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:9.0.0:milestone24:*:*:*:*:*:*\",\"matchCriteriaId\":\"1B4FBF97-DE16-4E5E-BE19-471E01818D40\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:9.0.0:milestone25:*:*:*:*:*:*\",\"matchCriteriaId\":\"3B266B1E-24B5-47EE-A421-E0E3CC0C7471\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:9.0.0:milestone26:*:*:*:*:*:*\",\"matchCriteriaId\":\"29614C3A-6FB3-41C7-B56E-9CC3F45B04F0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:9.0.0:milestone27:*:*:*:*:*:*\",\"matchCriteriaId\":\"C6AB156C-8FF6-4727-AF75-590D0DCB3F9D\"}]}]}],\"references\":[{\"url\":\"https://lists.apache.org/thread/n05kjcwyj1s45ovs8ll1qrrojhfb1tog\",\"source\":\"security@apache.org\",\"tags\":[\"Issue Tracking\",\"Vendor Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2025/10/27/4\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://www.vicarius.io/vsociety/posts/cve-2025-55752-detect-apache-tomcat-vulnerability\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://www.vicarius.io/vsociety/posts/cve-2025-55752-mitigate-apache-tomcat-vulnerability\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mitigation\",\"Third Party Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"http://www.openwall.com/lists/oss-security/2025/10/27/4\"}, {\"url\": \"https://www.vicarius.io/vsociety/posts/cve-2025-55752-detect-apache-tomcat-vulnerability\"}, {\"url\": \"https://www.vicarius.io/vsociety/posts/cve-2025-55752-mitigate-apache-tomcat-vulnerability\"}], \"x_generator\": {\"engine\": \"ADPogram 0.0.1\"}, \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2025-11-10T21:38:09.790Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"HIGH\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-55752\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-10-27T17:49:31.254168Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-10-27T17:49:42.049Z\"}}], \"cna\": {\"title\": \"Apache Tomcat: Directory traversal via rewrite with possible RCE if PUT is enabled\", \"source\": {\"discovery\": \"EXTERNAL\"}, \"credits\": [{\"lang\": \"en\", \"type\": \"finder\", \"value\": \"Chumy Tsai (github.com/Jimmy01240397) @ CyCraft Technology Intern\"}], \"metrics\": [{\"other\": {\"type\": \"Textual description of severity\", \"content\": {\"text\": \"important\"}}}], \"affected\": [{\"vendor\": \"Apache Software Foundation\", \"product\": \"Apache Tomcat\", \"versions\": [{\"status\": \"affected\", \"version\": \"11.0.0-M1\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"11.0.10\"}, {\"status\": \"affected\", \"version\": \"10.1.0-M1\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"10.1.44\"}, {\"status\": \"affected\", \"version\": \"9.0.0.M11\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"9.0.108\"}, {\"status\": \"affected\", \"version\": \"8.5.6\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"8.5.100\"}, {\"status\": \"unknown\", \"version\": \"3\", \"lessThan\": \"8.5.0\", \"versionType\": \"semver\"}, {\"status\": \"unknown\", \"version\": \"10.0.0-M1\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"10.0.27\"}], \"defaultStatus\": \"unaffected\"}], \"references\": [{\"url\": \"https://lists.apache.org/thread/n05kjcwyj1s45ovs8ll1qrrojhfb1tog\", \"tags\": [\"vendor-advisory\"]}], \"x_generator\": {\"engine\": \"Vulnogram 0.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"Relative Path Traversal vulnerability in Apache Tomcat.\\n\\nThe fix for bug 60013 introduced a regression where the rewritten URL was normalized before it was decoded. This introduced the possibility that, for rewrite rules that rewrite query parameters to the URL, an attacker could manipulate the request URI to bypass security constraints including the protection for /WEB-INF/ and /META-INF/. If PUT requests were also enabled then malicious files could be uploaded leading to remote code execution. PUT requests are normally limited to trusted users and it is considered unlikely that PUT requests would be enabled in conjunction with a rewrite that manipulated the URI.\\n\\n\\n\\nThis issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.10, from 10.1.0-M1 through 10.1.44, from 9.0.0.M11 through 9.0.108.\\n\\nThe following versions were EOL at the time the CVE was created but are \\nknown to be affected: 8.5.6 though 8.5.100. Other, older, EOL versions may also be affected.\\nUsers are recommended to upgrade to version 11.0.11 or later, 10.1.45 or later or 9.0.109 or later, which fix the issue.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\u003cp\u003eRelative Path Traversal vulnerability in Apache Tomcat.\u003c/p\u003e\u003cdiv\u003e\u003cp\u003eThe fix for bug 60013 introduced a regression where the rewritten URL was normalized before it was decoded. This introduced the possibility that, for rewrite rules that rewrite query parameters to the URL, an attacker could manipulate the request URI to bypass security constraints including the protection for /WEB-INF/ and /META-INF/. If PUT requests were also enabled then malicious files could be uploaded leading to remote code execution. PUT requests are normally limited to trusted users and it is considered unlikely that PUT requests would be enabled in conjunction with a rewrite that manipulated the URI.\u003c/p\u003e\u003c/div\u003e\u003cp\u003eThis issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.10, from 10.1.0-M1 through 10.1.44, from 9.0.0.M11 through 9.0.108.\u003c/p\u003eThe following versions were EOL at the time the CVE was created but are \\nknown to be affected: 8.5.6 though 8.5.100. Other, older, EOL versions may also be affected.\u003cbr\u003e\u003cp\u003eUsers are recommended to upgrade to version 11.0.11 or later, 10.1.45 or later or 9.0.109 or later, which fix the issue.\u003c/p\u003e\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-23\", \"description\": \"CWE-23 Relative Path Traversal\"}]}], \"providerMetadata\": {\"orgId\": \"f0158376-9dc2-43b6-827c-5f631a4d8d09\", \"shortName\": \"apache\", \"dateUpdated\": \"2025-10-29T11:38:56.846Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2025-55752\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-11-10T21:38:09.790Z\", \"dateReserved\": \"2025-08-15T08:14:18.969Z\", \"assignerOrgId\": \"f0158376-9dc2-43b6-827c-5f631a4d8d09\", \"datePublished\": \"2025-10-27T17:29:56.060Z\", \"assignerShortName\": \"apache\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
ghsa-wmwf-9ccg-fff5
Vulnerability from github
Published
2025-10-27 18:31
Modified
2025-11-20 21:49
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
7.7 (High) - CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
7.7 (High) - CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
VLAI Severity ?
Summary
Apache Tomcat Vulnerable to Relative Path Traversal
Details
The fix for bug 60013 introduced a regression where the rewritten URL was normalized before it was decoded. This introduced the possibility that, for rewrite rules that rewrite query parameters to the URL, an attacker could manipulate the request URI to bypass security constraints including the protection for /WEB-INF/ and /META-INF/. If PUT requests were also enabled then malicious files could be uploaded leading to remote code execution. PUT requests are normally limited to trusted users and it is considered unlikely that PUT requests would be enabled in conjunction with a rewrite that manipulated the URI.
This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.10, from 10.1.0-M1 through 10.1.44, from 9.0.0.M11 through 9.0.108.
The following versions were EOL at the time the CVE was created but are known to be affected: 8.5.6 though 8.5.100. Other, older, EOL versions may also be affected. Users are recommended to upgrade to version 11.0.11 or later, 10.1.45 or later or 9.0.109 or later, which fix the issue.
{
"affected": [
{
"package": {
"ecosystem": "Maven",
"name": "org.apache.tomcat:tomcat"
},
"ranges": [
{
"events": [
{
"introduced": "11.0.0-M1"
},
{
"fixed": "11.0.11"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Maven",
"name": "org.apache.tomcat:tomcat"
},
"ranges": [
{
"events": [
{
"introduced": "10.1.0-M1"
},
{
"fixed": "10.1.45"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Maven",
"name": "org.apache.tomcat:tomcat"
},
"ranges": [
{
"events": [
{
"introduced": "9.0.0-M11"
},
{
"fixed": "9.0.109"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Maven",
"name": "org.apache.tomcat:tomcat"
},
"ranges": [
{
"events": [
{
"introduced": "8.5.6"
},
{
"last_affected": "8.5.100"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Maven",
"name": "org.apache.tomcat:tomcat-catalina"
},
"ranges": [
{
"events": [
{
"introduced": "11.0.0-M1"
},
{
"fixed": "11.0.11"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Maven",
"name": "org.apache.tomcat:tomcat-catalina"
},
"ranges": [
{
"events": [
{
"introduced": "10.1.0-M1"
},
{
"fixed": "10.1.45"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Maven",
"name": "org.apache.tomcat:tomcat-catalina"
},
"ranges": [
{
"events": [
{
"introduced": "9.0.0-M11"
},
{
"fixed": "9.0.109"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Maven",
"name": "org.apache.tomcat:tomcat-catalina"
},
"ranges": [
{
"events": [
{
"introduced": "8.5.6"
},
{
"last_affected": "8.5.100"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Maven",
"name": "org.apache.tomcat.embed:tomcat-embed-core"
},
"ranges": [
{
"events": [
{
"introduced": "11.0.0-M1"
},
{
"fixed": "11.0.11"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Maven",
"name": "org.apache.tomcat.embed:tomcat-embed-core"
},
"ranges": [
{
"events": [
{
"introduced": "10.1.0-M1"
},
{
"fixed": "10.1.45"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Maven",
"name": "org.apache.tomcat.embed:tomcat-embed-core"
},
"ranges": [
{
"events": [
{
"introduced": "9.0.0-M11"
},
{
"fixed": "9.0.109"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Maven",
"name": "org.apache.tomcat.embed:tomcat-embed-core"
},
"ranges": [
{
"events": [
{
"introduced": "8.5.6"
},
{
"last_affected": "8.5.100"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2025-55752"
],
"database_specific": {
"cwe_ids": [
"CWE-23"
],
"github_reviewed": true,
"github_reviewed_at": "2025-10-28T17:55:41Z",
"nvd_published_at": "2025-10-27T18:15:42Z",
"severity": "HIGH"
},
"details": "The fix for bug 60013 introduced a regression where the rewritten URL was normalized before it was decoded. This introduced the possibility that, for rewrite rules that rewrite query parameters to the URL, an attacker could manipulate the request URI to bypass security constraints including the protection for /WEB-INF/ and /META-INF/. If PUT requests were also enabled then malicious files could be uploaded leading to remote code execution. PUT requests are normally limited to trusted users and it is considered unlikely that PUT requests would be enabled in conjunction with a rewrite that manipulated the URI.\n\n\n\nThis issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.10, from 10.1.0-M1 through 10.1.44, from 9.0.0.M11 through 9.0.108.\n\nThe following versions were EOL at the time the CVE was created but are known to be affected: 8.5.6 though 8.5.100. Other, older, EOL versions may also be affected. Users are recommended to upgrade to version 11.0.11 or later, 10.1.45 or later or 9.0.109 or later, which fix the issue.",
"id": "GHSA-wmwf-9ccg-fff5",
"modified": "2025-11-20T21:49:15Z",
"published": "2025-10-27T18:31:13Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-55752"
},
{
"type": "WEB",
"url": "https://github.com/apache/tomcat/commit/130d36d8492ef9e4eb22952c17c92423cb35fd06"
},
{
"type": "WEB",
"url": "https://github.com/apache/tomcat/commit/b5042622b8b78340ae65403c55dcb9c7416924df"
},
{
"type": "WEB",
"url": "https://github.com/apache/tomcat/commit/fec06c610ed7466b401e29cc567a58aee5ed826a"
},
{
"type": "PACKAGE",
"url": "https://github.com/apache/tomcat"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread/n05kjcwyj1s45ovs8ll1qrrojhfb1tog"
},
{
"type": "WEB",
"url": "https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.45"
},
{
"type": "WEB",
"url": "https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.11"
},
{
"type": "WEB",
"url": "https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.109"
},
{
"type": "WEB",
"url": "https://www.vicarius.io/vsociety/posts/cve-2025-55752-detect-apache-tomcat-vulnerability"
},
{
"type": "WEB",
"url": "https://www.vicarius.io/vsociety/posts/cve-2025-55752-mitigate-apache-tomcat-vulnerability"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2025/10/27/4"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
}
],
"summary": "Apache Tomcat Vulnerable to Relative Path Traversal"
}
opensuse-su-2025:15716-1
Vulnerability from csaf_opensuse
Published
2025-11-07 00:00
Modified
2025-11-07 00:00
Summary
tomcat-9.0.111-1.1 on GA media
Notes
Title of the patch
tomcat-9.0.111-1.1 on GA media
Description of the patch
These are all security issues fixed in the tomcat-9.0.111-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2025-15716
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "tomcat-9.0.111-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the tomcat-9.0.111-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2025-15716",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_15716-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-55752 page",
"url": "https://www.suse.com/security/cve/CVE-2025-55752/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-55754 page",
"url": "https://www.suse.com/security/cve/CVE-2025-55754/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-61795 page",
"url": "https://www.suse.com/security/cve/CVE-2025-61795/"
}
],
"title": "tomcat-9.0.111-1.1 on GA media",
"tracking": {
"current_release_date": "2025-11-07T00:00:00Z",
"generator": {
"date": "2025-11-07T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2025:15716-1",
"initial_release_date": "2025-11-07T00:00:00Z",
"revision_history": [
{
"date": "2025-11-07T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "tomcat-9.0.111-1.1.aarch64",
"product": {
"name": "tomcat-9.0.111-1.1.aarch64",
"product_id": "tomcat-9.0.111-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "tomcat-admin-webapps-9.0.111-1.1.aarch64",
"product": {
"name": "tomcat-admin-webapps-9.0.111-1.1.aarch64",
"product_id": "tomcat-admin-webapps-9.0.111-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "tomcat-docs-webapp-9.0.111-1.1.aarch64",
"product": {
"name": "tomcat-docs-webapp-9.0.111-1.1.aarch64",
"product_id": "tomcat-docs-webapp-9.0.111-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "tomcat-el-3_0-api-9.0.111-1.1.aarch64",
"product": {
"name": "tomcat-el-3_0-api-9.0.111-1.1.aarch64",
"product_id": "tomcat-el-3_0-api-9.0.111-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "tomcat-embed-9.0.111-1.1.aarch64",
"product": {
"name": "tomcat-embed-9.0.111-1.1.aarch64",
"product_id": "tomcat-embed-9.0.111-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "tomcat-javadoc-9.0.111-1.1.aarch64",
"product": {
"name": "tomcat-javadoc-9.0.111-1.1.aarch64",
"product_id": "tomcat-javadoc-9.0.111-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "tomcat-jsp-2_3-api-9.0.111-1.1.aarch64",
"product": {
"name": "tomcat-jsp-2_3-api-9.0.111-1.1.aarch64",
"product_id": "tomcat-jsp-2_3-api-9.0.111-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "tomcat-jsvc-9.0.111-1.1.aarch64",
"product": {
"name": "tomcat-jsvc-9.0.111-1.1.aarch64",
"product_id": "tomcat-jsvc-9.0.111-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "tomcat-lib-9.0.111-1.1.aarch64",
"product": {
"name": "tomcat-lib-9.0.111-1.1.aarch64",
"product_id": "tomcat-lib-9.0.111-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "tomcat-servlet-4_0-api-9.0.111-1.1.aarch64",
"product": {
"name": "tomcat-servlet-4_0-api-9.0.111-1.1.aarch64",
"product_id": "tomcat-servlet-4_0-api-9.0.111-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "tomcat-webapps-9.0.111-1.1.aarch64",
"product": {
"name": "tomcat-webapps-9.0.111-1.1.aarch64",
"product_id": "tomcat-webapps-9.0.111-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "tomcat-9.0.111-1.1.ppc64le",
"product": {
"name": "tomcat-9.0.111-1.1.ppc64le",
"product_id": "tomcat-9.0.111-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "tomcat-admin-webapps-9.0.111-1.1.ppc64le",
"product": {
"name": "tomcat-admin-webapps-9.0.111-1.1.ppc64le",
"product_id": "tomcat-admin-webapps-9.0.111-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "tomcat-docs-webapp-9.0.111-1.1.ppc64le",
"product": {
"name": "tomcat-docs-webapp-9.0.111-1.1.ppc64le",
"product_id": "tomcat-docs-webapp-9.0.111-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "tomcat-el-3_0-api-9.0.111-1.1.ppc64le",
"product": {
"name": "tomcat-el-3_0-api-9.0.111-1.1.ppc64le",
"product_id": "tomcat-el-3_0-api-9.0.111-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "tomcat-embed-9.0.111-1.1.ppc64le",
"product": {
"name": "tomcat-embed-9.0.111-1.1.ppc64le",
"product_id": "tomcat-embed-9.0.111-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "tomcat-javadoc-9.0.111-1.1.ppc64le",
"product": {
"name": "tomcat-javadoc-9.0.111-1.1.ppc64le",
"product_id": "tomcat-javadoc-9.0.111-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "tomcat-jsp-2_3-api-9.0.111-1.1.ppc64le",
"product": {
"name": "tomcat-jsp-2_3-api-9.0.111-1.1.ppc64le",
"product_id": "tomcat-jsp-2_3-api-9.0.111-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "tomcat-jsvc-9.0.111-1.1.ppc64le",
"product": {
"name": "tomcat-jsvc-9.0.111-1.1.ppc64le",
"product_id": "tomcat-jsvc-9.0.111-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "tomcat-lib-9.0.111-1.1.ppc64le",
"product": {
"name": "tomcat-lib-9.0.111-1.1.ppc64le",
"product_id": "tomcat-lib-9.0.111-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "tomcat-servlet-4_0-api-9.0.111-1.1.ppc64le",
"product": {
"name": "tomcat-servlet-4_0-api-9.0.111-1.1.ppc64le",
"product_id": "tomcat-servlet-4_0-api-9.0.111-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "tomcat-webapps-9.0.111-1.1.ppc64le",
"product": {
"name": "tomcat-webapps-9.0.111-1.1.ppc64le",
"product_id": "tomcat-webapps-9.0.111-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "tomcat-9.0.111-1.1.s390x",
"product": {
"name": "tomcat-9.0.111-1.1.s390x",
"product_id": "tomcat-9.0.111-1.1.s390x"
}
},
{
"category": "product_version",
"name": "tomcat-admin-webapps-9.0.111-1.1.s390x",
"product": {
"name": "tomcat-admin-webapps-9.0.111-1.1.s390x",
"product_id": "tomcat-admin-webapps-9.0.111-1.1.s390x"
}
},
{
"category": "product_version",
"name": "tomcat-docs-webapp-9.0.111-1.1.s390x",
"product": {
"name": "tomcat-docs-webapp-9.0.111-1.1.s390x",
"product_id": "tomcat-docs-webapp-9.0.111-1.1.s390x"
}
},
{
"category": "product_version",
"name": "tomcat-el-3_0-api-9.0.111-1.1.s390x",
"product": {
"name": "tomcat-el-3_0-api-9.0.111-1.1.s390x",
"product_id": "tomcat-el-3_0-api-9.0.111-1.1.s390x"
}
},
{
"category": "product_version",
"name": "tomcat-embed-9.0.111-1.1.s390x",
"product": {
"name": "tomcat-embed-9.0.111-1.1.s390x",
"product_id": "tomcat-embed-9.0.111-1.1.s390x"
}
},
{
"category": "product_version",
"name": "tomcat-javadoc-9.0.111-1.1.s390x",
"product": {
"name": "tomcat-javadoc-9.0.111-1.1.s390x",
"product_id": "tomcat-javadoc-9.0.111-1.1.s390x"
}
},
{
"category": "product_version",
"name": "tomcat-jsp-2_3-api-9.0.111-1.1.s390x",
"product": {
"name": "tomcat-jsp-2_3-api-9.0.111-1.1.s390x",
"product_id": "tomcat-jsp-2_3-api-9.0.111-1.1.s390x"
}
},
{
"category": "product_version",
"name": "tomcat-jsvc-9.0.111-1.1.s390x",
"product": {
"name": "tomcat-jsvc-9.0.111-1.1.s390x",
"product_id": "tomcat-jsvc-9.0.111-1.1.s390x"
}
},
{
"category": "product_version",
"name": "tomcat-lib-9.0.111-1.1.s390x",
"product": {
"name": "tomcat-lib-9.0.111-1.1.s390x",
"product_id": "tomcat-lib-9.0.111-1.1.s390x"
}
},
{
"category": "product_version",
"name": "tomcat-servlet-4_0-api-9.0.111-1.1.s390x",
"product": {
"name": "tomcat-servlet-4_0-api-9.0.111-1.1.s390x",
"product_id": "tomcat-servlet-4_0-api-9.0.111-1.1.s390x"
}
},
{
"category": "product_version",
"name": "tomcat-webapps-9.0.111-1.1.s390x",
"product": {
"name": "tomcat-webapps-9.0.111-1.1.s390x",
"product_id": "tomcat-webapps-9.0.111-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "tomcat-9.0.111-1.1.x86_64",
"product": {
"name": "tomcat-9.0.111-1.1.x86_64",
"product_id": "tomcat-9.0.111-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "tomcat-admin-webapps-9.0.111-1.1.x86_64",
"product": {
"name": "tomcat-admin-webapps-9.0.111-1.1.x86_64",
"product_id": "tomcat-admin-webapps-9.0.111-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "tomcat-docs-webapp-9.0.111-1.1.x86_64",
"product": {
"name": "tomcat-docs-webapp-9.0.111-1.1.x86_64",
"product_id": "tomcat-docs-webapp-9.0.111-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "tomcat-el-3_0-api-9.0.111-1.1.x86_64",
"product": {
"name": "tomcat-el-3_0-api-9.0.111-1.1.x86_64",
"product_id": "tomcat-el-3_0-api-9.0.111-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "tomcat-embed-9.0.111-1.1.x86_64",
"product": {
"name": "tomcat-embed-9.0.111-1.1.x86_64",
"product_id": "tomcat-embed-9.0.111-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "tomcat-javadoc-9.0.111-1.1.x86_64",
"product": {
"name": "tomcat-javadoc-9.0.111-1.1.x86_64",
"product_id": "tomcat-javadoc-9.0.111-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "tomcat-jsp-2_3-api-9.0.111-1.1.x86_64",
"product": {
"name": "tomcat-jsp-2_3-api-9.0.111-1.1.x86_64",
"product_id": "tomcat-jsp-2_3-api-9.0.111-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "tomcat-jsvc-9.0.111-1.1.x86_64",
"product": {
"name": "tomcat-jsvc-9.0.111-1.1.x86_64",
"product_id": "tomcat-jsvc-9.0.111-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "tomcat-lib-9.0.111-1.1.x86_64",
"product": {
"name": "tomcat-lib-9.0.111-1.1.x86_64",
"product_id": "tomcat-lib-9.0.111-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "tomcat-servlet-4_0-api-9.0.111-1.1.x86_64",
"product": {
"name": "tomcat-servlet-4_0-api-9.0.111-1.1.x86_64",
"product_id": "tomcat-servlet-4_0-api-9.0.111-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "tomcat-webapps-9.0.111-1.1.x86_64",
"product": {
"name": "tomcat-webapps-9.0.111-1.1.x86_64",
"product_id": "tomcat-webapps-9.0.111-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-9.0.111-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tomcat-9.0.111-1.1.aarch64"
},
"product_reference": "tomcat-9.0.111-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-9.0.111-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tomcat-9.0.111-1.1.ppc64le"
},
"product_reference": "tomcat-9.0.111-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-9.0.111-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tomcat-9.0.111-1.1.s390x"
},
"product_reference": "tomcat-9.0.111-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-9.0.111-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tomcat-9.0.111-1.1.x86_64"
},
"product_reference": "tomcat-9.0.111-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-admin-webapps-9.0.111-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tomcat-admin-webapps-9.0.111-1.1.aarch64"
},
"product_reference": "tomcat-admin-webapps-9.0.111-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-admin-webapps-9.0.111-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tomcat-admin-webapps-9.0.111-1.1.ppc64le"
},
"product_reference": "tomcat-admin-webapps-9.0.111-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-admin-webapps-9.0.111-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tomcat-admin-webapps-9.0.111-1.1.s390x"
},
"product_reference": "tomcat-admin-webapps-9.0.111-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-admin-webapps-9.0.111-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tomcat-admin-webapps-9.0.111-1.1.x86_64"
},
"product_reference": "tomcat-admin-webapps-9.0.111-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-docs-webapp-9.0.111-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tomcat-docs-webapp-9.0.111-1.1.aarch64"
},
"product_reference": "tomcat-docs-webapp-9.0.111-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-docs-webapp-9.0.111-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tomcat-docs-webapp-9.0.111-1.1.ppc64le"
},
"product_reference": "tomcat-docs-webapp-9.0.111-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-docs-webapp-9.0.111-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tomcat-docs-webapp-9.0.111-1.1.s390x"
},
"product_reference": "tomcat-docs-webapp-9.0.111-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-docs-webapp-9.0.111-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tomcat-docs-webapp-9.0.111-1.1.x86_64"
},
"product_reference": "tomcat-docs-webapp-9.0.111-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-el-3_0-api-9.0.111-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tomcat-el-3_0-api-9.0.111-1.1.aarch64"
},
"product_reference": "tomcat-el-3_0-api-9.0.111-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-el-3_0-api-9.0.111-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tomcat-el-3_0-api-9.0.111-1.1.ppc64le"
},
"product_reference": "tomcat-el-3_0-api-9.0.111-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-el-3_0-api-9.0.111-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tomcat-el-3_0-api-9.0.111-1.1.s390x"
},
"product_reference": "tomcat-el-3_0-api-9.0.111-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-el-3_0-api-9.0.111-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tomcat-el-3_0-api-9.0.111-1.1.x86_64"
},
"product_reference": "tomcat-el-3_0-api-9.0.111-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-embed-9.0.111-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tomcat-embed-9.0.111-1.1.aarch64"
},
"product_reference": "tomcat-embed-9.0.111-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-embed-9.0.111-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tomcat-embed-9.0.111-1.1.ppc64le"
},
"product_reference": "tomcat-embed-9.0.111-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-embed-9.0.111-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tomcat-embed-9.0.111-1.1.s390x"
},
"product_reference": "tomcat-embed-9.0.111-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-embed-9.0.111-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tomcat-embed-9.0.111-1.1.x86_64"
},
"product_reference": "tomcat-embed-9.0.111-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-javadoc-9.0.111-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tomcat-javadoc-9.0.111-1.1.aarch64"
},
"product_reference": "tomcat-javadoc-9.0.111-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-javadoc-9.0.111-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tomcat-javadoc-9.0.111-1.1.ppc64le"
},
"product_reference": "tomcat-javadoc-9.0.111-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-javadoc-9.0.111-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tomcat-javadoc-9.0.111-1.1.s390x"
},
"product_reference": "tomcat-javadoc-9.0.111-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-javadoc-9.0.111-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tomcat-javadoc-9.0.111-1.1.x86_64"
},
"product_reference": "tomcat-javadoc-9.0.111-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-jsp-2_3-api-9.0.111-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tomcat-jsp-2_3-api-9.0.111-1.1.aarch64"
},
"product_reference": "tomcat-jsp-2_3-api-9.0.111-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-jsp-2_3-api-9.0.111-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tomcat-jsp-2_3-api-9.0.111-1.1.ppc64le"
},
"product_reference": "tomcat-jsp-2_3-api-9.0.111-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-jsp-2_3-api-9.0.111-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tomcat-jsp-2_3-api-9.0.111-1.1.s390x"
},
"product_reference": "tomcat-jsp-2_3-api-9.0.111-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-jsp-2_3-api-9.0.111-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tomcat-jsp-2_3-api-9.0.111-1.1.x86_64"
},
"product_reference": "tomcat-jsp-2_3-api-9.0.111-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-jsvc-9.0.111-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tomcat-jsvc-9.0.111-1.1.aarch64"
},
"product_reference": "tomcat-jsvc-9.0.111-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-jsvc-9.0.111-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tomcat-jsvc-9.0.111-1.1.ppc64le"
},
"product_reference": "tomcat-jsvc-9.0.111-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-jsvc-9.0.111-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tomcat-jsvc-9.0.111-1.1.s390x"
},
"product_reference": "tomcat-jsvc-9.0.111-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-jsvc-9.0.111-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tomcat-jsvc-9.0.111-1.1.x86_64"
},
"product_reference": "tomcat-jsvc-9.0.111-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-lib-9.0.111-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tomcat-lib-9.0.111-1.1.aarch64"
},
"product_reference": "tomcat-lib-9.0.111-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-lib-9.0.111-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tomcat-lib-9.0.111-1.1.ppc64le"
},
"product_reference": "tomcat-lib-9.0.111-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-lib-9.0.111-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tomcat-lib-9.0.111-1.1.s390x"
},
"product_reference": "tomcat-lib-9.0.111-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-lib-9.0.111-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tomcat-lib-9.0.111-1.1.x86_64"
},
"product_reference": "tomcat-lib-9.0.111-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-servlet-4_0-api-9.0.111-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tomcat-servlet-4_0-api-9.0.111-1.1.aarch64"
},
"product_reference": "tomcat-servlet-4_0-api-9.0.111-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-servlet-4_0-api-9.0.111-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tomcat-servlet-4_0-api-9.0.111-1.1.ppc64le"
},
"product_reference": "tomcat-servlet-4_0-api-9.0.111-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-servlet-4_0-api-9.0.111-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tomcat-servlet-4_0-api-9.0.111-1.1.s390x"
},
"product_reference": "tomcat-servlet-4_0-api-9.0.111-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-servlet-4_0-api-9.0.111-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tomcat-servlet-4_0-api-9.0.111-1.1.x86_64"
},
"product_reference": "tomcat-servlet-4_0-api-9.0.111-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-webapps-9.0.111-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tomcat-webapps-9.0.111-1.1.aarch64"
},
"product_reference": "tomcat-webapps-9.0.111-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-webapps-9.0.111-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tomcat-webapps-9.0.111-1.1.ppc64le"
},
"product_reference": "tomcat-webapps-9.0.111-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-webapps-9.0.111-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tomcat-webapps-9.0.111-1.1.s390x"
},
"product_reference": "tomcat-webapps-9.0.111-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-webapps-9.0.111-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tomcat-webapps-9.0.111-1.1.x86_64"
},
"product_reference": "tomcat-webapps-9.0.111-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-55752",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-55752"
}
],
"notes": [
{
"category": "general",
"text": "Relative Path Traversal vulnerability in Apache Tomcat.\n\nThe fix for bug 60013 introduced a regression where the rewritten URL was normalized before it was decoded. This introduced the possibility that, for rewrite rules that rewrite query parameters to the URL, an attacker could manipulate the request URI to bypass security constraints including the protection for /WEB-INF/ and /META-INF/. If PUT requests were also enabled then malicious files could be uploaded leading to remote code execution. PUT requests are normally limited to trusted users and it is considered unlikely that PUT requests would be enabled in conjunction with a rewrite that manipulated the URI.\n\n\n\nThis issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.10, from 10.1.0-M1 through 10.1.44, from 9.0.0.M11 through 9.0.108.\n\nThe following versions were EOL at the time the CVE was created but are \nknown to be affected: 8.5.6 though 8.5.100. Other, older, EOL versions may also be affected.\nUsers are recommended to upgrade to version 11.0.11 or later, 10.1.45 or later or 9.0.109 or later, which fix the issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tomcat-9.0.111-1.1.aarch64",
"openSUSE Tumbleweed:tomcat-9.0.111-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat-9.0.111-1.1.s390x",
"openSUSE Tumbleweed:tomcat-9.0.111-1.1.x86_64",
"openSUSE Tumbleweed:tomcat-admin-webapps-9.0.111-1.1.aarch64",
"openSUSE Tumbleweed:tomcat-admin-webapps-9.0.111-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat-admin-webapps-9.0.111-1.1.s390x",
"openSUSE Tumbleweed:tomcat-admin-webapps-9.0.111-1.1.x86_64",
"openSUSE Tumbleweed:tomcat-docs-webapp-9.0.111-1.1.aarch64",
"openSUSE Tumbleweed:tomcat-docs-webapp-9.0.111-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat-docs-webapp-9.0.111-1.1.s390x",
"openSUSE Tumbleweed:tomcat-docs-webapp-9.0.111-1.1.x86_64",
"openSUSE Tumbleweed:tomcat-el-3_0-api-9.0.111-1.1.aarch64",
"openSUSE Tumbleweed:tomcat-el-3_0-api-9.0.111-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat-el-3_0-api-9.0.111-1.1.s390x",
"openSUSE Tumbleweed:tomcat-el-3_0-api-9.0.111-1.1.x86_64",
"openSUSE Tumbleweed:tomcat-embed-9.0.111-1.1.aarch64",
"openSUSE Tumbleweed:tomcat-embed-9.0.111-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat-embed-9.0.111-1.1.s390x",
"openSUSE Tumbleweed:tomcat-embed-9.0.111-1.1.x86_64",
"openSUSE Tumbleweed:tomcat-javadoc-9.0.111-1.1.aarch64",
"openSUSE Tumbleweed:tomcat-javadoc-9.0.111-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat-javadoc-9.0.111-1.1.s390x",
"openSUSE Tumbleweed:tomcat-javadoc-9.0.111-1.1.x86_64",
"openSUSE Tumbleweed:tomcat-jsp-2_3-api-9.0.111-1.1.aarch64",
"openSUSE Tumbleweed:tomcat-jsp-2_3-api-9.0.111-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat-jsp-2_3-api-9.0.111-1.1.s390x",
"openSUSE Tumbleweed:tomcat-jsp-2_3-api-9.0.111-1.1.x86_64",
"openSUSE Tumbleweed:tomcat-jsvc-9.0.111-1.1.aarch64",
"openSUSE Tumbleweed:tomcat-jsvc-9.0.111-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat-jsvc-9.0.111-1.1.s390x",
"openSUSE Tumbleweed:tomcat-jsvc-9.0.111-1.1.x86_64",
"openSUSE Tumbleweed:tomcat-lib-9.0.111-1.1.aarch64",
"openSUSE Tumbleweed:tomcat-lib-9.0.111-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat-lib-9.0.111-1.1.s390x",
"openSUSE Tumbleweed:tomcat-lib-9.0.111-1.1.x86_64",
"openSUSE Tumbleweed:tomcat-servlet-4_0-api-9.0.111-1.1.aarch64",
"openSUSE Tumbleweed:tomcat-servlet-4_0-api-9.0.111-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat-servlet-4_0-api-9.0.111-1.1.s390x",
"openSUSE Tumbleweed:tomcat-servlet-4_0-api-9.0.111-1.1.x86_64",
"openSUSE Tumbleweed:tomcat-webapps-9.0.111-1.1.aarch64",
"openSUSE Tumbleweed:tomcat-webapps-9.0.111-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat-webapps-9.0.111-1.1.s390x",
"openSUSE Tumbleweed:tomcat-webapps-9.0.111-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-55752",
"url": "https://www.suse.com/security/cve/CVE-2025-55752"
},
{
"category": "external",
"summary": "SUSE Bug 1252753 for CVE-2025-55752",
"url": "https://bugzilla.suse.com/1252753"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tomcat-9.0.111-1.1.aarch64",
"openSUSE Tumbleweed:tomcat-9.0.111-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat-9.0.111-1.1.s390x",
"openSUSE Tumbleweed:tomcat-9.0.111-1.1.x86_64",
"openSUSE Tumbleweed:tomcat-admin-webapps-9.0.111-1.1.aarch64",
"openSUSE Tumbleweed:tomcat-admin-webapps-9.0.111-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat-admin-webapps-9.0.111-1.1.s390x",
"openSUSE Tumbleweed:tomcat-admin-webapps-9.0.111-1.1.x86_64",
"openSUSE Tumbleweed:tomcat-docs-webapp-9.0.111-1.1.aarch64",
"openSUSE Tumbleweed:tomcat-docs-webapp-9.0.111-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat-docs-webapp-9.0.111-1.1.s390x",
"openSUSE Tumbleweed:tomcat-docs-webapp-9.0.111-1.1.x86_64",
"openSUSE Tumbleweed:tomcat-el-3_0-api-9.0.111-1.1.aarch64",
"openSUSE Tumbleweed:tomcat-el-3_0-api-9.0.111-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat-el-3_0-api-9.0.111-1.1.s390x",
"openSUSE Tumbleweed:tomcat-el-3_0-api-9.0.111-1.1.x86_64",
"openSUSE Tumbleweed:tomcat-embed-9.0.111-1.1.aarch64",
"openSUSE Tumbleweed:tomcat-embed-9.0.111-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat-embed-9.0.111-1.1.s390x",
"openSUSE Tumbleweed:tomcat-embed-9.0.111-1.1.x86_64",
"openSUSE Tumbleweed:tomcat-javadoc-9.0.111-1.1.aarch64",
"openSUSE Tumbleweed:tomcat-javadoc-9.0.111-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat-javadoc-9.0.111-1.1.s390x",
"openSUSE Tumbleweed:tomcat-javadoc-9.0.111-1.1.x86_64",
"openSUSE Tumbleweed:tomcat-jsp-2_3-api-9.0.111-1.1.aarch64",
"openSUSE Tumbleweed:tomcat-jsp-2_3-api-9.0.111-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat-jsp-2_3-api-9.0.111-1.1.s390x",
"openSUSE Tumbleweed:tomcat-jsp-2_3-api-9.0.111-1.1.x86_64",
"openSUSE Tumbleweed:tomcat-jsvc-9.0.111-1.1.aarch64",
"openSUSE Tumbleweed:tomcat-jsvc-9.0.111-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat-jsvc-9.0.111-1.1.s390x",
"openSUSE Tumbleweed:tomcat-jsvc-9.0.111-1.1.x86_64",
"openSUSE Tumbleweed:tomcat-lib-9.0.111-1.1.aarch64",
"openSUSE Tumbleweed:tomcat-lib-9.0.111-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat-lib-9.0.111-1.1.s390x",
"openSUSE Tumbleweed:tomcat-lib-9.0.111-1.1.x86_64",
"openSUSE Tumbleweed:tomcat-servlet-4_0-api-9.0.111-1.1.aarch64",
"openSUSE Tumbleweed:tomcat-servlet-4_0-api-9.0.111-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat-servlet-4_0-api-9.0.111-1.1.s390x",
"openSUSE Tumbleweed:tomcat-servlet-4_0-api-9.0.111-1.1.x86_64",
"openSUSE Tumbleweed:tomcat-webapps-9.0.111-1.1.aarch64",
"openSUSE Tumbleweed:tomcat-webapps-9.0.111-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat-webapps-9.0.111-1.1.s390x",
"openSUSE Tumbleweed:tomcat-webapps-9.0.111-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:tomcat-9.0.111-1.1.aarch64",
"openSUSE Tumbleweed:tomcat-9.0.111-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat-9.0.111-1.1.s390x",
"openSUSE Tumbleweed:tomcat-9.0.111-1.1.x86_64",
"openSUSE Tumbleweed:tomcat-admin-webapps-9.0.111-1.1.aarch64",
"openSUSE Tumbleweed:tomcat-admin-webapps-9.0.111-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat-admin-webapps-9.0.111-1.1.s390x",
"openSUSE Tumbleweed:tomcat-admin-webapps-9.0.111-1.1.x86_64",
"openSUSE Tumbleweed:tomcat-docs-webapp-9.0.111-1.1.aarch64",
"openSUSE Tumbleweed:tomcat-docs-webapp-9.0.111-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat-docs-webapp-9.0.111-1.1.s390x",
"openSUSE Tumbleweed:tomcat-docs-webapp-9.0.111-1.1.x86_64",
"openSUSE Tumbleweed:tomcat-el-3_0-api-9.0.111-1.1.aarch64",
"openSUSE Tumbleweed:tomcat-el-3_0-api-9.0.111-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat-el-3_0-api-9.0.111-1.1.s390x",
"openSUSE Tumbleweed:tomcat-el-3_0-api-9.0.111-1.1.x86_64",
"openSUSE Tumbleweed:tomcat-embed-9.0.111-1.1.aarch64",
"openSUSE Tumbleweed:tomcat-embed-9.0.111-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat-embed-9.0.111-1.1.s390x",
"openSUSE Tumbleweed:tomcat-embed-9.0.111-1.1.x86_64",
"openSUSE Tumbleweed:tomcat-javadoc-9.0.111-1.1.aarch64",
"openSUSE Tumbleweed:tomcat-javadoc-9.0.111-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat-javadoc-9.0.111-1.1.s390x",
"openSUSE Tumbleweed:tomcat-javadoc-9.0.111-1.1.x86_64",
"openSUSE Tumbleweed:tomcat-jsp-2_3-api-9.0.111-1.1.aarch64",
"openSUSE Tumbleweed:tomcat-jsp-2_3-api-9.0.111-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat-jsp-2_3-api-9.0.111-1.1.s390x",
"openSUSE Tumbleweed:tomcat-jsp-2_3-api-9.0.111-1.1.x86_64",
"openSUSE Tumbleweed:tomcat-jsvc-9.0.111-1.1.aarch64",
"openSUSE Tumbleweed:tomcat-jsvc-9.0.111-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat-jsvc-9.0.111-1.1.s390x",
"openSUSE Tumbleweed:tomcat-jsvc-9.0.111-1.1.x86_64",
"openSUSE Tumbleweed:tomcat-lib-9.0.111-1.1.aarch64",
"openSUSE Tumbleweed:tomcat-lib-9.0.111-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat-lib-9.0.111-1.1.s390x",
"openSUSE Tumbleweed:tomcat-lib-9.0.111-1.1.x86_64",
"openSUSE Tumbleweed:tomcat-servlet-4_0-api-9.0.111-1.1.aarch64",
"openSUSE Tumbleweed:tomcat-servlet-4_0-api-9.0.111-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat-servlet-4_0-api-9.0.111-1.1.s390x",
"openSUSE Tumbleweed:tomcat-servlet-4_0-api-9.0.111-1.1.x86_64",
"openSUSE Tumbleweed:tomcat-webapps-9.0.111-1.1.aarch64",
"openSUSE Tumbleweed:tomcat-webapps-9.0.111-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat-webapps-9.0.111-1.1.s390x",
"openSUSE Tumbleweed:tomcat-webapps-9.0.111-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-07T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-55752"
},
{
"cve": "CVE-2025-55754",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-55754"
}
],
"notes": [
{
"category": "general",
"text": "Improper Neutralization of Escape, Meta, or Control Sequences vulnerability in Apache Tomcat.\n\nTomcat did not escape ANSI escape sequences in log messages. If Tomcat was running in a console on a Windows operating system, and the console supported ANSI escape sequences, it was possible for an attacker to use a specially crafted URL to inject ANSI escape sequences to manipulate the console and the clipboard and attempt to trick an administrator into running an attacker controlled command. While no attack vector was found, it may have been possible to mount this attack on other operating systems.\n\n\n\nThis issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.10, from 10.1.0-M1 through 10.1.44, from 9.0.40 through 9.0.108.\n\nThe following versions were EOL at the time the CVE was created but are \nknown to be affected: 8.5.60 though 8.5.100. Other, older, EOL versions may also be affected.\nUsers are recommended to upgrade to version 11.0.11 or later, 10.1.45 or later or 9.0.109 or later, which fix the issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tomcat-9.0.111-1.1.aarch64",
"openSUSE Tumbleweed:tomcat-9.0.111-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat-9.0.111-1.1.s390x",
"openSUSE Tumbleweed:tomcat-9.0.111-1.1.x86_64",
"openSUSE Tumbleweed:tomcat-admin-webapps-9.0.111-1.1.aarch64",
"openSUSE Tumbleweed:tomcat-admin-webapps-9.0.111-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat-admin-webapps-9.0.111-1.1.s390x",
"openSUSE Tumbleweed:tomcat-admin-webapps-9.0.111-1.1.x86_64",
"openSUSE Tumbleweed:tomcat-docs-webapp-9.0.111-1.1.aarch64",
"openSUSE Tumbleweed:tomcat-docs-webapp-9.0.111-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat-docs-webapp-9.0.111-1.1.s390x",
"openSUSE Tumbleweed:tomcat-docs-webapp-9.0.111-1.1.x86_64",
"openSUSE Tumbleweed:tomcat-el-3_0-api-9.0.111-1.1.aarch64",
"openSUSE Tumbleweed:tomcat-el-3_0-api-9.0.111-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat-el-3_0-api-9.0.111-1.1.s390x",
"openSUSE Tumbleweed:tomcat-el-3_0-api-9.0.111-1.1.x86_64",
"openSUSE Tumbleweed:tomcat-embed-9.0.111-1.1.aarch64",
"openSUSE Tumbleweed:tomcat-embed-9.0.111-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat-embed-9.0.111-1.1.s390x",
"openSUSE Tumbleweed:tomcat-embed-9.0.111-1.1.x86_64",
"openSUSE Tumbleweed:tomcat-javadoc-9.0.111-1.1.aarch64",
"openSUSE Tumbleweed:tomcat-javadoc-9.0.111-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat-javadoc-9.0.111-1.1.s390x",
"openSUSE Tumbleweed:tomcat-javadoc-9.0.111-1.1.x86_64",
"openSUSE Tumbleweed:tomcat-jsp-2_3-api-9.0.111-1.1.aarch64",
"openSUSE Tumbleweed:tomcat-jsp-2_3-api-9.0.111-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat-jsp-2_3-api-9.0.111-1.1.s390x",
"openSUSE Tumbleweed:tomcat-jsp-2_3-api-9.0.111-1.1.x86_64",
"openSUSE Tumbleweed:tomcat-jsvc-9.0.111-1.1.aarch64",
"openSUSE Tumbleweed:tomcat-jsvc-9.0.111-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat-jsvc-9.0.111-1.1.s390x",
"openSUSE Tumbleweed:tomcat-jsvc-9.0.111-1.1.x86_64",
"openSUSE Tumbleweed:tomcat-lib-9.0.111-1.1.aarch64",
"openSUSE Tumbleweed:tomcat-lib-9.0.111-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat-lib-9.0.111-1.1.s390x",
"openSUSE Tumbleweed:tomcat-lib-9.0.111-1.1.x86_64",
"openSUSE Tumbleweed:tomcat-servlet-4_0-api-9.0.111-1.1.aarch64",
"openSUSE Tumbleweed:tomcat-servlet-4_0-api-9.0.111-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat-servlet-4_0-api-9.0.111-1.1.s390x",
"openSUSE Tumbleweed:tomcat-servlet-4_0-api-9.0.111-1.1.x86_64",
"openSUSE Tumbleweed:tomcat-webapps-9.0.111-1.1.aarch64",
"openSUSE Tumbleweed:tomcat-webapps-9.0.111-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat-webapps-9.0.111-1.1.s390x",
"openSUSE Tumbleweed:tomcat-webapps-9.0.111-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-55754",
"url": "https://www.suse.com/security/cve/CVE-2025-55754"
},
{
"category": "external",
"summary": "SUSE Bug 1252905 for CVE-2025-55754",
"url": "https://bugzilla.suse.com/1252905"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tomcat-9.0.111-1.1.aarch64",
"openSUSE Tumbleweed:tomcat-9.0.111-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat-9.0.111-1.1.s390x",
"openSUSE Tumbleweed:tomcat-9.0.111-1.1.x86_64",
"openSUSE Tumbleweed:tomcat-admin-webapps-9.0.111-1.1.aarch64",
"openSUSE Tumbleweed:tomcat-admin-webapps-9.0.111-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat-admin-webapps-9.0.111-1.1.s390x",
"openSUSE Tumbleweed:tomcat-admin-webapps-9.0.111-1.1.x86_64",
"openSUSE Tumbleweed:tomcat-docs-webapp-9.0.111-1.1.aarch64",
"openSUSE Tumbleweed:tomcat-docs-webapp-9.0.111-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat-docs-webapp-9.0.111-1.1.s390x",
"openSUSE Tumbleweed:tomcat-docs-webapp-9.0.111-1.1.x86_64",
"openSUSE Tumbleweed:tomcat-el-3_0-api-9.0.111-1.1.aarch64",
"openSUSE Tumbleweed:tomcat-el-3_0-api-9.0.111-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat-el-3_0-api-9.0.111-1.1.s390x",
"openSUSE Tumbleweed:tomcat-el-3_0-api-9.0.111-1.1.x86_64",
"openSUSE Tumbleweed:tomcat-embed-9.0.111-1.1.aarch64",
"openSUSE Tumbleweed:tomcat-embed-9.0.111-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat-embed-9.0.111-1.1.s390x",
"openSUSE Tumbleweed:tomcat-embed-9.0.111-1.1.x86_64",
"openSUSE Tumbleweed:tomcat-javadoc-9.0.111-1.1.aarch64",
"openSUSE Tumbleweed:tomcat-javadoc-9.0.111-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat-javadoc-9.0.111-1.1.s390x",
"openSUSE Tumbleweed:tomcat-javadoc-9.0.111-1.1.x86_64",
"openSUSE Tumbleweed:tomcat-jsp-2_3-api-9.0.111-1.1.aarch64",
"openSUSE Tumbleweed:tomcat-jsp-2_3-api-9.0.111-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat-jsp-2_3-api-9.0.111-1.1.s390x",
"openSUSE Tumbleweed:tomcat-jsp-2_3-api-9.0.111-1.1.x86_64",
"openSUSE Tumbleweed:tomcat-jsvc-9.0.111-1.1.aarch64",
"openSUSE Tumbleweed:tomcat-jsvc-9.0.111-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat-jsvc-9.0.111-1.1.s390x",
"openSUSE Tumbleweed:tomcat-jsvc-9.0.111-1.1.x86_64",
"openSUSE Tumbleweed:tomcat-lib-9.0.111-1.1.aarch64",
"openSUSE Tumbleweed:tomcat-lib-9.0.111-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat-lib-9.0.111-1.1.s390x",
"openSUSE Tumbleweed:tomcat-lib-9.0.111-1.1.x86_64",
"openSUSE Tumbleweed:tomcat-servlet-4_0-api-9.0.111-1.1.aarch64",
"openSUSE Tumbleweed:tomcat-servlet-4_0-api-9.0.111-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat-servlet-4_0-api-9.0.111-1.1.s390x",
"openSUSE Tumbleweed:tomcat-servlet-4_0-api-9.0.111-1.1.x86_64",
"openSUSE Tumbleweed:tomcat-webapps-9.0.111-1.1.aarch64",
"openSUSE Tumbleweed:tomcat-webapps-9.0.111-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat-webapps-9.0.111-1.1.s390x",
"openSUSE Tumbleweed:tomcat-webapps-9.0.111-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:tomcat-9.0.111-1.1.aarch64",
"openSUSE Tumbleweed:tomcat-9.0.111-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat-9.0.111-1.1.s390x",
"openSUSE Tumbleweed:tomcat-9.0.111-1.1.x86_64",
"openSUSE Tumbleweed:tomcat-admin-webapps-9.0.111-1.1.aarch64",
"openSUSE Tumbleweed:tomcat-admin-webapps-9.0.111-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat-admin-webapps-9.0.111-1.1.s390x",
"openSUSE Tumbleweed:tomcat-admin-webapps-9.0.111-1.1.x86_64",
"openSUSE Tumbleweed:tomcat-docs-webapp-9.0.111-1.1.aarch64",
"openSUSE Tumbleweed:tomcat-docs-webapp-9.0.111-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat-docs-webapp-9.0.111-1.1.s390x",
"openSUSE Tumbleweed:tomcat-docs-webapp-9.0.111-1.1.x86_64",
"openSUSE Tumbleweed:tomcat-el-3_0-api-9.0.111-1.1.aarch64",
"openSUSE Tumbleweed:tomcat-el-3_0-api-9.0.111-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat-el-3_0-api-9.0.111-1.1.s390x",
"openSUSE Tumbleweed:tomcat-el-3_0-api-9.0.111-1.1.x86_64",
"openSUSE Tumbleweed:tomcat-embed-9.0.111-1.1.aarch64",
"openSUSE Tumbleweed:tomcat-embed-9.0.111-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat-embed-9.0.111-1.1.s390x",
"openSUSE Tumbleweed:tomcat-embed-9.0.111-1.1.x86_64",
"openSUSE Tumbleweed:tomcat-javadoc-9.0.111-1.1.aarch64",
"openSUSE Tumbleweed:tomcat-javadoc-9.0.111-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat-javadoc-9.0.111-1.1.s390x",
"openSUSE Tumbleweed:tomcat-javadoc-9.0.111-1.1.x86_64",
"openSUSE Tumbleweed:tomcat-jsp-2_3-api-9.0.111-1.1.aarch64",
"openSUSE Tumbleweed:tomcat-jsp-2_3-api-9.0.111-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat-jsp-2_3-api-9.0.111-1.1.s390x",
"openSUSE Tumbleweed:tomcat-jsp-2_3-api-9.0.111-1.1.x86_64",
"openSUSE Tumbleweed:tomcat-jsvc-9.0.111-1.1.aarch64",
"openSUSE Tumbleweed:tomcat-jsvc-9.0.111-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat-jsvc-9.0.111-1.1.s390x",
"openSUSE Tumbleweed:tomcat-jsvc-9.0.111-1.1.x86_64",
"openSUSE Tumbleweed:tomcat-lib-9.0.111-1.1.aarch64",
"openSUSE Tumbleweed:tomcat-lib-9.0.111-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat-lib-9.0.111-1.1.s390x",
"openSUSE Tumbleweed:tomcat-lib-9.0.111-1.1.x86_64",
"openSUSE Tumbleweed:tomcat-servlet-4_0-api-9.0.111-1.1.aarch64",
"openSUSE Tumbleweed:tomcat-servlet-4_0-api-9.0.111-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat-servlet-4_0-api-9.0.111-1.1.s390x",
"openSUSE Tumbleweed:tomcat-servlet-4_0-api-9.0.111-1.1.x86_64",
"openSUSE Tumbleweed:tomcat-webapps-9.0.111-1.1.aarch64",
"openSUSE Tumbleweed:tomcat-webapps-9.0.111-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat-webapps-9.0.111-1.1.s390x",
"openSUSE Tumbleweed:tomcat-webapps-9.0.111-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-07T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-55754"
},
{
"cve": "CVE-2025-61795",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-61795"
}
],
"notes": [
{
"category": "general",
"text": "Improper Resource Shutdown or Release vulnerability in Apache Tomcat.\n\nIf an error occurred (including exceeding limits) during the processing of a multipart upload, temporary copies of the uploaded parts written to disc were not cleaned up immediately but left for the garbage collection process to delete. Depending on JVM settings, application memory usage and application load, it was possible that space for the temporary copies of uploaded parts would be filled faster than GC cleared it, leading to a DoS.\n\n\n\nThis issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.11, from 10.1.0-M1 through 10.1.46, from 9.0.0.M1 through 9.0.109.\n\nThe following versions were EOL at the time the CVE was created but are \nknown to be affected: 8.5.0 though 8.5.100. Other, older, EOL versions may also be affected.\nUsers are recommended to upgrade to version 11.0.12 or later, 10.1.47 or later or 9.0.110 or later which fixes the issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tomcat-9.0.111-1.1.aarch64",
"openSUSE Tumbleweed:tomcat-9.0.111-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat-9.0.111-1.1.s390x",
"openSUSE Tumbleweed:tomcat-9.0.111-1.1.x86_64",
"openSUSE Tumbleweed:tomcat-admin-webapps-9.0.111-1.1.aarch64",
"openSUSE Tumbleweed:tomcat-admin-webapps-9.0.111-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat-admin-webapps-9.0.111-1.1.s390x",
"openSUSE Tumbleweed:tomcat-admin-webapps-9.0.111-1.1.x86_64",
"openSUSE Tumbleweed:tomcat-docs-webapp-9.0.111-1.1.aarch64",
"openSUSE Tumbleweed:tomcat-docs-webapp-9.0.111-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat-docs-webapp-9.0.111-1.1.s390x",
"openSUSE Tumbleweed:tomcat-docs-webapp-9.0.111-1.1.x86_64",
"openSUSE Tumbleweed:tomcat-el-3_0-api-9.0.111-1.1.aarch64",
"openSUSE Tumbleweed:tomcat-el-3_0-api-9.0.111-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat-el-3_0-api-9.0.111-1.1.s390x",
"openSUSE Tumbleweed:tomcat-el-3_0-api-9.0.111-1.1.x86_64",
"openSUSE Tumbleweed:tomcat-embed-9.0.111-1.1.aarch64",
"openSUSE Tumbleweed:tomcat-embed-9.0.111-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat-embed-9.0.111-1.1.s390x",
"openSUSE Tumbleweed:tomcat-embed-9.0.111-1.1.x86_64",
"openSUSE Tumbleweed:tomcat-javadoc-9.0.111-1.1.aarch64",
"openSUSE Tumbleweed:tomcat-javadoc-9.0.111-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat-javadoc-9.0.111-1.1.s390x",
"openSUSE Tumbleweed:tomcat-javadoc-9.0.111-1.1.x86_64",
"openSUSE Tumbleweed:tomcat-jsp-2_3-api-9.0.111-1.1.aarch64",
"openSUSE Tumbleweed:tomcat-jsp-2_3-api-9.0.111-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat-jsp-2_3-api-9.0.111-1.1.s390x",
"openSUSE Tumbleweed:tomcat-jsp-2_3-api-9.0.111-1.1.x86_64",
"openSUSE Tumbleweed:tomcat-jsvc-9.0.111-1.1.aarch64",
"openSUSE Tumbleweed:tomcat-jsvc-9.0.111-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat-jsvc-9.0.111-1.1.s390x",
"openSUSE Tumbleweed:tomcat-jsvc-9.0.111-1.1.x86_64",
"openSUSE Tumbleweed:tomcat-lib-9.0.111-1.1.aarch64",
"openSUSE Tumbleweed:tomcat-lib-9.0.111-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat-lib-9.0.111-1.1.s390x",
"openSUSE Tumbleweed:tomcat-lib-9.0.111-1.1.x86_64",
"openSUSE Tumbleweed:tomcat-servlet-4_0-api-9.0.111-1.1.aarch64",
"openSUSE Tumbleweed:tomcat-servlet-4_0-api-9.0.111-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat-servlet-4_0-api-9.0.111-1.1.s390x",
"openSUSE Tumbleweed:tomcat-servlet-4_0-api-9.0.111-1.1.x86_64",
"openSUSE Tumbleweed:tomcat-webapps-9.0.111-1.1.aarch64",
"openSUSE Tumbleweed:tomcat-webapps-9.0.111-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat-webapps-9.0.111-1.1.s390x",
"openSUSE Tumbleweed:tomcat-webapps-9.0.111-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-61795",
"url": "https://www.suse.com/security/cve/CVE-2025-61795"
},
{
"category": "external",
"summary": "SUSE Bug 1252756 for CVE-2025-61795",
"url": "https://bugzilla.suse.com/1252756"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tomcat-9.0.111-1.1.aarch64",
"openSUSE Tumbleweed:tomcat-9.0.111-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat-9.0.111-1.1.s390x",
"openSUSE Tumbleweed:tomcat-9.0.111-1.1.x86_64",
"openSUSE Tumbleweed:tomcat-admin-webapps-9.0.111-1.1.aarch64",
"openSUSE Tumbleweed:tomcat-admin-webapps-9.0.111-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat-admin-webapps-9.0.111-1.1.s390x",
"openSUSE Tumbleweed:tomcat-admin-webapps-9.0.111-1.1.x86_64",
"openSUSE Tumbleweed:tomcat-docs-webapp-9.0.111-1.1.aarch64",
"openSUSE Tumbleweed:tomcat-docs-webapp-9.0.111-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat-docs-webapp-9.0.111-1.1.s390x",
"openSUSE Tumbleweed:tomcat-docs-webapp-9.0.111-1.1.x86_64",
"openSUSE Tumbleweed:tomcat-el-3_0-api-9.0.111-1.1.aarch64",
"openSUSE Tumbleweed:tomcat-el-3_0-api-9.0.111-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat-el-3_0-api-9.0.111-1.1.s390x",
"openSUSE Tumbleweed:tomcat-el-3_0-api-9.0.111-1.1.x86_64",
"openSUSE Tumbleweed:tomcat-embed-9.0.111-1.1.aarch64",
"openSUSE Tumbleweed:tomcat-embed-9.0.111-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat-embed-9.0.111-1.1.s390x",
"openSUSE Tumbleweed:tomcat-embed-9.0.111-1.1.x86_64",
"openSUSE Tumbleweed:tomcat-javadoc-9.0.111-1.1.aarch64",
"openSUSE Tumbleweed:tomcat-javadoc-9.0.111-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat-javadoc-9.0.111-1.1.s390x",
"openSUSE Tumbleweed:tomcat-javadoc-9.0.111-1.1.x86_64",
"openSUSE Tumbleweed:tomcat-jsp-2_3-api-9.0.111-1.1.aarch64",
"openSUSE Tumbleweed:tomcat-jsp-2_3-api-9.0.111-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat-jsp-2_3-api-9.0.111-1.1.s390x",
"openSUSE Tumbleweed:tomcat-jsp-2_3-api-9.0.111-1.1.x86_64",
"openSUSE Tumbleweed:tomcat-jsvc-9.0.111-1.1.aarch64",
"openSUSE Tumbleweed:tomcat-jsvc-9.0.111-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat-jsvc-9.0.111-1.1.s390x",
"openSUSE Tumbleweed:tomcat-jsvc-9.0.111-1.1.x86_64",
"openSUSE Tumbleweed:tomcat-lib-9.0.111-1.1.aarch64",
"openSUSE Tumbleweed:tomcat-lib-9.0.111-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat-lib-9.0.111-1.1.s390x",
"openSUSE Tumbleweed:tomcat-lib-9.0.111-1.1.x86_64",
"openSUSE Tumbleweed:tomcat-servlet-4_0-api-9.0.111-1.1.aarch64",
"openSUSE Tumbleweed:tomcat-servlet-4_0-api-9.0.111-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat-servlet-4_0-api-9.0.111-1.1.s390x",
"openSUSE Tumbleweed:tomcat-servlet-4_0-api-9.0.111-1.1.x86_64",
"openSUSE Tumbleweed:tomcat-webapps-9.0.111-1.1.aarch64",
"openSUSE Tumbleweed:tomcat-webapps-9.0.111-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat-webapps-9.0.111-1.1.s390x",
"openSUSE Tumbleweed:tomcat-webapps-9.0.111-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:tomcat-9.0.111-1.1.aarch64",
"openSUSE Tumbleweed:tomcat-9.0.111-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat-9.0.111-1.1.s390x",
"openSUSE Tumbleweed:tomcat-9.0.111-1.1.x86_64",
"openSUSE Tumbleweed:tomcat-admin-webapps-9.0.111-1.1.aarch64",
"openSUSE Tumbleweed:tomcat-admin-webapps-9.0.111-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat-admin-webapps-9.0.111-1.1.s390x",
"openSUSE Tumbleweed:tomcat-admin-webapps-9.0.111-1.1.x86_64",
"openSUSE Tumbleweed:tomcat-docs-webapp-9.0.111-1.1.aarch64",
"openSUSE Tumbleweed:tomcat-docs-webapp-9.0.111-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat-docs-webapp-9.0.111-1.1.s390x",
"openSUSE Tumbleweed:tomcat-docs-webapp-9.0.111-1.1.x86_64",
"openSUSE Tumbleweed:tomcat-el-3_0-api-9.0.111-1.1.aarch64",
"openSUSE Tumbleweed:tomcat-el-3_0-api-9.0.111-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat-el-3_0-api-9.0.111-1.1.s390x",
"openSUSE Tumbleweed:tomcat-el-3_0-api-9.0.111-1.1.x86_64",
"openSUSE Tumbleweed:tomcat-embed-9.0.111-1.1.aarch64",
"openSUSE Tumbleweed:tomcat-embed-9.0.111-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat-embed-9.0.111-1.1.s390x",
"openSUSE Tumbleweed:tomcat-embed-9.0.111-1.1.x86_64",
"openSUSE Tumbleweed:tomcat-javadoc-9.0.111-1.1.aarch64",
"openSUSE Tumbleweed:tomcat-javadoc-9.0.111-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat-javadoc-9.0.111-1.1.s390x",
"openSUSE Tumbleweed:tomcat-javadoc-9.0.111-1.1.x86_64",
"openSUSE Tumbleweed:tomcat-jsp-2_3-api-9.0.111-1.1.aarch64",
"openSUSE Tumbleweed:tomcat-jsp-2_3-api-9.0.111-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat-jsp-2_3-api-9.0.111-1.1.s390x",
"openSUSE Tumbleweed:tomcat-jsp-2_3-api-9.0.111-1.1.x86_64",
"openSUSE Tumbleweed:tomcat-jsvc-9.0.111-1.1.aarch64",
"openSUSE Tumbleweed:tomcat-jsvc-9.0.111-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat-jsvc-9.0.111-1.1.s390x",
"openSUSE Tumbleweed:tomcat-jsvc-9.0.111-1.1.x86_64",
"openSUSE Tumbleweed:tomcat-lib-9.0.111-1.1.aarch64",
"openSUSE Tumbleweed:tomcat-lib-9.0.111-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat-lib-9.0.111-1.1.s390x",
"openSUSE Tumbleweed:tomcat-lib-9.0.111-1.1.x86_64",
"openSUSE Tumbleweed:tomcat-servlet-4_0-api-9.0.111-1.1.aarch64",
"openSUSE Tumbleweed:tomcat-servlet-4_0-api-9.0.111-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat-servlet-4_0-api-9.0.111-1.1.s390x",
"openSUSE Tumbleweed:tomcat-servlet-4_0-api-9.0.111-1.1.x86_64",
"openSUSE Tumbleweed:tomcat-webapps-9.0.111-1.1.aarch64",
"openSUSE Tumbleweed:tomcat-webapps-9.0.111-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat-webapps-9.0.111-1.1.s390x",
"openSUSE Tumbleweed:tomcat-webapps-9.0.111-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-07T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-61795"
}
]
}
opensuse-su-2025:15717-1
Vulnerability from csaf_opensuse
Published
2025-11-07 00:00
Modified
2025-11-07 00:00
Summary
tomcat10-10.1.48-1.1 on GA media
Notes
Title of the patch
tomcat10-10.1.48-1.1 on GA media
Description of the patch
These are all security issues fixed in the tomcat10-10.1.48-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2025-15717
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "tomcat10-10.1.48-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the tomcat10-10.1.48-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2025-15717",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_15717-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-55752 page",
"url": "https://www.suse.com/security/cve/CVE-2025-55752/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-55754 page",
"url": "https://www.suse.com/security/cve/CVE-2025-55754/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-61795 page",
"url": "https://www.suse.com/security/cve/CVE-2025-61795/"
}
],
"title": "tomcat10-10.1.48-1.1 on GA media",
"tracking": {
"current_release_date": "2025-11-07T00:00:00Z",
"generator": {
"date": "2025-11-07T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2025:15717-1",
"initial_release_date": "2025-11-07T00:00:00Z",
"revision_history": [
{
"date": "2025-11-07T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "tomcat10-10.1.48-1.1.aarch64",
"product": {
"name": "tomcat10-10.1.48-1.1.aarch64",
"product_id": "tomcat10-10.1.48-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "tomcat10-admin-webapps-10.1.48-1.1.aarch64",
"product": {
"name": "tomcat10-admin-webapps-10.1.48-1.1.aarch64",
"product_id": "tomcat10-admin-webapps-10.1.48-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "tomcat10-doc-10.1.48-1.1.aarch64",
"product": {
"name": "tomcat10-doc-10.1.48-1.1.aarch64",
"product_id": "tomcat10-doc-10.1.48-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "tomcat10-docs-webapp-10.1.48-1.1.aarch64",
"product": {
"name": "tomcat10-docs-webapp-10.1.48-1.1.aarch64",
"product_id": "tomcat10-docs-webapp-10.1.48-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "tomcat10-el-5_0-api-10.1.48-1.1.aarch64",
"product": {
"name": "tomcat10-el-5_0-api-10.1.48-1.1.aarch64",
"product_id": "tomcat10-el-5_0-api-10.1.48-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "tomcat10-embed-10.1.48-1.1.aarch64",
"product": {
"name": "tomcat10-embed-10.1.48-1.1.aarch64",
"product_id": "tomcat10-embed-10.1.48-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "tomcat10-jsp-3_1-api-10.1.48-1.1.aarch64",
"product": {
"name": "tomcat10-jsp-3_1-api-10.1.48-1.1.aarch64",
"product_id": "tomcat10-jsp-3_1-api-10.1.48-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "tomcat10-jsvc-10.1.48-1.1.aarch64",
"product": {
"name": "tomcat10-jsvc-10.1.48-1.1.aarch64",
"product_id": "tomcat10-jsvc-10.1.48-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "tomcat10-lib-10.1.48-1.1.aarch64",
"product": {
"name": "tomcat10-lib-10.1.48-1.1.aarch64",
"product_id": "tomcat10-lib-10.1.48-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "tomcat10-servlet-6_0-api-10.1.48-1.1.aarch64",
"product": {
"name": "tomcat10-servlet-6_0-api-10.1.48-1.1.aarch64",
"product_id": "tomcat10-servlet-6_0-api-10.1.48-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "tomcat10-webapps-10.1.48-1.1.aarch64",
"product": {
"name": "tomcat10-webapps-10.1.48-1.1.aarch64",
"product_id": "tomcat10-webapps-10.1.48-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "tomcat10-10.1.48-1.1.ppc64le",
"product": {
"name": "tomcat10-10.1.48-1.1.ppc64le",
"product_id": "tomcat10-10.1.48-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "tomcat10-admin-webapps-10.1.48-1.1.ppc64le",
"product": {
"name": "tomcat10-admin-webapps-10.1.48-1.1.ppc64le",
"product_id": "tomcat10-admin-webapps-10.1.48-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "tomcat10-doc-10.1.48-1.1.ppc64le",
"product": {
"name": "tomcat10-doc-10.1.48-1.1.ppc64le",
"product_id": "tomcat10-doc-10.1.48-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "tomcat10-docs-webapp-10.1.48-1.1.ppc64le",
"product": {
"name": "tomcat10-docs-webapp-10.1.48-1.1.ppc64le",
"product_id": "tomcat10-docs-webapp-10.1.48-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "tomcat10-el-5_0-api-10.1.48-1.1.ppc64le",
"product": {
"name": "tomcat10-el-5_0-api-10.1.48-1.1.ppc64le",
"product_id": "tomcat10-el-5_0-api-10.1.48-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "tomcat10-embed-10.1.48-1.1.ppc64le",
"product": {
"name": "tomcat10-embed-10.1.48-1.1.ppc64le",
"product_id": "tomcat10-embed-10.1.48-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "tomcat10-jsp-3_1-api-10.1.48-1.1.ppc64le",
"product": {
"name": "tomcat10-jsp-3_1-api-10.1.48-1.1.ppc64le",
"product_id": "tomcat10-jsp-3_1-api-10.1.48-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "tomcat10-jsvc-10.1.48-1.1.ppc64le",
"product": {
"name": "tomcat10-jsvc-10.1.48-1.1.ppc64le",
"product_id": "tomcat10-jsvc-10.1.48-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "tomcat10-lib-10.1.48-1.1.ppc64le",
"product": {
"name": "tomcat10-lib-10.1.48-1.1.ppc64le",
"product_id": "tomcat10-lib-10.1.48-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "tomcat10-servlet-6_0-api-10.1.48-1.1.ppc64le",
"product": {
"name": "tomcat10-servlet-6_0-api-10.1.48-1.1.ppc64le",
"product_id": "tomcat10-servlet-6_0-api-10.1.48-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "tomcat10-webapps-10.1.48-1.1.ppc64le",
"product": {
"name": "tomcat10-webapps-10.1.48-1.1.ppc64le",
"product_id": "tomcat10-webapps-10.1.48-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "tomcat10-10.1.48-1.1.s390x",
"product": {
"name": "tomcat10-10.1.48-1.1.s390x",
"product_id": "tomcat10-10.1.48-1.1.s390x"
}
},
{
"category": "product_version",
"name": "tomcat10-admin-webapps-10.1.48-1.1.s390x",
"product": {
"name": "tomcat10-admin-webapps-10.1.48-1.1.s390x",
"product_id": "tomcat10-admin-webapps-10.1.48-1.1.s390x"
}
},
{
"category": "product_version",
"name": "tomcat10-doc-10.1.48-1.1.s390x",
"product": {
"name": "tomcat10-doc-10.1.48-1.1.s390x",
"product_id": "tomcat10-doc-10.1.48-1.1.s390x"
}
},
{
"category": "product_version",
"name": "tomcat10-docs-webapp-10.1.48-1.1.s390x",
"product": {
"name": "tomcat10-docs-webapp-10.1.48-1.1.s390x",
"product_id": "tomcat10-docs-webapp-10.1.48-1.1.s390x"
}
},
{
"category": "product_version",
"name": "tomcat10-el-5_0-api-10.1.48-1.1.s390x",
"product": {
"name": "tomcat10-el-5_0-api-10.1.48-1.1.s390x",
"product_id": "tomcat10-el-5_0-api-10.1.48-1.1.s390x"
}
},
{
"category": "product_version",
"name": "tomcat10-embed-10.1.48-1.1.s390x",
"product": {
"name": "tomcat10-embed-10.1.48-1.1.s390x",
"product_id": "tomcat10-embed-10.1.48-1.1.s390x"
}
},
{
"category": "product_version",
"name": "tomcat10-jsp-3_1-api-10.1.48-1.1.s390x",
"product": {
"name": "tomcat10-jsp-3_1-api-10.1.48-1.1.s390x",
"product_id": "tomcat10-jsp-3_1-api-10.1.48-1.1.s390x"
}
},
{
"category": "product_version",
"name": "tomcat10-jsvc-10.1.48-1.1.s390x",
"product": {
"name": "tomcat10-jsvc-10.1.48-1.1.s390x",
"product_id": "tomcat10-jsvc-10.1.48-1.1.s390x"
}
},
{
"category": "product_version",
"name": "tomcat10-lib-10.1.48-1.1.s390x",
"product": {
"name": "tomcat10-lib-10.1.48-1.1.s390x",
"product_id": "tomcat10-lib-10.1.48-1.1.s390x"
}
},
{
"category": "product_version",
"name": "tomcat10-servlet-6_0-api-10.1.48-1.1.s390x",
"product": {
"name": "tomcat10-servlet-6_0-api-10.1.48-1.1.s390x",
"product_id": "tomcat10-servlet-6_0-api-10.1.48-1.1.s390x"
}
},
{
"category": "product_version",
"name": "tomcat10-webapps-10.1.48-1.1.s390x",
"product": {
"name": "tomcat10-webapps-10.1.48-1.1.s390x",
"product_id": "tomcat10-webapps-10.1.48-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "tomcat10-10.1.48-1.1.x86_64",
"product": {
"name": "tomcat10-10.1.48-1.1.x86_64",
"product_id": "tomcat10-10.1.48-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "tomcat10-admin-webapps-10.1.48-1.1.x86_64",
"product": {
"name": "tomcat10-admin-webapps-10.1.48-1.1.x86_64",
"product_id": "tomcat10-admin-webapps-10.1.48-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "tomcat10-doc-10.1.48-1.1.x86_64",
"product": {
"name": "tomcat10-doc-10.1.48-1.1.x86_64",
"product_id": "tomcat10-doc-10.1.48-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "tomcat10-docs-webapp-10.1.48-1.1.x86_64",
"product": {
"name": "tomcat10-docs-webapp-10.1.48-1.1.x86_64",
"product_id": "tomcat10-docs-webapp-10.1.48-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "tomcat10-el-5_0-api-10.1.48-1.1.x86_64",
"product": {
"name": "tomcat10-el-5_0-api-10.1.48-1.1.x86_64",
"product_id": "tomcat10-el-5_0-api-10.1.48-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "tomcat10-embed-10.1.48-1.1.x86_64",
"product": {
"name": "tomcat10-embed-10.1.48-1.1.x86_64",
"product_id": "tomcat10-embed-10.1.48-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "tomcat10-jsp-3_1-api-10.1.48-1.1.x86_64",
"product": {
"name": "tomcat10-jsp-3_1-api-10.1.48-1.1.x86_64",
"product_id": "tomcat10-jsp-3_1-api-10.1.48-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "tomcat10-jsvc-10.1.48-1.1.x86_64",
"product": {
"name": "tomcat10-jsvc-10.1.48-1.1.x86_64",
"product_id": "tomcat10-jsvc-10.1.48-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "tomcat10-lib-10.1.48-1.1.x86_64",
"product": {
"name": "tomcat10-lib-10.1.48-1.1.x86_64",
"product_id": "tomcat10-lib-10.1.48-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "tomcat10-servlet-6_0-api-10.1.48-1.1.x86_64",
"product": {
"name": "tomcat10-servlet-6_0-api-10.1.48-1.1.x86_64",
"product_id": "tomcat10-servlet-6_0-api-10.1.48-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "tomcat10-webapps-10.1.48-1.1.x86_64",
"product": {
"name": "tomcat10-webapps-10.1.48-1.1.x86_64",
"product_id": "tomcat10-webapps-10.1.48-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat10-10.1.48-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tomcat10-10.1.48-1.1.aarch64"
},
"product_reference": "tomcat10-10.1.48-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat10-10.1.48-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tomcat10-10.1.48-1.1.ppc64le"
},
"product_reference": "tomcat10-10.1.48-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat10-10.1.48-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tomcat10-10.1.48-1.1.s390x"
},
"product_reference": "tomcat10-10.1.48-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat10-10.1.48-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tomcat10-10.1.48-1.1.x86_64"
},
"product_reference": "tomcat10-10.1.48-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat10-admin-webapps-10.1.48-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tomcat10-admin-webapps-10.1.48-1.1.aarch64"
},
"product_reference": "tomcat10-admin-webapps-10.1.48-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat10-admin-webapps-10.1.48-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tomcat10-admin-webapps-10.1.48-1.1.ppc64le"
},
"product_reference": "tomcat10-admin-webapps-10.1.48-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat10-admin-webapps-10.1.48-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tomcat10-admin-webapps-10.1.48-1.1.s390x"
},
"product_reference": "tomcat10-admin-webapps-10.1.48-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat10-admin-webapps-10.1.48-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tomcat10-admin-webapps-10.1.48-1.1.x86_64"
},
"product_reference": "tomcat10-admin-webapps-10.1.48-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat10-doc-10.1.48-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tomcat10-doc-10.1.48-1.1.aarch64"
},
"product_reference": "tomcat10-doc-10.1.48-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat10-doc-10.1.48-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tomcat10-doc-10.1.48-1.1.ppc64le"
},
"product_reference": "tomcat10-doc-10.1.48-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat10-doc-10.1.48-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tomcat10-doc-10.1.48-1.1.s390x"
},
"product_reference": "tomcat10-doc-10.1.48-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat10-doc-10.1.48-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tomcat10-doc-10.1.48-1.1.x86_64"
},
"product_reference": "tomcat10-doc-10.1.48-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat10-docs-webapp-10.1.48-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tomcat10-docs-webapp-10.1.48-1.1.aarch64"
},
"product_reference": "tomcat10-docs-webapp-10.1.48-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat10-docs-webapp-10.1.48-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tomcat10-docs-webapp-10.1.48-1.1.ppc64le"
},
"product_reference": "tomcat10-docs-webapp-10.1.48-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat10-docs-webapp-10.1.48-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tomcat10-docs-webapp-10.1.48-1.1.s390x"
},
"product_reference": "tomcat10-docs-webapp-10.1.48-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat10-docs-webapp-10.1.48-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tomcat10-docs-webapp-10.1.48-1.1.x86_64"
},
"product_reference": "tomcat10-docs-webapp-10.1.48-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat10-el-5_0-api-10.1.48-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tomcat10-el-5_0-api-10.1.48-1.1.aarch64"
},
"product_reference": "tomcat10-el-5_0-api-10.1.48-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat10-el-5_0-api-10.1.48-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tomcat10-el-5_0-api-10.1.48-1.1.ppc64le"
},
"product_reference": "tomcat10-el-5_0-api-10.1.48-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat10-el-5_0-api-10.1.48-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tomcat10-el-5_0-api-10.1.48-1.1.s390x"
},
"product_reference": "tomcat10-el-5_0-api-10.1.48-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat10-el-5_0-api-10.1.48-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tomcat10-el-5_0-api-10.1.48-1.1.x86_64"
},
"product_reference": "tomcat10-el-5_0-api-10.1.48-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat10-embed-10.1.48-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tomcat10-embed-10.1.48-1.1.aarch64"
},
"product_reference": "tomcat10-embed-10.1.48-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat10-embed-10.1.48-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tomcat10-embed-10.1.48-1.1.ppc64le"
},
"product_reference": "tomcat10-embed-10.1.48-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat10-embed-10.1.48-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tomcat10-embed-10.1.48-1.1.s390x"
},
"product_reference": "tomcat10-embed-10.1.48-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat10-embed-10.1.48-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tomcat10-embed-10.1.48-1.1.x86_64"
},
"product_reference": "tomcat10-embed-10.1.48-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat10-jsp-3_1-api-10.1.48-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tomcat10-jsp-3_1-api-10.1.48-1.1.aarch64"
},
"product_reference": "tomcat10-jsp-3_1-api-10.1.48-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat10-jsp-3_1-api-10.1.48-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tomcat10-jsp-3_1-api-10.1.48-1.1.ppc64le"
},
"product_reference": "tomcat10-jsp-3_1-api-10.1.48-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat10-jsp-3_1-api-10.1.48-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tomcat10-jsp-3_1-api-10.1.48-1.1.s390x"
},
"product_reference": "tomcat10-jsp-3_1-api-10.1.48-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat10-jsp-3_1-api-10.1.48-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tomcat10-jsp-3_1-api-10.1.48-1.1.x86_64"
},
"product_reference": "tomcat10-jsp-3_1-api-10.1.48-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat10-jsvc-10.1.48-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tomcat10-jsvc-10.1.48-1.1.aarch64"
},
"product_reference": "tomcat10-jsvc-10.1.48-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat10-jsvc-10.1.48-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tomcat10-jsvc-10.1.48-1.1.ppc64le"
},
"product_reference": "tomcat10-jsvc-10.1.48-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat10-jsvc-10.1.48-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tomcat10-jsvc-10.1.48-1.1.s390x"
},
"product_reference": "tomcat10-jsvc-10.1.48-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat10-jsvc-10.1.48-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tomcat10-jsvc-10.1.48-1.1.x86_64"
},
"product_reference": "tomcat10-jsvc-10.1.48-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat10-lib-10.1.48-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tomcat10-lib-10.1.48-1.1.aarch64"
},
"product_reference": "tomcat10-lib-10.1.48-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat10-lib-10.1.48-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tomcat10-lib-10.1.48-1.1.ppc64le"
},
"product_reference": "tomcat10-lib-10.1.48-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat10-lib-10.1.48-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tomcat10-lib-10.1.48-1.1.s390x"
},
"product_reference": "tomcat10-lib-10.1.48-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat10-lib-10.1.48-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tomcat10-lib-10.1.48-1.1.x86_64"
},
"product_reference": "tomcat10-lib-10.1.48-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat10-servlet-6_0-api-10.1.48-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tomcat10-servlet-6_0-api-10.1.48-1.1.aarch64"
},
"product_reference": "tomcat10-servlet-6_0-api-10.1.48-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat10-servlet-6_0-api-10.1.48-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tomcat10-servlet-6_0-api-10.1.48-1.1.ppc64le"
},
"product_reference": "tomcat10-servlet-6_0-api-10.1.48-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat10-servlet-6_0-api-10.1.48-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tomcat10-servlet-6_0-api-10.1.48-1.1.s390x"
},
"product_reference": "tomcat10-servlet-6_0-api-10.1.48-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat10-servlet-6_0-api-10.1.48-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tomcat10-servlet-6_0-api-10.1.48-1.1.x86_64"
},
"product_reference": "tomcat10-servlet-6_0-api-10.1.48-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat10-webapps-10.1.48-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tomcat10-webapps-10.1.48-1.1.aarch64"
},
"product_reference": "tomcat10-webapps-10.1.48-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat10-webapps-10.1.48-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tomcat10-webapps-10.1.48-1.1.ppc64le"
},
"product_reference": "tomcat10-webapps-10.1.48-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat10-webapps-10.1.48-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tomcat10-webapps-10.1.48-1.1.s390x"
},
"product_reference": "tomcat10-webapps-10.1.48-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat10-webapps-10.1.48-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tomcat10-webapps-10.1.48-1.1.x86_64"
},
"product_reference": "tomcat10-webapps-10.1.48-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-55752",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-55752"
}
],
"notes": [
{
"category": "general",
"text": "Relative Path Traversal vulnerability in Apache Tomcat.\n\nThe fix for bug 60013 introduced a regression where the rewritten URL was normalized before it was decoded. This introduced the possibility that, for rewrite rules that rewrite query parameters to the URL, an attacker could manipulate the request URI to bypass security constraints including the protection for /WEB-INF/ and /META-INF/. If PUT requests were also enabled then malicious files could be uploaded leading to remote code execution. PUT requests are normally limited to trusted users and it is considered unlikely that PUT requests would be enabled in conjunction with a rewrite that manipulated the URI.\n\n\n\nThis issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.10, from 10.1.0-M1 through 10.1.44, from 9.0.0.M11 through 9.0.108.\n\nThe following versions were EOL at the time the CVE was created but are \nknown to be affected: 8.5.6 though 8.5.100. Other, older, EOL versions may also be affected.\nUsers are recommended to upgrade to version 11.0.11 or later, 10.1.45 or later or 9.0.109 or later, which fix the issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tomcat10-10.1.48-1.1.aarch64",
"openSUSE Tumbleweed:tomcat10-10.1.48-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat10-10.1.48-1.1.s390x",
"openSUSE Tumbleweed:tomcat10-10.1.48-1.1.x86_64",
"openSUSE Tumbleweed:tomcat10-admin-webapps-10.1.48-1.1.aarch64",
"openSUSE Tumbleweed:tomcat10-admin-webapps-10.1.48-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat10-admin-webapps-10.1.48-1.1.s390x",
"openSUSE Tumbleweed:tomcat10-admin-webapps-10.1.48-1.1.x86_64",
"openSUSE Tumbleweed:tomcat10-doc-10.1.48-1.1.aarch64",
"openSUSE Tumbleweed:tomcat10-doc-10.1.48-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat10-doc-10.1.48-1.1.s390x",
"openSUSE Tumbleweed:tomcat10-doc-10.1.48-1.1.x86_64",
"openSUSE Tumbleweed:tomcat10-docs-webapp-10.1.48-1.1.aarch64",
"openSUSE Tumbleweed:tomcat10-docs-webapp-10.1.48-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat10-docs-webapp-10.1.48-1.1.s390x",
"openSUSE Tumbleweed:tomcat10-docs-webapp-10.1.48-1.1.x86_64",
"openSUSE Tumbleweed:tomcat10-el-5_0-api-10.1.48-1.1.aarch64",
"openSUSE Tumbleweed:tomcat10-el-5_0-api-10.1.48-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat10-el-5_0-api-10.1.48-1.1.s390x",
"openSUSE Tumbleweed:tomcat10-el-5_0-api-10.1.48-1.1.x86_64",
"openSUSE Tumbleweed:tomcat10-embed-10.1.48-1.1.aarch64",
"openSUSE Tumbleweed:tomcat10-embed-10.1.48-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat10-embed-10.1.48-1.1.s390x",
"openSUSE Tumbleweed:tomcat10-embed-10.1.48-1.1.x86_64",
"openSUSE Tumbleweed:tomcat10-jsp-3_1-api-10.1.48-1.1.aarch64",
"openSUSE Tumbleweed:tomcat10-jsp-3_1-api-10.1.48-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat10-jsp-3_1-api-10.1.48-1.1.s390x",
"openSUSE Tumbleweed:tomcat10-jsp-3_1-api-10.1.48-1.1.x86_64",
"openSUSE Tumbleweed:tomcat10-jsvc-10.1.48-1.1.aarch64",
"openSUSE Tumbleweed:tomcat10-jsvc-10.1.48-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat10-jsvc-10.1.48-1.1.s390x",
"openSUSE Tumbleweed:tomcat10-jsvc-10.1.48-1.1.x86_64",
"openSUSE Tumbleweed:tomcat10-lib-10.1.48-1.1.aarch64",
"openSUSE Tumbleweed:tomcat10-lib-10.1.48-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat10-lib-10.1.48-1.1.s390x",
"openSUSE Tumbleweed:tomcat10-lib-10.1.48-1.1.x86_64",
"openSUSE Tumbleweed:tomcat10-servlet-6_0-api-10.1.48-1.1.aarch64",
"openSUSE Tumbleweed:tomcat10-servlet-6_0-api-10.1.48-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat10-servlet-6_0-api-10.1.48-1.1.s390x",
"openSUSE Tumbleweed:tomcat10-servlet-6_0-api-10.1.48-1.1.x86_64",
"openSUSE Tumbleweed:tomcat10-webapps-10.1.48-1.1.aarch64",
"openSUSE Tumbleweed:tomcat10-webapps-10.1.48-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat10-webapps-10.1.48-1.1.s390x",
"openSUSE Tumbleweed:tomcat10-webapps-10.1.48-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-55752",
"url": "https://www.suse.com/security/cve/CVE-2025-55752"
},
{
"category": "external",
"summary": "SUSE Bug 1252753 for CVE-2025-55752",
"url": "https://bugzilla.suse.com/1252753"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tomcat10-10.1.48-1.1.aarch64",
"openSUSE Tumbleweed:tomcat10-10.1.48-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat10-10.1.48-1.1.s390x",
"openSUSE Tumbleweed:tomcat10-10.1.48-1.1.x86_64",
"openSUSE Tumbleweed:tomcat10-admin-webapps-10.1.48-1.1.aarch64",
"openSUSE Tumbleweed:tomcat10-admin-webapps-10.1.48-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat10-admin-webapps-10.1.48-1.1.s390x",
"openSUSE Tumbleweed:tomcat10-admin-webapps-10.1.48-1.1.x86_64",
"openSUSE Tumbleweed:tomcat10-doc-10.1.48-1.1.aarch64",
"openSUSE Tumbleweed:tomcat10-doc-10.1.48-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat10-doc-10.1.48-1.1.s390x",
"openSUSE Tumbleweed:tomcat10-doc-10.1.48-1.1.x86_64",
"openSUSE Tumbleweed:tomcat10-docs-webapp-10.1.48-1.1.aarch64",
"openSUSE Tumbleweed:tomcat10-docs-webapp-10.1.48-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat10-docs-webapp-10.1.48-1.1.s390x",
"openSUSE Tumbleweed:tomcat10-docs-webapp-10.1.48-1.1.x86_64",
"openSUSE Tumbleweed:tomcat10-el-5_0-api-10.1.48-1.1.aarch64",
"openSUSE Tumbleweed:tomcat10-el-5_0-api-10.1.48-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat10-el-5_0-api-10.1.48-1.1.s390x",
"openSUSE Tumbleweed:tomcat10-el-5_0-api-10.1.48-1.1.x86_64",
"openSUSE Tumbleweed:tomcat10-embed-10.1.48-1.1.aarch64",
"openSUSE Tumbleweed:tomcat10-embed-10.1.48-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat10-embed-10.1.48-1.1.s390x",
"openSUSE Tumbleweed:tomcat10-embed-10.1.48-1.1.x86_64",
"openSUSE Tumbleweed:tomcat10-jsp-3_1-api-10.1.48-1.1.aarch64",
"openSUSE Tumbleweed:tomcat10-jsp-3_1-api-10.1.48-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat10-jsp-3_1-api-10.1.48-1.1.s390x",
"openSUSE Tumbleweed:tomcat10-jsp-3_1-api-10.1.48-1.1.x86_64",
"openSUSE Tumbleweed:tomcat10-jsvc-10.1.48-1.1.aarch64",
"openSUSE Tumbleweed:tomcat10-jsvc-10.1.48-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat10-jsvc-10.1.48-1.1.s390x",
"openSUSE Tumbleweed:tomcat10-jsvc-10.1.48-1.1.x86_64",
"openSUSE Tumbleweed:tomcat10-lib-10.1.48-1.1.aarch64",
"openSUSE Tumbleweed:tomcat10-lib-10.1.48-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat10-lib-10.1.48-1.1.s390x",
"openSUSE Tumbleweed:tomcat10-lib-10.1.48-1.1.x86_64",
"openSUSE Tumbleweed:tomcat10-servlet-6_0-api-10.1.48-1.1.aarch64",
"openSUSE Tumbleweed:tomcat10-servlet-6_0-api-10.1.48-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat10-servlet-6_0-api-10.1.48-1.1.s390x",
"openSUSE Tumbleweed:tomcat10-servlet-6_0-api-10.1.48-1.1.x86_64",
"openSUSE Tumbleweed:tomcat10-webapps-10.1.48-1.1.aarch64",
"openSUSE Tumbleweed:tomcat10-webapps-10.1.48-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat10-webapps-10.1.48-1.1.s390x",
"openSUSE Tumbleweed:tomcat10-webapps-10.1.48-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:tomcat10-10.1.48-1.1.aarch64",
"openSUSE Tumbleweed:tomcat10-10.1.48-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat10-10.1.48-1.1.s390x",
"openSUSE Tumbleweed:tomcat10-10.1.48-1.1.x86_64",
"openSUSE Tumbleweed:tomcat10-admin-webapps-10.1.48-1.1.aarch64",
"openSUSE Tumbleweed:tomcat10-admin-webapps-10.1.48-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat10-admin-webapps-10.1.48-1.1.s390x",
"openSUSE Tumbleweed:tomcat10-admin-webapps-10.1.48-1.1.x86_64",
"openSUSE Tumbleweed:tomcat10-doc-10.1.48-1.1.aarch64",
"openSUSE Tumbleweed:tomcat10-doc-10.1.48-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat10-doc-10.1.48-1.1.s390x",
"openSUSE Tumbleweed:tomcat10-doc-10.1.48-1.1.x86_64",
"openSUSE Tumbleweed:tomcat10-docs-webapp-10.1.48-1.1.aarch64",
"openSUSE Tumbleweed:tomcat10-docs-webapp-10.1.48-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat10-docs-webapp-10.1.48-1.1.s390x",
"openSUSE Tumbleweed:tomcat10-docs-webapp-10.1.48-1.1.x86_64",
"openSUSE Tumbleweed:tomcat10-el-5_0-api-10.1.48-1.1.aarch64",
"openSUSE Tumbleweed:tomcat10-el-5_0-api-10.1.48-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat10-el-5_0-api-10.1.48-1.1.s390x",
"openSUSE Tumbleweed:tomcat10-el-5_0-api-10.1.48-1.1.x86_64",
"openSUSE Tumbleweed:tomcat10-embed-10.1.48-1.1.aarch64",
"openSUSE Tumbleweed:tomcat10-embed-10.1.48-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat10-embed-10.1.48-1.1.s390x",
"openSUSE Tumbleweed:tomcat10-embed-10.1.48-1.1.x86_64",
"openSUSE Tumbleweed:tomcat10-jsp-3_1-api-10.1.48-1.1.aarch64",
"openSUSE Tumbleweed:tomcat10-jsp-3_1-api-10.1.48-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat10-jsp-3_1-api-10.1.48-1.1.s390x",
"openSUSE Tumbleweed:tomcat10-jsp-3_1-api-10.1.48-1.1.x86_64",
"openSUSE Tumbleweed:tomcat10-jsvc-10.1.48-1.1.aarch64",
"openSUSE Tumbleweed:tomcat10-jsvc-10.1.48-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat10-jsvc-10.1.48-1.1.s390x",
"openSUSE Tumbleweed:tomcat10-jsvc-10.1.48-1.1.x86_64",
"openSUSE Tumbleweed:tomcat10-lib-10.1.48-1.1.aarch64",
"openSUSE Tumbleweed:tomcat10-lib-10.1.48-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat10-lib-10.1.48-1.1.s390x",
"openSUSE Tumbleweed:tomcat10-lib-10.1.48-1.1.x86_64",
"openSUSE Tumbleweed:tomcat10-servlet-6_0-api-10.1.48-1.1.aarch64",
"openSUSE Tumbleweed:tomcat10-servlet-6_0-api-10.1.48-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat10-servlet-6_0-api-10.1.48-1.1.s390x",
"openSUSE Tumbleweed:tomcat10-servlet-6_0-api-10.1.48-1.1.x86_64",
"openSUSE Tumbleweed:tomcat10-webapps-10.1.48-1.1.aarch64",
"openSUSE Tumbleweed:tomcat10-webapps-10.1.48-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat10-webapps-10.1.48-1.1.s390x",
"openSUSE Tumbleweed:tomcat10-webapps-10.1.48-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-07T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-55752"
},
{
"cve": "CVE-2025-55754",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-55754"
}
],
"notes": [
{
"category": "general",
"text": "Improper Neutralization of Escape, Meta, or Control Sequences vulnerability in Apache Tomcat.\n\nTomcat did not escape ANSI escape sequences in log messages. If Tomcat was running in a console on a Windows operating system, and the console supported ANSI escape sequences, it was possible for an attacker to use a specially crafted URL to inject ANSI escape sequences to manipulate the console and the clipboard and attempt to trick an administrator into running an attacker controlled command. While no attack vector was found, it may have been possible to mount this attack on other operating systems.\n\n\n\nThis issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.10, from 10.1.0-M1 through 10.1.44, from 9.0.40 through 9.0.108.\n\nThe following versions were EOL at the time the CVE was created but are \nknown to be affected: 8.5.60 though 8.5.100. Other, older, EOL versions may also be affected.\nUsers are recommended to upgrade to version 11.0.11 or later, 10.1.45 or later or 9.0.109 or later, which fix the issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tomcat10-10.1.48-1.1.aarch64",
"openSUSE Tumbleweed:tomcat10-10.1.48-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat10-10.1.48-1.1.s390x",
"openSUSE Tumbleweed:tomcat10-10.1.48-1.1.x86_64",
"openSUSE Tumbleweed:tomcat10-admin-webapps-10.1.48-1.1.aarch64",
"openSUSE Tumbleweed:tomcat10-admin-webapps-10.1.48-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat10-admin-webapps-10.1.48-1.1.s390x",
"openSUSE Tumbleweed:tomcat10-admin-webapps-10.1.48-1.1.x86_64",
"openSUSE Tumbleweed:tomcat10-doc-10.1.48-1.1.aarch64",
"openSUSE Tumbleweed:tomcat10-doc-10.1.48-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat10-doc-10.1.48-1.1.s390x",
"openSUSE Tumbleweed:tomcat10-doc-10.1.48-1.1.x86_64",
"openSUSE Tumbleweed:tomcat10-docs-webapp-10.1.48-1.1.aarch64",
"openSUSE Tumbleweed:tomcat10-docs-webapp-10.1.48-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat10-docs-webapp-10.1.48-1.1.s390x",
"openSUSE Tumbleweed:tomcat10-docs-webapp-10.1.48-1.1.x86_64",
"openSUSE Tumbleweed:tomcat10-el-5_0-api-10.1.48-1.1.aarch64",
"openSUSE Tumbleweed:tomcat10-el-5_0-api-10.1.48-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat10-el-5_0-api-10.1.48-1.1.s390x",
"openSUSE Tumbleweed:tomcat10-el-5_0-api-10.1.48-1.1.x86_64",
"openSUSE Tumbleweed:tomcat10-embed-10.1.48-1.1.aarch64",
"openSUSE Tumbleweed:tomcat10-embed-10.1.48-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat10-embed-10.1.48-1.1.s390x",
"openSUSE Tumbleweed:tomcat10-embed-10.1.48-1.1.x86_64",
"openSUSE Tumbleweed:tomcat10-jsp-3_1-api-10.1.48-1.1.aarch64",
"openSUSE Tumbleweed:tomcat10-jsp-3_1-api-10.1.48-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat10-jsp-3_1-api-10.1.48-1.1.s390x",
"openSUSE Tumbleweed:tomcat10-jsp-3_1-api-10.1.48-1.1.x86_64",
"openSUSE Tumbleweed:tomcat10-jsvc-10.1.48-1.1.aarch64",
"openSUSE Tumbleweed:tomcat10-jsvc-10.1.48-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat10-jsvc-10.1.48-1.1.s390x",
"openSUSE Tumbleweed:tomcat10-jsvc-10.1.48-1.1.x86_64",
"openSUSE Tumbleweed:tomcat10-lib-10.1.48-1.1.aarch64",
"openSUSE Tumbleweed:tomcat10-lib-10.1.48-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat10-lib-10.1.48-1.1.s390x",
"openSUSE Tumbleweed:tomcat10-lib-10.1.48-1.1.x86_64",
"openSUSE Tumbleweed:tomcat10-servlet-6_0-api-10.1.48-1.1.aarch64",
"openSUSE Tumbleweed:tomcat10-servlet-6_0-api-10.1.48-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat10-servlet-6_0-api-10.1.48-1.1.s390x",
"openSUSE Tumbleweed:tomcat10-servlet-6_0-api-10.1.48-1.1.x86_64",
"openSUSE Tumbleweed:tomcat10-webapps-10.1.48-1.1.aarch64",
"openSUSE Tumbleweed:tomcat10-webapps-10.1.48-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat10-webapps-10.1.48-1.1.s390x",
"openSUSE Tumbleweed:tomcat10-webapps-10.1.48-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-55754",
"url": "https://www.suse.com/security/cve/CVE-2025-55754"
},
{
"category": "external",
"summary": "SUSE Bug 1252905 for CVE-2025-55754",
"url": "https://bugzilla.suse.com/1252905"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tomcat10-10.1.48-1.1.aarch64",
"openSUSE Tumbleweed:tomcat10-10.1.48-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat10-10.1.48-1.1.s390x",
"openSUSE Tumbleweed:tomcat10-10.1.48-1.1.x86_64",
"openSUSE Tumbleweed:tomcat10-admin-webapps-10.1.48-1.1.aarch64",
"openSUSE Tumbleweed:tomcat10-admin-webapps-10.1.48-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat10-admin-webapps-10.1.48-1.1.s390x",
"openSUSE Tumbleweed:tomcat10-admin-webapps-10.1.48-1.1.x86_64",
"openSUSE Tumbleweed:tomcat10-doc-10.1.48-1.1.aarch64",
"openSUSE Tumbleweed:tomcat10-doc-10.1.48-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat10-doc-10.1.48-1.1.s390x",
"openSUSE Tumbleweed:tomcat10-doc-10.1.48-1.1.x86_64",
"openSUSE Tumbleweed:tomcat10-docs-webapp-10.1.48-1.1.aarch64",
"openSUSE Tumbleweed:tomcat10-docs-webapp-10.1.48-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat10-docs-webapp-10.1.48-1.1.s390x",
"openSUSE Tumbleweed:tomcat10-docs-webapp-10.1.48-1.1.x86_64",
"openSUSE Tumbleweed:tomcat10-el-5_0-api-10.1.48-1.1.aarch64",
"openSUSE Tumbleweed:tomcat10-el-5_0-api-10.1.48-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat10-el-5_0-api-10.1.48-1.1.s390x",
"openSUSE Tumbleweed:tomcat10-el-5_0-api-10.1.48-1.1.x86_64",
"openSUSE Tumbleweed:tomcat10-embed-10.1.48-1.1.aarch64",
"openSUSE Tumbleweed:tomcat10-embed-10.1.48-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat10-embed-10.1.48-1.1.s390x",
"openSUSE Tumbleweed:tomcat10-embed-10.1.48-1.1.x86_64",
"openSUSE Tumbleweed:tomcat10-jsp-3_1-api-10.1.48-1.1.aarch64",
"openSUSE Tumbleweed:tomcat10-jsp-3_1-api-10.1.48-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat10-jsp-3_1-api-10.1.48-1.1.s390x",
"openSUSE Tumbleweed:tomcat10-jsp-3_1-api-10.1.48-1.1.x86_64",
"openSUSE Tumbleweed:tomcat10-jsvc-10.1.48-1.1.aarch64",
"openSUSE Tumbleweed:tomcat10-jsvc-10.1.48-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat10-jsvc-10.1.48-1.1.s390x",
"openSUSE Tumbleweed:tomcat10-jsvc-10.1.48-1.1.x86_64",
"openSUSE Tumbleweed:tomcat10-lib-10.1.48-1.1.aarch64",
"openSUSE Tumbleweed:tomcat10-lib-10.1.48-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat10-lib-10.1.48-1.1.s390x",
"openSUSE Tumbleweed:tomcat10-lib-10.1.48-1.1.x86_64",
"openSUSE Tumbleweed:tomcat10-servlet-6_0-api-10.1.48-1.1.aarch64",
"openSUSE Tumbleweed:tomcat10-servlet-6_0-api-10.1.48-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat10-servlet-6_0-api-10.1.48-1.1.s390x",
"openSUSE Tumbleweed:tomcat10-servlet-6_0-api-10.1.48-1.1.x86_64",
"openSUSE Tumbleweed:tomcat10-webapps-10.1.48-1.1.aarch64",
"openSUSE Tumbleweed:tomcat10-webapps-10.1.48-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat10-webapps-10.1.48-1.1.s390x",
"openSUSE Tumbleweed:tomcat10-webapps-10.1.48-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:tomcat10-10.1.48-1.1.aarch64",
"openSUSE Tumbleweed:tomcat10-10.1.48-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat10-10.1.48-1.1.s390x",
"openSUSE Tumbleweed:tomcat10-10.1.48-1.1.x86_64",
"openSUSE Tumbleweed:tomcat10-admin-webapps-10.1.48-1.1.aarch64",
"openSUSE Tumbleweed:tomcat10-admin-webapps-10.1.48-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat10-admin-webapps-10.1.48-1.1.s390x",
"openSUSE Tumbleweed:tomcat10-admin-webapps-10.1.48-1.1.x86_64",
"openSUSE Tumbleweed:tomcat10-doc-10.1.48-1.1.aarch64",
"openSUSE Tumbleweed:tomcat10-doc-10.1.48-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat10-doc-10.1.48-1.1.s390x",
"openSUSE Tumbleweed:tomcat10-doc-10.1.48-1.1.x86_64",
"openSUSE Tumbleweed:tomcat10-docs-webapp-10.1.48-1.1.aarch64",
"openSUSE Tumbleweed:tomcat10-docs-webapp-10.1.48-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat10-docs-webapp-10.1.48-1.1.s390x",
"openSUSE Tumbleweed:tomcat10-docs-webapp-10.1.48-1.1.x86_64",
"openSUSE Tumbleweed:tomcat10-el-5_0-api-10.1.48-1.1.aarch64",
"openSUSE Tumbleweed:tomcat10-el-5_0-api-10.1.48-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat10-el-5_0-api-10.1.48-1.1.s390x",
"openSUSE Tumbleweed:tomcat10-el-5_0-api-10.1.48-1.1.x86_64",
"openSUSE Tumbleweed:tomcat10-embed-10.1.48-1.1.aarch64",
"openSUSE Tumbleweed:tomcat10-embed-10.1.48-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat10-embed-10.1.48-1.1.s390x",
"openSUSE Tumbleweed:tomcat10-embed-10.1.48-1.1.x86_64",
"openSUSE Tumbleweed:tomcat10-jsp-3_1-api-10.1.48-1.1.aarch64",
"openSUSE Tumbleweed:tomcat10-jsp-3_1-api-10.1.48-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat10-jsp-3_1-api-10.1.48-1.1.s390x",
"openSUSE Tumbleweed:tomcat10-jsp-3_1-api-10.1.48-1.1.x86_64",
"openSUSE Tumbleweed:tomcat10-jsvc-10.1.48-1.1.aarch64",
"openSUSE Tumbleweed:tomcat10-jsvc-10.1.48-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat10-jsvc-10.1.48-1.1.s390x",
"openSUSE Tumbleweed:tomcat10-jsvc-10.1.48-1.1.x86_64",
"openSUSE Tumbleweed:tomcat10-lib-10.1.48-1.1.aarch64",
"openSUSE Tumbleweed:tomcat10-lib-10.1.48-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat10-lib-10.1.48-1.1.s390x",
"openSUSE Tumbleweed:tomcat10-lib-10.1.48-1.1.x86_64",
"openSUSE Tumbleweed:tomcat10-servlet-6_0-api-10.1.48-1.1.aarch64",
"openSUSE Tumbleweed:tomcat10-servlet-6_0-api-10.1.48-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat10-servlet-6_0-api-10.1.48-1.1.s390x",
"openSUSE Tumbleweed:tomcat10-servlet-6_0-api-10.1.48-1.1.x86_64",
"openSUSE Tumbleweed:tomcat10-webapps-10.1.48-1.1.aarch64",
"openSUSE Tumbleweed:tomcat10-webapps-10.1.48-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat10-webapps-10.1.48-1.1.s390x",
"openSUSE Tumbleweed:tomcat10-webapps-10.1.48-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-07T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-55754"
},
{
"cve": "CVE-2025-61795",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-61795"
}
],
"notes": [
{
"category": "general",
"text": "Improper Resource Shutdown or Release vulnerability in Apache Tomcat.\n\nIf an error occurred (including exceeding limits) during the processing of a multipart upload, temporary copies of the uploaded parts written to disc were not cleaned up immediately but left for the garbage collection process to delete. Depending on JVM settings, application memory usage and application load, it was possible that space for the temporary copies of uploaded parts would be filled faster than GC cleared it, leading to a DoS.\n\n\n\nThis issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.11, from 10.1.0-M1 through 10.1.46, from 9.0.0.M1 through 9.0.109.\n\nThe following versions were EOL at the time the CVE was created but are \nknown to be affected: 8.5.0 though 8.5.100. Other, older, EOL versions may also be affected.\nUsers are recommended to upgrade to version 11.0.12 or later, 10.1.47 or later or 9.0.110 or later which fixes the issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tomcat10-10.1.48-1.1.aarch64",
"openSUSE Tumbleweed:tomcat10-10.1.48-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat10-10.1.48-1.1.s390x",
"openSUSE Tumbleweed:tomcat10-10.1.48-1.1.x86_64",
"openSUSE Tumbleweed:tomcat10-admin-webapps-10.1.48-1.1.aarch64",
"openSUSE Tumbleweed:tomcat10-admin-webapps-10.1.48-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat10-admin-webapps-10.1.48-1.1.s390x",
"openSUSE Tumbleweed:tomcat10-admin-webapps-10.1.48-1.1.x86_64",
"openSUSE Tumbleweed:tomcat10-doc-10.1.48-1.1.aarch64",
"openSUSE Tumbleweed:tomcat10-doc-10.1.48-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat10-doc-10.1.48-1.1.s390x",
"openSUSE Tumbleweed:tomcat10-doc-10.1.48-1.1.x86_64",
"openSUSE Tumbleweed:tomcat10-docs-webapp-10.1.48-1.1.aarch64",
"openSUSE Tumbleweed:tomcat10-docs-webapp-10.1.48-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat10-docs-webapp-10.1.48-1.1.s390x",
"openSUSE Tumbleweed:tomcat10-docs-webapp-10.1.48-1.1.x86_64",
"openSUSE Tumbleweed:tomcat10-el-5_0-api-10.1.48-1.1.aarch64",
"openSUSE Tumbleweed:tomcat10-el-5_0-api-10.1.48-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat10-el-5_0-api-10.1.48-1.1.s390x",
"openSUSE Tumbleweed:tomcat10-el-5_0-api-10.1.48-1.1.x86_64",
"openSUSE Tumbleweed:tomcat10-embed-10.1.48-1.1.aarch64",
"openSUSE Tumbleweed:tomcat10-embed-10.1.48-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat10-embed-10.1.48-1.1.s390x",
"openSUSE Tumbleweed:tomcat10-embed-10.1.48-1.1.x86_64",
"openSUSE Tumbleweed:tomcat10-jsp-3_1-api-10.1.48-1.1.aarch64",
"openSUSE Tumbleweed:tomcat10-jsp-3_1-api-10.1.48-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat10-jsp-3_1-api-10.1.48-1.1.s390x",
"openSUSE Tumbleweed:tomcat10-jsp-3_1-api-10.1.48-1.1.x86_64",
"openSUSE Tumbleweed:tomcat10-jsvc-10.1.48-1.1.aarch64",
"openSUSE Tumbleweed:tomcat10-jsvc-10.1.48-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat10-jsvc-10.1.48-1.1.s390x",
"openSUSE Tumbleweed:tomcat10-jsvc-10.1.48-1.1.x86_64",
"openSUSE Tumbleweed:tomcat10-lib-10.1.48-1.1.aarch64",
"openSUSE Tumbleweed:tomcat10-lib-10.1.48-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat10-lib-10.1.48-1.1.s390x",
"openSUSE Tumbleweed:tomcat10-lib-10.1.48-1.1.x86_64",
"openSUSE Tumbleweed:tomcat10-servlet-6_0-api-10.1.48-1.1.aarch64",
"openSUSE Tumbleweed:tomcat10-servlet-6_0-api-10.1.48-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat10-servlet-6_0-api-10.1.48-1.1.s390x",
"openSUSE Tumbleweed:tomcat10-servlet-6_0-api-10.1.48-1.1.x86_64",
"openSUSE Tumbleweed:tomcat10-webapps-10.1.48-1.1.aarch64",
"openSUSE Tumbleweed:tomcat10-webapps-10.1.48-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat10-webapps-10.1.48-1.1.s390x",
"openSUSE Tumbleweed:tomcat10-webapps-10.1.48-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-61795",
"url": "https://www.suse.com/security/cve/CVE-2025-61795"
},
{
"category": "external",
"summary": "SUSE Bug 1252756 for CVE-2025-61795",
"url": "https://bugzilla.suse.com/1252756"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tomcat10-10.1.48-1.1.aarch64",
"openSUSE Tumbleweed:tomcat10-10.1.48-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat10-10.1.48-1.1.s390x",
"openSUSE Tumbleweed:tomcat10-10.1.48-1.1.x86_64",
"openSUSE Tumbleweed:tomcat10-admin-webapps-10.1.48-1.1.aarch64",
"openSUSE Tumbleweed:tomcat10-admin-webapps-10.1.48-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat10-admin-webapps-10.1.48-1.1.s390x",
"openSUSE Tumbleweed:tomcat10-admin-webapps-10.1.48-1.1.x86_64",
"openSUSE Tumbleweed:tomcat10-doc-10.1.48-1.1.aarch64",
"openSUSE Tumbleweed:tomcat10-doc-10.1.48-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat10-doc-10.1.48-1.1.s390x",
"openSUSE Tumbleweed:tomcat10-doc-10.1.48-1.1.x86_64",
"openSUSE Tumbleweed:tomcat10-docs-webapp-10.1.48-1.1.aarch64",
"openSUSE Tumbleweed:tomcat10-docs-webapp-10.1.48-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat10-docs-webapp-10.1.48-1.1.s390x",
"openSUSE Tumbleweed:tomcat10-docs-webapp-10.1.48-1.1.x86_64",
"openSUSE Tumbleweed:tomcat10-el-5_0-api-10.1.48-1.1.aarch64",
"openSUSE Tumbleweed:tomcat10-el-5_0-api-10.1.48-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat10-el-5_0-api-10.1.48-1.1.s390x",
"openSUSE Tumbleweed:tomcat10-el-5_0-api-10.1.48-1.1.x86_64",
"openSUSE Tumbleweed:tomcat10-embed-10.1.48-1.1.aarch64",
"openSUSE Tumbleweed:tomcat10-embed-10.1.48-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat10-embed-10.1.48-1.1.s390x",
"openSUSE Tumbleweed:tomcat10-embed-10.1.48-1.1.x86_64",
"openSUSE Tumbleweed:tomcat10-jsp-3_1-api-10.1.48-1.1.aarch64",
"openSUSE Tumbleweed:tomcat10-jsp-3_1-api-10.1.48-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat10-jsp-3_1-api-10.1.48-1.1.s390x",
"openSUSE Tumbleweed:tomcat10-jsp-3_1-api-10.1.48-1.1.x86_64",
"openSUSE Tumbleweed:tomcat10-jsvc-10.1.48-1.1.aarch64",
"openSUSE Tumbleweed:tomcat10-jsvc-10.1.48-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat10-jsvc-10.1.48-1.1.s390x",
"openSUSE Tumbleweed:tomcat10-jsvc-10.1.48-1.1.x86_64",
"openSUSE Tumbleweed:tomcat10-lib-10.1.48-1.1.aarch64",
"openSUSE Tumbleweed:tomcat10-lib-10.1.48-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat10-lib-10.1.48-1.1.s390x",
"openSUSE Tumbleweed:tomcat10-lib-10.1.48-1.1.x86_64",
"openSUSE Tumbleweed:tomcat10-servlet-6_0-api-10.1.48-1.1.aarch64",
"openSUSE Tumbleweed:tomcat10-servlet-6_0-api-10.1.48-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat10-servlet-6_0-api-10.1.48-1.1.s390x",
"openSUSE Tumbleweed:tomcat10-servlet-6_0-api-10.1.48-1.1.x86_64",
"openSUSE Tumbleweed:tomcat10-webapps-10.1.48-1.1.aarch64",
"openSUSE Tumbleweed:tomcat10-webapps-10.1.48-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat10-webapps-10.1.48-1.1.s390x",
"openSUSE Tumbleweed:tomcat10-webapps-10.1.48-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:tomcat10-10.1.48-1.1.aarch64",
"openSUSE Tumbleweed:tomcat10-10.1.48-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat10-10.1.48-1.1.s390x",
"openSUSE Tumbleweed:tomcat10-10.1.48-1.1.x86_64",
"openSUSE Tumbleweed:tomcat10-admin-webapps-10.1.48-1.1.aarch64",
"openSUSE Tumbleweed:tomcat10-admin-webapps-10.1.48-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat10-admin-webapps-10.1.48-1.1.s390x",
"openSUSE Tumbleweed:tomcat10-admin-webapps-10.1.48-1.1.x86_64",
"openSUSE Tumbleweed:tomcat10-doc-10.1.48-1.1.aarch64",
"openSUSE Tumbleweed:tomcat10-doc-10.1.48-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat10-doc-10.1.48-1.1.s390x",
"openSUSE Tumbleweed:tomcat10-doc-10.1.48-1.1.x86_64",
"openSUSE Tumbleweed:tomcat10-docs-webapp-10.1.48-1.1.aarch64",
"openSUSE Tumbleweed:tomcat10-docs-webapp-10.1.48-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat10-docs-webapp-10.1.48-1.1.s390x",
"openSUSE Tumbleweed:tomcat10-docs-webapp-10.1.48-1.1.x86_64",
"openSUSE Tumbleweed:tomcat10-el-5_0-api-10.1.48-1.1.aarch64",
"openSUSE Tumbleweed:tomcat10-el-5_0-api-10.1.48-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat10-el-5_0-api-10.1.48-1.1.s390x",
"openSUSE Tumbleweed:tomcat10-el-5_0-api-10.1.48-1.1.x86_64",
"openSUSE Tumbleweed:tomcat10-embed-10.1.48-1.1.aarch64",
"openSUSE Tumbleweed:tomcat10-embed-10.1.48-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat10-embed-10.1.48-1.1.s390x",
"openSUSE Tumbleweed:tomcat10-embed-10.1.48-1.1.x86_64",
"openSUSE Tumbleweed:tomcat10-jsp-3_1-api-10.1.48-1.1.aarch64",
"openSUSE Tumbleweed:tomcat10-jsp-3_1-api-10.1.48-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat10-jsp-3_1-api-10.1.48-1.1.s390x",
"openSUSE Tumbleweed:tomcat10-jsp-3_1-api-10.1.48-1.1.x86_64",
"openSUSE Tumbleweed:tomcat10-jsvc-10.1.48-1.1.aarch64",
"openSUSE Tumbleweed:tomcat10-jsvc-10.1.48-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat10-jsvc-10.1.48-1.1.s390x",
"openSUSE Tumbleweed:tomcat10-jsvc-10.1.48-1.1.x86_64",
"openSUSE Tumbleweed:tomcat10-lib-10.1.48-1.1.aarch64",
"openSUSE Tumbleweed:tomcat10-lib-10.1.48-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat10-lib-10.1.48-1.1.s390x",
"openSUSE Tumbleweed:tomcat10-lib-10.1.48-1.1.x86_64",
"openSUSE Tumbleweed:tomcat10-servlet-6_0-api-10.1.48-1.1.aarch64",
"openSUSE Tumbleweed:tomcat10-servlet-6_0-api-10.1.48-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat10-servlet-6_0-api-10.1.48-1.1.s390x",
"openSUSE Tumbleweed:tomcat10-servlet-6_0-api-10.1.48-1.1.x86_64",
"openSUSE Tumbleweed:tomcat10-webapps-10.1.48-1.1.aarch64",
"openSUSE Tumbleweed:tomcat10-webapps-10.1.48-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat10-webapps-10.1.48-1.1.s390x",
"openSUSE Tumbleweed:tomcat10-webapps-10.1.48-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-07T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-61795"
}
]
}
opensuse-su-2025:15718-1
Vulnerability from csaf_opensuse
Published
2025-11-07 00:00
Modified
2025-11-07 00:00
Summary
tomcat11-11.0.13-1.1 on GA media
Notes
Title of the patch
tomcat11-11.0.13-1.1 on GA media
Description of the patch
These are all security issues fixed in the tomcat11-11.0.13-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2025-15718
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "tomcat11-11.0.13-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the tomcat11-11.0.13-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2025-15718",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_15718-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-55752 page",
"url": "https://www.suse.com/security/cve/CVE-2025-55752/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-55754 page",
"url": "https://www.suse.com/security/cve/CVE-2025-55754/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-61795 page",
"url": "https://www.suse.com/security/cve/CVE-2025-61795/"
}
],
"title": "tomcat11-11.0.13-1.1 on GA media",
"tracking": {
"current_release_date": "2025-11-07T00:00:00Z",
"generator": {
"date": "2025-11-07T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2025:15718-1",
"initial_release_date": "2025-11-07T00:00:00Z",
"revision_history": [
{
"date": "2025-11-07T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "tomcat11-11.0.13-1.1.aarch64",
"product": {
"name": "tomcat11-11.0.13-1.1.aarch64",
"product_id": "tomcat11-11.0.13-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "tomcat11-admin-webapps-11.0.13-1.1.aarch64",
"product": {
"name": "tomcat11-admin-webapps-11.0.13-1.1.aarch64",
"product_id": "tomcat11-admin-webapps-11.0.13-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "tomcat11-doc-11.0.13-1.1.aarch64",
"product": {
"name": "tomcat11-doc-11.0.13-1.1.aarch64",
"product_id": "tomcat11-doc-11.0.13-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "tomcat11-docs-webapp-11.0.13-1.1.aarch64",
"product": {
"name": "tomcat11-docs-webapp-11.0.13-1.1.aarch64",
"product_id": "tomcat11-docs-webapp-11.0.13-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "tomcat11-el-6_0-api-11.0.13-1.1.aarch64",
"product": {
"name": "tomcat11-el-6_0-api-11.0.13-1.1.aarch64",
"product_id": "tomcat11-el-6_0-api-11.0.13-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "tomcat11-embed-11.0.13-1.1.aarch64",
"product": {
"name": "tomcat11-embed-11.0.13-1.1.aarch64",
"product_id": "tomcat11-embed-11.0.13-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "tomcat11-jsp-4_0-api-11.0.13-1.1.aarch64",
"product": {
"name": "tomcat11-jsp-4_0-api-11.0.13-1.1.aarch64",
"product_id": "tomcat11-jsp-4_0-api-11.0.13-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "tomcat11-jsvc-11.0.13-1.1.aarch64",
"product": {
"name": "tomcat11-jsvc-11.0.13-1.1.aarch64",
"product_id": "tomcat11-jsvc-11.0.13-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "tomcat11-lib-11.0.13-1.1.aarch64",
"product": {
"name": "tomcat11-lib-11.0.13-1.1.aarch64",
"product_id": "tomcat11-lib-11.0.13-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "tomcat11-servlet-6_1-api-11.0.13-1.1.aarch64",
"product": {
"name": "tomcat11-servlet-6_1-api-11.0.13-1.1.aarch64",
"product_id": "tomcat11-servlet-6_1-api-11.0.13-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "tomcat11-webapps-11.0.13-1.1.aarch64",
"product": {
"name": "tomcat11-webapps-11.0.13-1.1.aarch64",
"product_id": "tomcat11-webapps-11.0.13-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "tomcat11-11.0.13-1.1.ppc64le",
"product": {
"name": "tomcat11-11.0.13-1.1.ppc64le",
"product_id": "tomcat11-11.0.13-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "tomcat11-admin-webapps-11.0.13-1.1.ppc64le",
"product": {
"name": "tomcat11-admin-webapps-11.0.13-1.1.ppc64le",
"product_id": "tomcat11-admin-webapps-11.0.13-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "tomcat11-doc-11.0.13-1.1.ppc64le",
"product": {
"name": "tomcat11-doc-11.0.13-1.1.ppc64le",
"product_id": "tomcat11-doc-11.0.13-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "tomcat11-docs-webapp-11.0.13-1.1.ppc64le",
"product": {
"name": "tomcat11-docs-webapp-11.0.13-1.1.ppc64le",
"product_id": "tomcat11-docs-webapp-11.0.13-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "tomcat11-el-6_0-api-11.0.13-1.1.ppc64le",
"product": {
"name": "tomcat11-el-6_0-api-11.0.13-1.1.ppc64le",
"product_id": "tomcat11-el-6_0-api-11.0.13-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "tomcat11-embed-11.0.13-1.1.ppc64le",
"product": {
"name": "tomcat11-embed-11.0.13-1.1.ppc64le",
"product_id": "tomcat11-embed-11.0.13-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "tomcat11-jsp-4_0-api-11.0.13-1.1.ppc64le",
"product": {
"name": "tomcat11-jsp-4_0-api-11.0.13-1.1.ppc64le",
"product_id": "tomcat11-jsp-4_0-api-11.0.13-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "tomcat11-jsvc-11.0.13-1.1.ppc64le",
"product": {
"name": "tomcat11-jsvc-11.0.13-1.1.ppc64le",
"product_id": "tomcat11-jsvc-11.0.13-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "tomcat11-lib-11.0.13-1.1.ppc64le",
"product": {
"name": "tomcat11-lib-11.0.13-1.1.ppc64le",
"product_id": "tomcat11-lib-11.0.13-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "tomcat11-servlet-6_1-api-11.0.13-1.1.ppc64le",
"product": {
"name": "tomcat11-servlet-6_1-api-11.0.13-1.1.ppc64le",
"product_id": "tomcat11-servlet-6_1-api-11.0.13-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "tomcat11-webapps-11.0.13-1.1.ppc64le",
"product": {
"name": "tomcat11-webapps-11.0.13-1.1.ppc64le",
"product_id": "tomcat11-webapps-11.0.13-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "tomcat11-11.0.13-1.1.s390x",
"product": {
"name": "tomcat11-11.0.13-1.1.s390x",
"product_id": "tomcat11-11.0.13-1.1.s390x"
}
},
{
"category": "product_version",
"name": "tomcat11-admin-webapps-11.0.13-1.1.s390x",
"product": {
"name": "tomcat11-admin-webapps-11.0.13-1.1.s390x",
"product_id": "tomcat11-admin-webapps-11.0.13-1.1.s390x"
}
},
{
"category": "product_version",
"name": "tomcat11-doc-11.0.13-1.1.s390x",
"product": {
"name": "tomcat11-doc-11.0.13-1.1.s390x",
"product_id": "tomcat11-doc-11.0.13-1.1.s390x"
}
},
{
"category": "product_version",
"name": "tomcat11-docs-webapp-11.0.13-1.1.s390x",
"product": {
"name": "tomcat11-docs-webapp-11.0.13-1.1.s390x",
"product_id": "tomcat11-docs-webapp-11.0.13-1.1.s390x"
}
},
{
"category": "product_version",
"name": "tomcat11-el-6_0-api-11.0.13-1.1.s390x",
"product": {
"name": "tomcat11-el-6_0-api-11.0.13-1.1.s390x",
"product_id": "tomcat11-el-6_0-api-11.0.13-1.1.s390x"
}
},
{
"category": "product_version",
"name": "tomcat11-embed-11.0.13-1.1.s390x",
"product": {
"name": "tomcat11-embed-11.0.13-1.1.s390x",
"product_id": "tomcat11-embed-11.0.13-1.1.s390x"
}
},
{
"category": "product_version",
"name": "tomcat11-jsp-4_0-api-11.0.13-1.1.s390x",
"product": {
"name": "tomcat11-jsp-4_0-api-11.0.13-1.1.s390x",
"product_id": "tomcat11-jsp-4_0-api-11.0.13-1.1.s390x"
}
},
{
"category": "product_version",
"name": "tomcat11-jsvc-11.0.13-1.1.s390x",
"product": {
"name": "tomcat11-jsvc-11.0.13-1.1.s390x",
"product_id": "tomcat11-jsvc-11.0.13-1.1.s390x"
}
},
{
"category": "product_version",
"name": "tomcat11-lib-11.0.13-1.1.s390x",
"product": {
"name": "tomcat11-lib-11.0.13-1.1.s390x",
"product_id": "tomcat11-lib-11.0.13-1.1.s390x"
}
},
{
"category": "product_version",
"name": "tomcat11-servlet-6_1-api-11.0.13-1.1.s390x",
"product": {
"name": "tomcat11-servlet-6_1-api-11.0.13-1.1.s390x",
"product_id": "tomcat11-servlet-6_1-api-11.0.13-1.1.s390x"
}
},
{
"category": "product_version",
"name": "tomcat11-webapps-11.0.13-1.1.s390x",
"product": {
"name": "tomcat11-webapps-11.0.13-1.1.s390x",
"product_id": "tomcat11-webapps-11.0.13-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "tomcat11-11.0.13-1.1.x86_64",
"product": {
"name": "tomcat11-11.0.13-1.1.x86_64",
"product_id": "tomcat11-11.0.13-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "tomcat11-admin-webapps-11.0.13-1.1.x86_64",
"product": {
"name": "tomcat11-admin-webapps-11.0.13-1.1.x86_64",
"product_id": "tomcat11-admin-webapps-11.0.13-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "tomcat11-doc-11.0.13-1.1.x86_64",
"product": {
"name": "tomcat11-doc-11.0.13-1.1.x86_64",
"product_id": "tomcat11-doc-11.0.13-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "tomcat11-docs-webapp-11.0.13-1.1.x86_64",
"product": {
"name": "tomcat11-docs-webapp-11.0.13-1.1.x86_64",
"product_id": "tomcat11-docs-webapp-11.0.13-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "tomcat11-el-6_0-api-11.0.13-1.1.x86_64",
"product": {
"name": "tomcat11-el-6_0-api-11.0.13-1.1.x86_64",
"product_id": "tomcat11-el-6_0-api-11.0.13-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "tomcat11-embed-11.0.13-1.1.x86_64",
"product": {
"name": "tomcat11-embed-11.0.13-1.1.x86_64",
"product_id": "tomcat11-embed-11.0.13-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "tomcat11-jsp-4_0-api-11.0.13-1.1.x86_64",
"product": {
"name": "tomcat11-jsp-4_0-api-11.0.13-1.1.x86_64",
"product_id": "tomcat11-jsp-4_0-api-11.0.13-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "tomcat11-jsvc-11.0.13-1.1.x86_64",
"product": {
"name": "tomcat11-jsvc-11.0.13-1.1.x86_64",
"product_id": "tomcat11-jsvc-11.0.13-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "tomcat11-lib-11.0.13-1.1.x86_64",
"product": {
"name": "tomcat11-lib-11.0.13-1.1.x86_64",
"product_id": "tomcat11-lib-11.0.13-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "tomcat11-servlet-6_1-api-11.0.13-1.1.x86_64",
"product": {
"name": "tomcat11-servlet-6_1-api-11.0.13-1.1.x86_64",
"product_id": "tomcat11-servlet-6_1-api-11.0.13-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "tomcat11-webapps-11.0.13-1.1.x86_64",
"product": {
"name": "tomcat11-webapps-11.0.13-1.1.x86_64",
"product_id": "tomcat11-webapps-11.0.13-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat11-11.0.13-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tomcat11-11.0.13-1.1.aarch64"
},
"product_reference": "tomcat11-11.0.13-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat11-11.0.13-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tomcat11-11.0.13-1.1.ppc64le"
},
"product_reference": "tomcat11-11.0.13-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat11-11.0.13-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tomcat11-11.0.13-1.1.s390x"
},
"product_reference": "tomcat11-11.0.13-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat11-11.0.13-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tomcat11-11.0.13-1.1.x86_64"
},
"product_reference": "tomcat11-11.0.13-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat11-admin-webapps-11.0.13-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tomcat11-admin-webapps-11.0.13-1.1.aarch64"
},
"product_reference": "tomcat11-admin-webapps-11.0.13-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat11-admin-webapps-11.0.13-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tomcat11-admin-webapps-11.0.13-1.1.ppc64le"
},
"product_reference": "tomcat11-admin-webapps-11.0.13-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat11-admin-webapps-11.0.13-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tomcat11-admin-webapps-11.0.13-1.1.s390x"
},
"product_reference": "tomcat11-admin-webapps-11.0.13-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat11-admin-webapps-11.0.13-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tomcat11-admin-webapps-11.0.13-1.1.x86_64"
},
"product_reference": "tomcat11-admin-webapps-11.0.13-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat11-doc-11.0.13-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tomcat11-doc-11.0.13-1.1.aarch64"
},
"product_reference": "tomcat11-doc-11.0.13-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat11-doc-11.0.13-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tomcat11-doc-11.0.13-1.1.ppc64le"
},
"product_reference": "tomcat11-doc-11.0.13-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat11-doc-11.0.13-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tomcat11-doc-11.0.13-1.1.s390x"
},
"product_reference": "tomcat11-doc-11.0.13-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat11-doc-11.0.13-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tomcat11-doc-11.0.13-1.1.x86_64"
},
"product_reference": "tomcat11-doc-11.0.13-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat11-docs-webapp-11.0.13-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tomcat11-docs-webapp-11.0.13-1.1.aarch64"
},
"product_reference": "tomcat11-docs-webapp-11.0.13-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat11-docs-webapp-11.0.13-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tomcat11-docs-webapp-11.0.13-1.1.ppc64le"
},
"product_reference": "tomcat11-docs-webapp-11.0.13-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat11-docs-webapp-11.0.13-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tomcat11-docs-webapp-11.0.13-1.1.s390x"
},
"product_reference": "tomcat11-docs-webapp-11.0.13-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat11-docs-webapp-11.0.13-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tomcat11-docs-webapp-11.0.13-1.1.x86_64"
},
"product_reference": "tomcat11-docs-webapp-11.0.13-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat11-el-6_0-api-11.0.13-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tomcat11-el-6_0-api-11.0.13-1.1.aarch64"
},
"product_reference": "tomcat11-el-6_0-api-11.0.13-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat11-el-6_0-api-11.0.13-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tomcat11-el-6_0-api-11.0.13-1.1.ppc64le"
},
"product_reference": "tomcat11-el-6_0-api-11.0.13-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat11-el-6_0-api-11.0.13-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tomcat11-el-6_0-api-11.0.13-1.1.s390x"
},
"product_reference": "tomcat11-el-6_0-api-11.0.13-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat11-el-6_0-api-11.0.13-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tomcat11-el-6_0-api-11.0.13-1.1.x86_64"
},
"product_reference": "tomcat11-el-6_0-api-11.0.13-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat11-embed-11.0.13-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tomcat11-embed-11.0.13-1.1.aarch64"
},
"product_reference": "tomcat11-embed-11.0.13-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat11-embed-11.0.13-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tomcat11-embed-11.0.13-1.1.ppc64le"
},
"product_reference": "tomcat11-embed-11.0.13-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat11-embed-11.0.13-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tomcat11-embed-11.0.13-1.1.s390x"
},
"product_reference": "tomcat11-embed-11.0.13-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat11-embed-11.0.13-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tomcat11-embed-11.0.13-1.1.x86_64"
},
"product_reference": "tomcat11-embed-11.0.13-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat11-jsp-4_0-api-11.0.13-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tomcat11-jsp-4_0-api-11.0.13-1.1.aarch64"
},
"product_reference": "tomcat11-jsp-4_0-api-11.0.13-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat11-jsp-4_0-api-11.0.13-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tomcat11-jsp-4_0-api-11.0.13-1.1.ppc64le"
},
"product_reference": "tomcat11-jsp-4_0-api-11.0.13-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat11-jsp-4_0-api-11.0.13-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tomcat11-jsp-4_0-api-11.0.13-1.1.s390x"
},
"product_reference": "tomcat11-jsp-4_0-api-11.0.13-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat11-jsp-4_0-api-11.0.13-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tomcat11-jsp-4_0-api-11.0.13-1.1.x86_64"
},
"product_reference": "tomcat11-jsp-4_0-api-11.0.13-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat11-jsvc-11.0.13-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tomcat11-jsvc-11.0.13-1.1.aarch64"
},
"product_reference": "tomcat11-jsvc-11.0.13-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat11-jsvc-11.0.13-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tomcat11-jsvc-11.0.13-1.1.ppc64le"
},
"product_reference": "tomcat11-jsvc-11.0.13-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat11-jsvc-11.0.13-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tomcat11-jsvc-11.0.13-1.1.s390x"
},
"product_reference": "tomcat11-jsvc-11.0.13-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat11-jsvc-11.0.13-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tomcat11-jsvc-11.0.13-1.1.x86_64"
},
"product_reference": "tomcat11-jsvc-11.0.13-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat11-lib-11.0.13-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tomcat11-lib-11.0.13-1.1.aarch64"
},
"product_reference": "tomcat11-lib-11.0.13-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat11-lib-11.0.13-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tomcat11-lib-11.0.13-1.1.ppc64le"
},
"product_reference": "tomcat11-lib-11.0.13-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat11-lib-11.0.13-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tomcat11-lib-11.0.13-1.1.s390x"
},
"product_reference": "tomcat11-lib-11.0.13-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat11-lib-11.0.13-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tomcat11-lib-11.0.13-1.1.x86_64"
},
"product_reference": "tomcat11-lib-11.0.13-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat11-servlet-6_1-api-11.0.13-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tomcat11-servlet-6_1-api-11.0.13-1.1.aarch64"
},
"product_reference": "tomcat11-servlet-6_1-api-11.0.13-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat11-servlet-6_1-api-11.0.13-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tomcat11-servlet-6_1-api-11.0.13-1.1.ppc64le"
},
"product_reference": "tomcat11-servlet-6_1-api-11.0.13-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat11-servlet-6_1-api-11.0.13-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tomcat11-servlet-6_1-api-11.0.13-1.1.s390x"
},
"product_reference": "tomcat11-servlet-6_1-api-11.0.13-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat11-servlet-6_1-api-11.0.13-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tomcat11-servlet-6_1-api-11.0.13-1.1.x86_64"
},
"product_reference": "tomcat11-servlet-6_1-api-11.0.13-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat11-webapps-11.0.13-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tomcat11-webapps-11.0.13-1.1.aarch64"
},
"product_reference": "tomcat11-webapps-11.0.13-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat11-webapps-11.0.13-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tomcat11-webapps-11.0.13-1.1.ppc64le"
},
"product_reference": "tomcat11-webapps-11.0.13-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat11-webapps-11.0.13-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tomcat11-webapps-11.0.13-1.1.s390x"
},
"product_reference": "tomcat11-webapps-11.0.13-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat11-webapps-11.0.13-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:tomcat11-webapps-11.0.13-1.1.x86_64"
},
"product_reference": "tomcat11-webapps-11.0.13-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-55752",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-55752"
}
],
"notes": [
{
"category": "general",
"text": "Relative Path Traversal vulnerability in Apache Tomcat.\n\nThe fix for bug 60013 introduced a regression where the rewritten URL was normalized before it was decoded. This introduced the possibility that, for rewrite rules that rewrite query parameters to the URL, an attacker could manipulate the request URI to bypass security constraints including the protection for /WEB-INF/ and /META-INF/. If PUT requests were also enabled then malicious files could be uploaded leading to remote code execution. PUT requests are normally limited to trusted users and it is considered unlikely that PUT requests would be enabled in conjunction with a rewrite that manipulated the URI.\n\n\n\nThis issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.10, from 10.1.0-M1 through 10.1.44, from 9.0.0.M11 through 9.0.108.\n\nThe following versions were EOL at the time the CVE was created but are \nknown to be affected: 8.5.6 though 8.5.100. Other, older, EOL versions may also be affected.\nUsers are recommended to upgrade to version 11.0.11 or later, 10.1.45 or later or 9.0.109 or later, which fix the issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tomcat11-11.0.13-1.1.aarch64",
"openSUSE Tumbleweed:tomcat11-11.0.13-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat11-11.0.13-1.1.s390x",
"openSUSE Tumbleweed:tomcat11-11.0.13-1.1.x86_64",
"openSUSE Tumbleweed:tomcat11-admin-webapps-11.0.13-1.1.aarch64",
"openSUSE Tumbleweed:tomcat11-admin-webapps-11.0.13-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat11-admin-webapps-11.0.13-1.1.s390x",
"openSUSE Tumbleweed:tomcat11-admin-webapps-11.0.13-1.1.x86_64",
"openSUSE Tumbleweed:tomcat11-doc-11.0.13-1.1.aarch64",
"openSUSE Tumbleweed:tomcat11-doc-11.0.13-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat11-doc-11.0.13-1.1.s390x",
"openSUSE Tumbleweed:tomcat11-doc-11.0.13-1.1.x86_64",
"openSUSE Tumbleweed:tomcat11-docs-webapp-11.0.13-1.1.aarch64",
"openSUSE Tumbleweed:tomcat11-docs-webapp-11.0.13-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat11-docs-webapp-11.0.13-1.1.s390x",
"openSUSE Tumbleweed:tomcat11-docs-webapp-11.0.13-1.1.x86_64",
"openSUSE Tumbleweed:tomcat11-el-6_0-api-11.0.13-1.1.aarch64",
"openSUSE Tumbleweed:tomcat11-el-6_0-api-11.0.13-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat11-el-6_0-api-11.0.13-1.1.s390x",
"openSUSE Tumbleweed:tomcat11-el-6_0-api-11.0.13-1.1.x86_64",
"openSUSE Tumbleweed:tomcat11-embed-11.0.13-1.1.aarch64",
"openSUSE Tumbleweed:tomcat11-embed-11.0.13-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat11-embed-11.0.13-1.1.s390x",
"openSUSE Tumbleweed:tomcat11-embed-11.0.13-1.1.x86_64",
"openSUSE Tumbleweed:tomcat11-jsp-4_0-api-11.0.13-1.1.aarch64",
"openSUSE Tumbleweed:tomcat11-jsp-4_0-api-11.0.13-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat11-jsp-4_0-api-11.0.13-1.1.s390x",
"openSUSE Tumbleweed:tomcat11-jsp-4_0-api-11.0.13-1.1.x86_64",
"openSUSE Tumbleweed:tomcat11-jsvc-11.0.13-1.1.aarch64",
"openSUSE Tumbleweed:tomcat11-jsvc-11.0.13-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat11-jsvc-11.0.13-1.1.s390x",
"openSUSE Tumbleweed:tomcat11-jsvc-11.0.13-1.1.x86_64",
"openSUSE Tumbleweed:tomcat11-lib-11.0.13-1.1.aarch64",
"openSUSE Tumbleweed:tomcat11-lib-11.0.13-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat11-lib-11.0.13-1.1.s390x",
"openSUSE Tumbleweed:tomcat11-lib-11.0.13-1.1.x86_64",
"openSUSE Tumbleweed:tomcat11-servlet-6_1-api-11.0.13-1.1.aarch64",
"openSUSE Tumbleweed:tomcat11-servlet-6_1-api-11.0.13-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat11-servlet-6_1-api-11.0.13-1.1.s390x",
"openSUSE Tumbleweed:tomcat11-servlet-6_1-api-11.0.13-1.1.x86_64",
"openSUSE Tumbleweed:tomcat11-webapps-11.0.13-1.1.aarch64",
"openSUSE Tumbleweed:tomcat11-webapps-11.0.13-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat11-webapps-11.0.13-1.1.s390x",
"openSUSE Tumbleweed:tomcat11-webapps-11.0.13-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-55752",
"url": "https://www.suse.com/security/cve/CVE-2025-55752"
},
{
"category": "external",
"summary": "SUSE Bug 1252753 for CVE-2025-55752",
"url": "https://bugzilla.suse.com/1252753"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tomcat11-11.0.13-1.1.aarch64",
"openSUSE Tumbleweed:tomcat11-11.0.13-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat11-11.0.13-1.1.s390x",
"openSUSE Tumbleweed:tomcat11-11.0.13-1.1.x86_64",
"openSUSE Tumbleweed:tomcat11-admin-webapps-11.0.13-1.1.aarch64",
"openSUSE Tumbleweed:tomcat11-admin-webapps-11.0.13-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat11-admin-webapps-11.0.13-1.1.s390x",
"openSUSE Tumbleweed:tomcat11-admin-webapps-11.0.13-1.1.x86_64",
"openSUSE Tumbleweed:tomcat11-doc-11.0.13-1.1.aarch64",
"openSUSE Tumbleweed:tomcat11-doc-11.0.13-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat11-doc-11.0.13-1.1.s390x",
"openSUSE Tumbleweed:tomcat11-doc-11.0.13-1.1.x86_64",
"openSUSE Tumbleweed:tomcat11-docs-webapp-11.0.13-1.1.aarch64",
"openSUSE Tumbleweed:tomcat11-docs-webapp-11.0.13-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat11-docs-webapp-11.0.13-1.1.s390x",
"openSUSE Tumbleweed:tomcat11-docs-webapp-11.0.13-1.1.x86_64",
"openSUSE Tumbleweed:tomcat11-el-6_0-api-11.0.13-1.1.aarch64",
"openSUSE Tumbleweed:tomcat11-el-6_0-api-11.0.13-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat11-el-6_0-api-11.0.13-1.1.s390x",
"openSUSE Tumbleweed:tomcat11-el-6_0-api-11.0.13-1.1.x86_64",
"openSUSE Tumbleweed:tomcat11-embed-11.0.13-1.1.aarch64",
"openSUSE Tumbleweed:tomcat11-embed-11.0.13-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat11-embed-11.0.13-1.1.s390x",
"openSUSE Tumbleweed:tomcat11-embed-11.0.13-1.1.x86_64",
"openSUSE Tumbleweed:tomcat11-jsp-4_0-api-11.0.13-1.1.aarch64",
"openSUSE Tumbleweed:tomcat11-jsp-4_0-api-11.0.13-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat11-jsp-4_0-api-11.0.13-1.1.s390x",
"openSUSE Tumbleweed:tomcat11-jsp-4_0-api-11.0.13-1.1.x86_64",
"openSUSE Tumbleweed:tomcat11-jsvc-11.0.13-1.1.aarch64",
"openSUSE Tumbleweed:tomcat11-jsvc-11.0.13-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat11-jsvc-11.0.13-1.1.s390x",
"openSUSE Tumbleweed:tomcat11-jsvc-11.0.13-1.1.x86_64",
"openSUSE Tumbleweed:tomcat11-lib-11.0.13-1.1.aarch64",
"openSUSE Tumbleweed:tomcat11-lib-11.0.13-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat11-lib-11.0.13-1.1.s390x",
"openSUSE Tumbleweed:tomcat11-lib-11.0.13-1.1.x86_64",
"openSUSE Tumbleweed:tomcat11-servlet-6_1-api-11.0.13-1.1.aarch64",
"openSUSE Tumbleweed:tomcat11-servlet-6_1-api-11.0.13-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat11-servlet-6_1-api-11.0.13-1.1.s390x",
"openSUSE Tumbleweed:tomcat11-servlet-6_1-api-11.0.13-1.1.x86_64",
"openSUSE Tumbleweed:tomcat11-webapps-11.0.13-1.1.aarch64",
"openSUSE Tumbleweed:tomcat11-webapps-11.0.13-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat11-webapps-11.0.13-1.1.s390x",
"openSUSE Tumbleweed:tomcat11-webapps-11.0.13-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:tomcat11-11.0.13-1.1.aarch64",
"openSUSE Tumbleweed:tomcat11-11.0.13-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat11-11.0.13-1.1.s390x",
"openSUSE Tumbleweed:tomcat11-11.0.13-1.1.x86_64",
"openSUSE Tumbleweed:tomcat11-admin-webapps-11.0.13-1.1.aarch64",
"openSUSE Tumbleweed:tomcat11-admin-webapps-11.0.13-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat11-admin-webapps-11.0.13-1.1.s390x",
"openSUSE Tumbleweed:tomcat11-admin-webapps-11.0.13-1.1.x86_64",
"openSUSE Tumbleweed:tomcat11-doc-11.0.13-1.1.aarch64",
"openSUSE Tumbleweed:tomcat11-doc-11.0.13-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat11-doc-11.0.13-1.1.s390x",
"openSUSE Tumbleweed:tomcat11-doc-11.0.13-1.1.x86_64",
"openSUSE Tumbleweed:tomcat11-docs-webapp-11.0.13-1.1.aarch64",
"openSUSE Tumbleweed:tomcat11-docs-webapp-11.0.13-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat11-docs-webapp-11.0.13-1.1.s390x",
"openSUSE Tumbleweed:tomcat11-docs-webapp-11.0.13-1.1.x86_64",
"openSUSE Tumbleweed:tomcat11-el-6_0-api-11.0.13-1.1.aarch64",
"openSUSE Tumbleweed:tomcat11-el-6_0-api-11.0.13-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat11-el-6_0-api-11.0.13-1.1.s390x",
"openSUSE Tumbleweed:tomcat11-el-6_0-api-11.0.13-1.1.x86_64",
"openSUSE Tumbleweed:tomcat11-embed-11.0.13-1.1.aarch64",
"openSUSE Tumbleweed:tomcat11-embed-11.0.13-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat11-embed-11.0.13-1.1.s390x",
"openSUSE Tumbleweed:tomcat11-embed-11.0.13-1.1.x86_64",
"openSUSE Tumbleweed:tomcat11-jsp-4_0-api-11.0.13-1.1.aarch64",
"openSUSE Tumbleweed:tomcat11-jsp-4_0-api-11.0.13-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat11-jsp-4_0-api-11.0.13-1.1.s390x",
"openSUSE Tumbleweed:tomcat11-jsp-4_0-api-11.0.13-1.1.x86_64",
"openSUSE Tumbleweed:tomcat11-jsvc-11.0.13-1.1.aarch64",
"openSUSE Tumbleweed:tomcat11-jsvc-11.0.13-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat11-jsvc-11.0.13-1.1.s390x",
"openSUSE Tumbleweed:tomcat11-jsvc-11.0.13-1.1.x86_64",
"openSUSE Tumbleweed:tomcat11-lib-11.0.13-1.1.aarch64",
"openSUSE Tumbleweed:tomcat11-lib-11.0.13-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat11-lib-11.0.13-1.1.s390x",
"openSUSE Tumbleweed:tomcat11-lib-11.0.13-1.1.x86_64",
"openSUSE Tumbleweed:tomcat11-servlet-6_1-api-11.0.13-1.1.aarch64",
"openSUSE Tumbleweed:tomcat11-servlet-6_1-api-11.0.13-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat11-servlet-6_1-api-11.0.13-1.1.s390x",
"openSUSE Tumbleweed:tomcat11-servlet-6_1-api-11.0.13-1.1.x86_64",
"openSUSE Tumbleweed:tomcat11-webapps-11.0.13-1.1.aarch64",
"openSUSE Tumbleweed:tomcat11-webapps-11.0.13-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat11-webapps-11.0.13-1.1.s390x",
"openSUSE Tumbleweed:tomcat11-webapps-11.0.13-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-07T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-55752"
},
{
"cve": "CVE-2025-55754",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-55754"
}
],
"notes": [
{
"category": "general",
"text": "Improper Neutralization of Escape, Meta, or Control Sequences vulnerability in Apache Tomcat.\n\nTomcat did not escape ANSI escape sequences in log messages. If Tomcat was running in a console on a Windows operating system, and the console supported ANSI escape sequences, it was possible for an attacker to use a specially crafted URL to inject ANSI escape sequences to manipulate the console and the clipboard and attempt to trick an administrator into running an attacker controlled command. While no attack vector was found, it may have been possible to mount this attack on other operating systems.\n\n\n\nThis issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.10, from 10.1.0-M1 through 10.1.44, from 9.0.40 through 9.0.108.\n\nThe following versions were EOL at the time the CVE was created but are \nknown to be affected: 8.5.60 though 8.5.100. Other, older, EOL versions may also be affected.\nUsers are recommended to upgrade to version 11.0.11 or later, 10.1.45 or later or 9.0.109 or later, which fix the issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tomcat11-11.0.13-1.1.aarch64",
"openSUSE Tumbleweed:tomcat11-11.0.13-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat11-11.0.13-1.1.s390x",
"openSUSE Tumbleweed:tomcat11-11.0.13-1.1.x86_64",
"openSUSE Tumbleweed:tomcat11-admin-webapps-11.0.13-1.1.aarch64",
"openSUSE Tumbleweed:tomcat11-admin-webapps-11.0.13-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat11-admin-webapps-11.0.13-1.1.s390x",
"openSUSE Tumbleweed:tomcat11-admin-webapps-11.0.13-1.1.x86_64",
"openSUSE Tumbleweed:tomcat11-doc-11.0.13-1.1.aarch64",
"openSUSE Tumbleweed:tomcat11-doc-11.0.13-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat11-doc-11.0.13-1.1.s390x",
"openSUSE Tumbleweed:tomcat11-doc-11.0.13-1.1.x86_64",
"openSUSE Tumbleweed:tomcat11-docs-webapp-11.0.13-1.1.aarch64",
"openSUSE Tumbleweed:tomcat11-docs-webapp-11.0.13-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat11-docs-webapp-11.0.13-1.1.s390x",
"openSUSE Tumbleweed:tomcat11-docs-webapp-11.0.13-1.1.x86_64",
"openSUSE Tumbleweed:tomcat11-el-6_0-api-11.0.13-1.1.aarch64",
"openSUSE Tumbleweed:tomcat11-el-6_0-api-11.0.13-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat11-el-6_0-api-11.0.13-1.1.s390x",
"openSUSE Tumbleweed:tomcat11-el-6_0-api-11.0.13-1.1.x86_64",
"openSUSE Tumbleweed:tomcat11-embed-11.0.13-1.1.aarch64",
"openSUSE Tumbleweed:tomcat11-embed-11.0.13-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat11-embed-11.0.13-1.1.s390x",
"openSUSE Tumbleweed:tomcat11-embed-11.0.13-1.1.x86_64",
"openSUSE Tumbleweed:tomcat11-jsp-4_0-api-11.0.13-1.1.aarch64",
"openSUSE Tumbleweed:tomcat11-jsp-4_0-api-11.0.13-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat11-jsp-4_0-api-11.0.13-1.1.s390x",
"openSUSE Tumbleweed:tomcat11-jsp-4_0-api-11.0.13-1.1.x86_64",
"openSUSE Tumbleweed:tomcat11-jsvc-11.0.13-1.1.aarch64",
"openSUSE Tumbleweed:tomcat11-jsvc-11.0.13-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat11-jsvc-11.0.13-1.1.s390x",
"openSUSE Tumbleweed:tomcat11-jsvc-11.0.13-1.1.x86_64",
"openSUSE Tumbleweed:tomcat11-lib-11.0.13-1.1.aarch64",
"openSUSE Tumbleweed:tomcat11-lib-11.0.13-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat11-lib-11.0.13-1.1.s390x",
"openSUSE Tumbleweed:tomcat11-lib-11.0.13-1.1.x86_64",
"openSUSE Tumbleweed:tomcat11-servlet-6_1-api-11.0.13-1.1.aarch64",
"openSUSE Tumbleweed:tomcat11-servlet-6_1-api-11.0.13-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat11-servlet-6_1-api-11.0.13-1.1.s390x",
"openSUSE Tumbleweed:tomcat11-servlet-6_1-api-11.0.13-1.1.x86_64",
"openSUSE Tumbleweed:tomcat11-webapps-11.0.13-1.1.aarch64",
"openSUSE Tumbleweed:tomcat11-webapps-11.0.13-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat11-webapps-11.0.13-1.1.s390x",
"openSUSE Tumbleweed:tomcat11-webapps-11.0.13-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-55754",
"url": "https://www.suse.com/security/cve/CVE-2025-55754"
},
{
"category": "external",
"summary": "SUSE Bug 1252905 for CVE-2025-55754",
"url": "https://bugzilla.suse.com/1252905"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tomcat11-11.0.13-1.1.aarch64",
"openSUSE Tumbleweed:tomcat11-11.0.13-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat11-11.0.13-1.1.s390x",
"openSUSE Tumbleweed:tomcat11-11.0.13-1.1.x86_64",
"openSUSE Tumbleweed:tomcat11-admin-webapps-11.0.13-1.1.aarch64",
"openSUSE Tumbleweed:tomcat11-admin-webapps-11.0.13-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat11-admin-webapps-11.0.13-1.1.s390x",
"openSUSE Tumbleweed:tomcat11-admin-webapps-11.0.13-1.1.x86_64",
"openSUSE Tumbleweed:tomcat11-doc-11.0.13-1.1.aarch64",
"openSUSE Tumbleweed:tomcat11-doc-11.0.13-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat11-doc-11.0.13-1.1.s390x",
"openSUSE Tumbleweed:tomcat11-doc-11.0.13-1.1.x86_64",
"openSUSE Tumbleweed:tomcat11-docs-webapp-11.0.13-1.1.aarch64",
"openSUSE Tumbleweed:tomcat11-docs-webapp-11.0.13-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat11-docs-webapp-11.0.13-1.1.s390x",
"openSUSE Tumbleweed:tomcat11-docs-webapp-11.0.13-1.1.x86_64",
"openSUSE Tumbleweed:tomcat11-el-6_0-api-11.0.13-1.1.aarch64",
"openSUSE Tumbleweed:tomcat11-el-6_0-api-11.0.13-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat11-el-6_0-api-11.0.13-1.1.s390x",
"openSUSE Tumbleweed:tomcat11-el-6_0-api-11.0.13-1.1.x86_64",
"openSUSE Tumbleweed:tomcat11-embed-11.0.13-1.1.aarch64",
"openSUSE Tumbleweed:tomcat11-embed-11.0.13-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat11-embed-11.0.13-1.1.s390x",
"openSUSE Tumbleweed:tomcat11-embed-11.0.13-1.1.x86_64",
"openSUSE Tumbleweed:tomcat11-jsp-4_0-api-11.0.13-1.1.aarch64",
"openSUSE Tumbleweed:tomcat11-jsp-4_0-api-11.0.13-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat11-jsp-4_0-api-11.0.13-1.1.s390x",
"openSUSE Tumbleweed:tomcat11-jsp-4_0-api-11.0.13-1.1.x86_64",
"openSUSE Tumbleweed:tomcat11-jsvc-11.0.13-1.1.aarch64",
"openSUSE Tumbleweed:tomcat11-jsvc-11.0.13-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat11-jsvc-11.0.13-1.1.s390x",
"openSUSE Tumbleweed:tomcat11-jsvc-11.0.13-1.1.x86_64",
"openSUSE Tumbleweed:tomcat11-lib-11.0.13-1.1.aarch64",
"openSUSE Tumbleweed:tomcat11-lib-11.0.13-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat11-lib-11.0.13-1.1.s390x",
"openSUSE Tumbleweed:tomcat11-lib-11.0.13-1.1.x86_64",
"openSUSE Tumbleweed:tomcat11-servlet-6_1-api-11.0.13-1.1.aarch64",
"openSUSE Tumbleweed:tomcat11-servlet-6_1-api-11.0.13-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat11-servlet-6_1-api-11.0.13-1.1.s390x",
"openSUSE Tumbleweed:tomcat11-servlet-6_1-api-11.0.13-1.1.x86_64",
"openSUSE Tumbleweed:tomcat11-webapps-11.0.13-1.1.aarch64",
"openSUSE Tumbleweed:tomcat11-webapps-11.0.13-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat11-webapps-11.0.13-1.1.s390x",
"openSUSE Tumbleweed:tomcat11-webapps-11.0.13-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:tomcat11-11.0.13-1.1.aarch64",
"openSUSE Tumbleweed:tomcat11-11.0.13-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat11-11.0.13-1.1.s390x",
"openSUSE Tumbleweed:tomcat11-11.0.13-1.1.x86_64",
"openSUSE Tumbleweed:tomcat11-admin-webapps-11.0.13-1.1.aarch64",
"openSUSE Tumbleweed:tomcat11-admin-webapps-11.0.13-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat11-admin-webapps-11.0.13-1.1.s390x",
"openSUSE Tumbleweed:tomcat11-admin-webapps-11.0.13-1.1.x86_64",
"openSUSE Tumbleweed:tomcat11-doc-11.0.13-1.1.aarch64",
"openSUSE Tumbleweed:tomcat11-doc-11.0.13-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat11-doc-11.0.13-1.1.s390x",
"openSUSE Tumbleweed:tomcat11-doc-11.0.13-1.1.x86_64",
"openSUSE Tumbleweed:tomcat11-docs-webapp-11.0.13-1.1.aarch64",
"openSUSE Tumbleweed:tomcat11-docs-webapp-11.0.13-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat11-docs-webapp-11.0.13-1.1.s390x",
"openSUSE Tumbleweed:tomcat11-docs-webapp-11.0.13-1.1.x86_64",
"openSUSE Tumbleweed:tomcat11-el-6_0-api-11.0.13-1.1.aarch64",
"openSUSE Tumbleweed:tomcat11-el-6_0-api-11.0.13-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat11-el-6_0-api-11.0.13-1.1.s390x",
"openSUSE Tumbleweed:tomcat11-el-6_0-api-11.0.13-1.1.x86_64",
"openSUSE Tumbleweed:tomcat11-embed-11.0.13-1.1.aarch64",
"openSUSE Tumbleweed:tomcat11-embed-11.0.13-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat11-embed-11.0.13-1.1.s390x",
"openSUSE Tumbleweed:tomcat11-embed-11.0.13-1.1.x86_64",
"openSUSE Tumbleweed:tomcat11-jsp-4_0-api-11.0.13-1.1.aarch64",
"openSUSE Tumbleweed:tomcat11-jsp-4_0-api-11.0.13-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat11-jsp-4_0-api-11.0.13-1.1.s390x",
"openSUSE Tumbleweed:tomcat11-jsp-4_0-api-11.0.13-1.1.x86_64",
"openSUSE Tumbleweed:tomcat11-jsvc-11.0.13-1.1.aarch64",
"openSUSE Tumbleweed:tomcat11-jsvc-11.0.13-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat11-jsvc-11.0.13-1.1.s390x",
"openSUSE Tumbleweed:tomcat11-jsvc-11.0.13-1.1.x86_64",
"openSUSE Tumbleweed:tomcat11-lib-11.0.13-1.1.aarch64",
"openSUSE Tumbleweed:tomcat11-lib-11.0.13-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat11-lib-11.0.13-1.1.s390x",
"openSUSE Tumbleweed:tomcat11-lib-11.0.13-1.1.x86_64",
"openSUSE Tumbleweed:tomcat11-servlet-6_1-api-11.0.13-1.1.aarch64",
"openSUSE Tumbleweed:tomcat11-servlet-6_1-api-11.0.13-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat11-servlet-6_1-api-11.0.13-1.1.s390x",
"openSUSE Tumbleweed:tomcat11-servlet-6_1-api-11.0.13-1.1.x86_64",
"openSUSE Tumbleweed:tomcat11-webapps-11.0.13-1.1.aarch64",
"openSUSE Tumbleweed:tomcat11-webapps-11.0.13-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat11-webapps-11.0.13-1.1.s390x",
"openSUSE Tumbleweed:tomcat11-webapps-11.0.13-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-07T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-55754"
},
{
"cve": "CVE-2025-61795",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-61795"
}
],
"notes": [
{
"category": "general",
"text": "Improper Resource Shutdown or Release vulnerability in Apache Tomcat.\n\nIf an error occurred (including exceeding limits) during the processing of a multipart upload, temporary copies of the uploaded parts written to disc were not cleaned up immediately but left for the garbage collection process to delete. Depending on JVM settings, application memory usage and application load, it was possible that space for the temporary copies of uploaded parts would be filled faster than GC cleared it, leading to a DoS.\n\n\n\nThis issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.11, from 10.1.0-M1 through 10.1.46, from 9.0.0.M1 through 9.0.109.\n\nThe following versions were EOL at the time the CVE was created but are \nknown to be affected: 8.5.0 though 8.5.100. Other, older, EOL versions may also be affected.\nUsers are recommended to upgrade to version 11.0.12 or later, 10.1.47 or later or 9.0.110 or later which fixes the issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:tomcat11-11.0.13-1.1.aarch64",
"openSUSE Tumbleweed:tomcat11-11.0.13-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat11-11.0.13-1.1.s390x",
"openSUSE Tumbleweed:tomcat11-11.0.13-1.1.x86_64",
"openSUSE Tumbleweed:tomcat11-admin-webapps-11.0.13-1.1.aarch64",
"openSUSE Tumbleweed:tomcat11-admin-webapps-11.0.13-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat11-admin-webapps-11.0.13-1.1.s390x",
"openSUSE Tumbleweed:tomcat11-admin-webapps-11.0.13-1.1.x86_64",
"openSUSE Tumbleweed:tomcat11-doc-11.0.13-1.1.aarch64",
"openSUSE Tumbleweed:tomcat11-doc-11.0.13-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat11-doc-11.0.13-1.1.s390x",
"openSUSE Tumbleweed:tomcat11-doc-11.0.13-1.1.x86_64",
"openSUSE Tumbleweed:tomcat11-docs-webapp-11.0.13-1.1.aarch64",
"openSUSE Tumbleweed:tomcat11-docs-webapp-11.0.13-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat11-docs-webapp-11.0.13-1.1.s390x",
"openSUSE Tumbleweed:tomcat11-docs-webapp-11.0.13-1.1.x86_64",
"openSUSE Tumbleweed:tomcat11-el-6_0-api-11.0.13-1.1.aarch64",
"openSUSE Tumbleweed:tomcat11-el-6_0-api-11.0.13-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat11-el-6_0-api-11.0.13-1.1.s390x",
"openSUSE Tumbleweed:tomcat11-el-6_0-api-11.0.13-1.1.x86_64",
"openSUSE Tumbleweed:tomcat11-embed-11.0.13-1.1.aarch64",
"openSUSE Tumbleweed:tomcat11-embed-11.0.13-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat11-embed-11.0.13-1.1.s390x",
"openSUSE Tumbleweed:tomcat11-embed-11.0.13-1.1.x86_64",
"openSUSE Tumbleweed:tomcat11-jsp-4_0-api-11.0.13-1.1.aarch64",
"openSUSE Tumbleweed:tomcat11-jsp-4_0-api-11.0.13-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat11-jsp-4_0-api-11.0.13-1.1.s390x",
"openSUSE Tumbleweed:tomcat11-jsp-4_0-api-11.0.13-1.1.x86_64",
"openSUSE Tumbleweed:tomcat11-jsvc-11.0.13-1.1.aarch64",
"openSUSE Tumbleweed:tomcat11-jsvc-11.0.13-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat11-jsvc-11.0.13-1.1.s390x",
"openSUSE Tumbleweed:tomcat11-jsvc-11.0.13-1.1.x86_64",
"openSUSE Tumbleweed:tomcat11-lib-11.0.13-1.1.aarch64",
"openSUSE Tumbleweed:tomcat11-lib-11.0.13-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat11-lib-11.0.13-1.1.s390x",
"openSUSE Tumbleweed:tomcat11-lib-11.0.13-1.1.x86_64",
"openSUSE Tumbleweed:tomcat11-servlet-6_1-api-11.0.13-1.1.aarch64",
"openSUSE Tumbleweed:tomcat11-servlet-6_1-api-11.0.13-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat11-servlet-6_1-api-11.0.13-1.1.s390x",
"openSUSE Tumbleweed:tomcat11-servlet-6_1-api-11.0.13-1.1.x86_64",
"openSUSE Tumbleweed:tomcat11-webapps-11.0.13-1.1.aarch64",
"openSUSE Tumbleweed:tomcat11-webapps-11.0.13-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat11-webapps-11.0.13-1.1.s390x",
"openSUSE Tumbleweed:tomcat11-webapps-11.0.13-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-61795",
"url": "https://www.suse.com/security/cve/CVE-2025-61795"
},
{
"category": "external",
"summary": "SUSE Bug 1252756 for CVE-2025-61795",
"url": "https://bugzilla.suse.com/1252756"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:tomcat11-11.0.13-1.1.aarch64",
"openSUSE Tumbleweed:tomcat11-11.0.13-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat11-11.0.13-1.1.s390x",
"openSUSE Tumbleweed:tomcat11-11.0.13-1.1.x86_64",
"openSUSE Tumbleweed:tomcat11-admin-webapps-11.0.13-1.1.aarch64",
"openSUSE Tumbleweed:tomcat11-admin-webapps-11.0.13-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat11-admin-webapps-11.0.13-1.1.s390x",
"openSUSE Tumbleweed:tomcat11-admin-webapps-11.0.13-1.1.x86_64",
"openSUSE Tumbleweed:tomcat11-doc-11.0.13-1.1.aarch64",
"openSUSE Tumbleweed:tomcat11-doc-11.0.13-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat11-doc-11.0.13-1.1.s390x",
"openSUSE Tumbleweed:tomcat11-doc-11.0.13-1.1.x86_64",
"openSUSE Tumbleweed:tomcat11-docs-webapp-11.0.13-1.1.aarch64",
"openSUSE Tumbleweed:tomcat11-docs-webapp-11.0.13-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat11-docs-webapp-11.0.13-1.1.s390x",
"openSUSE Tumbleweed:tomcat11-docs-webapp-11.0.13-1.1.x86_64",
"openSUSE Tumbleweed:tomcat11-el-6_0-api-11.0.13-1.1.aarch64",
"openSUSE Tumbleweed:tomcat11-el-6_0-api-11.0.13-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat11-el-6_0-api-11.0.13-1.1.s390x",
"openSUSE Tumbleweed:tomcat11-el-6_0-api-11.0.13-1.1.x86_64",
"openSUSE Tumbleweed:tomcat11-embed-11.0.13-1.1.aarch64",
"openSUSE Tumbleweed:tomcat11-embed-11.0.13-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat11-embed-11.0.13-1.1.s390x",
"openSUSE Tumbleweed:tomcat11-embed-11.0.13-1.1.x86_64",
"openSUSE Tumbleweed:tomcat11-jsp-4_0-api-11.0.13-1.1.aarch64",
"openSUSE Tumbleweed:tomcat11-jsp-4_0-api-11.0.13-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat11-jsp-4_0-api-11.0.13-1.1.s390x",
"openSUSE Tumbleweed:tomcat11-jsp-4_0-api-11.0.13-1.1.x86_64",
"openSUSE Tumbleweed:tomcat11-jsvc-11.0.13-1.1.aarch64",
"openSUSE Tumbleweed:tomcat11-jsvc-11.0.13-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat11-jsvc-11.0.13-1.1.s390x",
"openSUSE Tumbleweed:tomcat11-jsvc-11.0.13-1.1.x86_64",
"openSUSE Tumbleweed:tomcat11-lib-11.0.13-1.1.aarch64",
"openSUSE Tumbleweed:tomcat11-lib-11.0.13-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat11-lib-11.0.13-1.1.s390x",
"openSUSE Tumbleweed:tomcat11-lib-11.0.13-1.1.x86_64",
"openSUSE Tumbleweed:tomcat11-servlet-6_1-api-11.0.13-1.1.aarch64",
"openSUSE Tumbleweed:tomcat11-servlet-6_1-api-11.0.13-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat11-servlet-6_1-api-11.0.13-1.1.s390x",
"openSUSE Tumbleweed:tomcat11-servlet-6_1-api-11.0.13-1.1.x86_64",
"openSUSE Tumbleweed:tomcat11-webapps-11.0.13-1.1.aarch64",
"openSUSE Tumbleweed:tomcat11-webapps-11.0.13-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat11-webapps-11.0.13-1.1.s390x",
"openSUSE Tumbleweed:tomcat11-webapps-11.0.13-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:tomcat11-11.0.13-1.1.aarch64",
"openSUSE Tumbleweed:tomcat11-11.0.13-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat11-11.0.13-1.1.s390x",
"openSUSE Tumbleweed:tomcat11-11.0.13-1.1.x86_64",
"openSUSE Tumbleweed:tomcat11-admin-webapps-11.0.13-1.1.aarch64",
"openSUSE Tumbleweed:tomcat11-admin-webapps-11.0.13-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat11-admin-webapps-11.0.13-1.1.s390x",
"openSUSE Tumbleweed:tomcat11-admin-webapps-11.0.13-1.1.x86_64",
"openSUSE Tumbleweed:tomcat11-doc-11.0.13-1.1.aarch64",
"openSUSE Tumbleweed:tomcat11-doc-11.0.13-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat11-doc-11.0.13-1.1.s390x",
"openSUSE Tumbleweed:tomcat11-doc-11.0.13-1.1.x86_64",
"openSUSE Tumbleweed:tomcat11-docs-webapp-11.0.13-1.1.aarch64",
"openSUSE Tumbleweed:tomcat11-docs-webapp-11.0.13-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat11-docs-webapp-11.0.13-1.1.s390x",
"openSUSE Tumbleweed:tomcat11-docs-webapp-11.0.13-1.1.x86_64",
"openSUSE Tumbleweed:tomcat11-el-6_0-api-11.0.13-1.1.aarch64",
"openSUSE Tumbleweed:tomcat11-el-6_0-api-11.0.13-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat11-el-6_0-api-11.0.13-1.1.s390x",
"openSUSE Tumbleweed:tomcat11-el-6_0-api-11.0.13-1.1.x86_64",
"openSUSE Tumbleweed:tomcat11-embed-11.0.13-1.1.aarch64",
"openSUSE Tumbleweed:tomcat11-embed-11.0.13-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat11-embed-11.0.13-1.1.s390x",
"openSUSE Tumbleweed:tomcat11-embed-11.0.13-1.1.x86_64",
"openSUSE Tumbleweed:tomcat11-jsp-4_0-api-11.0.13-1.1.aarch64",
"openSUSE Tumbleweed:tomcat11-jsp-4_0-api-11.0.13-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat11-jsp-4_0-api-11.0.13-1.1.s390x",
"openSUSE Tumbleweed:tomcat11-jsp-4_0-api-11.0.13-1.1.x86_64",
"openSUSE Tumbleweed:tomcat11-jsvc-11.0.13-1.1.aarch64",
"openSUSE Tumbleweed:tomcat11-jsvc-11.0.13-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat11-jsvc-11.0.13-1.1.s390x",
"openSUSE Tumbleweed:tomcat11-jsvc-11.0.13-1.1.x86_64",
"openSUSE Tumbleweed:tomcat11-lib-11.0.13-1.1.aarch64",
"openSUSE Tumbleweed:tomcat11-lib-11.0.13-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat11-lib-11.0.13-1.1.s390x",
"openSUSE Tumbleweed:tomcat11-lib-11.0.13-1.1.x86_64",
"openSUSE Tumbleweed:tomcat11-servlet-6_1-api-11.0.13-1.1.aarch64",
"openSUSE Tumbleweed:tomcat11-servlet-6_1-api-11.0.13-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat11-servlet-6_1-api-11.0.13-1.1.s390x",
"openSUSE Tumbleweed:tomcat11-servlet-6_1-api-11.0.13-1.1.x86_64",
"openSUSE Tumbleweed:tomcat11-webapps-11.0.13-1.1.aarch64",
"openSUSE Tumbleweed:tomcat11-webapps-11.0.13-1.1.ppc64le",
"openSUSE Tumbleweed:tomcat11-webapps-11.0.13-1.1.s390x",
"openSUSE Tumbleweed:tomcat11-webapps-11.0.13-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-07T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-61795"
}
]
}
suse-su-2025:4103-1
Vulnerability from csaf_suse
Published
2025-11-14 09:56
Modified
2025-11-14 09:56
Summary
Security update for tomcat10
Notes
Title of the patch
Security update for tomcat10
Description of the patch
This update for tomcat10 fixes the following issues:
Update to Tomcat 10.1.48
- CVE-2025-55752: Fixed directory traversal via rewrite with possible RCE if PUT
is enabled (bsc#1252753)
- CVE-2025-55754: Fixed improper neutralization of escape, meta, or control
sequences vulnerability (bsc#1252905)
- CVE-2025-61795: Fixed denial of service due to temporary copies during
the processing of multipart upload (bsc#1252756)
Patchnames
SUSE-2025-4103,SUSE-SLE-Module-Web-Scripting-15-SP6-2025-4103,SUSE-SLE-Module-Web-Scripting-15-SP7-2025-4103,SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-4103,SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-4103,SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-4103,SUSE-SLE-Product-SLES_SAP-15-SP5-2025-4103,openSUSE-SLE-15.6-2025-4103
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for tomcat10",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for tomcat10 fixes the following issues:\n\nUpdate to Tomcat 10.1.48\n\n - CVE-2025-55752: Fixed directory traversal via rewrite with possible RCE if PUT\n is enabled (bsc#1252753)\n - CVE-2025-55754: Fixed improper neutralization of escape, meta, or control \n sequences vulnerability (bsc#1252905)\n - CVE-2025-61795: Fixed denial of service due to temporary copies during \n the processing of multipart upload (bsc#1252756)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-4103,SUSE-SLE-Module-Web-Scripting-15-SP6-2025-4103,SUSE-SLE-Module-Web-Scripting-15-SP7-2025-4103,SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-4103,SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-4103,SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-4103,SUSE-SLE-Product-SLES_SAP-15-SP5-2025-4103,openSUSE-SLE-15.6-2025-4103",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_4103-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:4103-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20254103-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:4103-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-November/023281.html"
},
{
"category": "self",
"summary": "SUSE Bug 1252753",
"url": "https://bugzilla.suse.com/1252753"
},
{
"category": "self",
"summary": "SUSE Bug 1252756",
"url": "https://bugzilla.suse.com/1252756"
},
{
"category": "self",
"summary": "SUSE Bug 1252905",
"url": "https://bugzilla.suse.com/1252905"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-55752 page",
"url": "https://www.suse.com/security/cve/CVE-2025-55752/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-55754 page",
"url": "https://www.suse.com/security/cve/CVE-2025-55754/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-61795 page",
"url": "https://www.suse.com/security/cve/CVE-2025-61795/"
}
],
"title": "Security update for tomcat10",
"tracking": {
"current_release_date": "2025-11-14T09:56:37Z",
"generator": {
"date": "2025-11-14T09:56:37Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:4103-1",
"initial_release_date": "2025-11-14T09:56:37Z",
"revision_history": [
{
"date": "2025-11-14T09:56:37Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "tomcat10-10.1.48-150200.5.54.1.noarch",
"product": {
"name": "tomcat10-10.1.48-150200.5.54.1.noarch",
"product_id": "tomcat10-10.1.48-150200.5.54.1.noarch"
}
},
{
"category": "product_version",
"name": "tomcat10-admin-webapps-10.1.48-150200.5.54.1.noarch",
"product": {
"name": "tomcat10-admin-webapps-10.1.48-150200.5.54.1.noarch",
"product_id": "tomcat10-admin-webapps-10.1.48-150200.5.54.1.noarch"
}
},
{
"category": "product_version",
"name": "tomcat10-doc-10.1.48-150200.5.54.1.noarch",
"product": {
"name": "tomcat10-doc-10.1.48-150200.5.54.1.noarch",
"product_id": "tomcat10-doc-10.1.48-150200.5.54.1.noarch"
}
},
{
"category": "product_version",
"name": "tomcat10-docs-webapp-10.1.48-150200.5.54.1.noarch",
"product": {
"name": "tomcat10-docs-webapp-10.1.48-150200.5.54.1.noarch",
"product_id": "tomcat10-docs-webapp-10.1.48-150200.5.54.1.noarch"
}
},
{
"category": "product_version",
"name": "tomcat10-el-5_0-api-10.1.48-150200.5.54.1.noarch",
"product": {
"name": "tomcat10-el-5_0-api-10.1.48-150200.5.54.1.noarch",
"product_id": "tomcat10-el-5_0-api-10.1.48-150200.5.54.1.noarch"
}
},
{
"category": "product_version",
"name": "tomcat10-embed-10.1.48-150200.5.54.1.noarch",
"product": {
"name": "tomcat10-embed-10.1.48-150200.5.54.1.noarch",
"product_id": "tomcat10-embed-10.1.48-150200.5.54.1.noarch"
}
},
{
"category": "product_version",
"name": "tomcat10-jsp-3_1-api-10.1.48-150200.5.54.1.noarch",
"product": {
"name": "tomcat10-jsp-3_1-api-10.1.48-150200.5.54.1.noarch",
"product_id": "tomcat10-jsp-3_1-api-10.1.48-150200.5.54.1.noarch"
}
},
{
"category": "product_version",
"name": "tomcat10-jsvc-10.1.48-150200.5.54.1.noarch",
"product": {
"name": "tomcat10-jsvc-10.1.48-150200.5.54.1.noarch",
"product_id": "tomcat10-jsvc-10.1.48-150200.5.54.1.noarch"
}
},
{
"category": "product_version",
"name": "tomcat10-lib-10.1.48-150200.5.54.1.noarch",
"product": {
"name": "tomcat10-lib-10.1.48-150200.5.54.1.noarch",
"product_id": "tomcat10-lib-10.1.48-150200.5.54.1.noarch"
}
},
{
"category": "product_version",
"name": "tomcat10-servlet-6_0-api-10.1.48-150200.5.54.1.noarch",
"product": {
"name": "tomcat10-servlet-6_0-api-10.1.48-150200.5.54.1.noarch",
"product_id": "tomcat10-servlet-6_0-api-10.1.48-150200.5.54.1.noarch"
}
},
{
"category": "product_version",
"name": "tomcat10-webapps-10.1.48-150200.5.54.1.noarch",
"product": {
"name": "tomcat10-webapps-10.1.48-150200.5.54.1.noarch",
"product_id": "tomcat10-webapps-10.1.48-150200.5.54.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Web and Scripting 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Module for Web and Scripting 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 15 SP6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-web-scripting:15:sp6"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Web and Scripting 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Module for Web and Scripting 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 15 SP7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-web-scripting:15:sp7"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp5"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.6",
"product": {
"name": "openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.6"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat10-10.1.48-150200.5.54.1.noarch as component of SUSE Linux Enterprise Module for Web and Scripting 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-10.1.48-150200.5.54.1.noarch"
},
"product_reference": "tomcat10-10.1.48-150200.5.54.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat10-admin-webapps-10.1.48-150200.5.54.1.noarch as component of SUSE Linux Enterprise Module for Web and Scripting 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-admin-webapps-10.1.48-150200.5.54.1.noarch"
},
"product_reference": "tomcat10-admin-webapps-10.1.48-150200.5.54.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat10-el-5_0-api-10.1.48-150200.5.54.1.noarch as component of SUSE Linux Enterprise Module for Web and Scripting 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-el-5_0-api-10.1.48-150200.5.54.1.noarch"
},
"product_reference": "tomcat10-el-5_0-api-10.1.48-150200.5.54.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat10-jsp-3_1-api-10.1.48-150200.5.54.1.noarch as component of SUSE Linux Enterprise Module for Web and Scripting 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-jsp-3_1-api-10.1.48-150200.5.54.1.noarch"
},
"product_reference": "tomcat10-jsp-3_1-api-10.1.48-150200.5.54.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat10-lib-10.1.48-150200.5.54.1.noarch as component of SUSE Linux Enterprise Module for Web and Scripting 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-lib-10.1.48-150200.5.54.1.noarch"
},
"product_reference": "tomcat10-lib-10.1.48-150200.5.54.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat10-servlet-6_0-api-10.1.48-150200.5.54.1.noarch as component of SUSE Linux Enterprise Module for Web and Scripting 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-servlet-6_0-api-10.1.48-150200.5.54.1.noarch"
},
"product_reference": "tomcat10-servlet-6_0-api-10.1.48-150200.5.54.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat10-webapps-10.1.48-150200.5.54.1.noarch as component of SUSE Linux Enterprise Module for Web and Scripting 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-webapps-10.1.48-150200.5.54.1.noarch"
},
"product_reference": "tomcat10-webapps-10.1.48-150200.5.54.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat10-10.1.48-150200.5.54.1.noarch as component of SUSE Linux Enterprise Module for Web and Scripting 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-10.1.48-150200.5.54.1.noarch"
},
"product_reference": "tomcat10-10.1.48-150200.5.54.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat10-admin-webapps-10.1.48-150200.5.54.1.noarch as component of SUSE Linux Enterprise Module for Web and Scripting 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-admin-webapps-10.1.48-150200.5.54.1.noarch"
},
"product_reference": "tomcat10-admin-webapps-10.1.48-150200.5.54.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat10-el-5_0-api-10.1.48-150200.5.54.1.noarch as component of SUSE Linux Enterprise Module for Web and Scripting 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-el-5_0-api-10.1.48-150200.5.54.1.noarch"
},
"product_reference": "tomcat10-el-5_0-api-10.1.48-150200.5.54.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat10-jsp-3_1-api-10.1.48-150200.5.54.1.noarch as component of SUSE Linux Enterprise Module for Web and Scripting 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-jsp-3_1-api-10.1.48-150200.5.54.1.noarch"
},
"product_reference": "tomcat10-jsp-3_1-api-10.1.48-150200.5.54.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat10-lib-10.1.48-150200.5.54.1.noarch as component of SUSE Linux Enterprise Module for Web and Scripting 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-lib-10.1.48-150200.5.54.1.noarch"
},
"product_reference": "tomcat10-lib-10.1.48-150200.5.54.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat10-servlet-6_0-api-10.1.48-150200.5.54.1.noarch as component of SUSE Linux Enterprise Module for Web and Scripting 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-servlet-6_0-api-10.1.48-150200.5.54.1.noarch"
},
"product_reference": "tomcat10-servlet-6_0-api-10.1.48-150200.5.54.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat10-webapps-10.1.48-150200.5.54.1.noarch as component of SUSE Linux Enterprise Module for Web and Scripting 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-webapps-10.1.48-150200.5.54.1.noarch"
},
"product_reference": "tomcat10-webapps-10.1.48-150200.5.54.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat10-10.1.48-150200.5.54.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-10.1.48-150200.5.54.1.noarch"
},
"product_reference": "tomcat10-10.1.48-150200.5.54.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat10-admin-webapps-10.1.48-150200.5.54.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-admin-webapps-10.1.48-150200.5.54.1.noarch"
},
"product_reference": "tomcat10-admin-webapps-10.1.48-150200.5.54.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat10-el-5_0-api-10.1.48-150200.5.54.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-el-5_0-api-10.1.48-150200.5.54.1.noarch"
},
"product_reference": "tomcat10-el-5_0-api-10.1.48-150200.5.54.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat10-jsp-3_1-api-10.1.48-150200.5.54.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-jsp-3_1-api-10.1.48-150200.5.54.1.noarch"
},
"product_reference": "tomcat10-jsp-3_1-api-10.1.48-150200.5.54.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat10-lib-10.1.48-150200.5.54.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-lib-10.1.48-150200.5.54.1.noarch"
},
"product_reference": "tomcat10-lib-10.1.48-150200.5.54.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat10-servlet-6_0-api-10.1.48-150200.5.54.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-servlet-6_0-api-10.1.48-150200.5.54.1.noarch"
},
"product_reference": "tomcat10-servlet-6_0-api-10.1.48-150200.5.54.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat10-webapps-10.1.48-150200.5.54.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-webapps-10.1.48-150200.5.54.1.noarch"
},
"product_reference": "tomcat10-webapps-10.1.48-150200.5.54.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat10-10.1.48-150200.5.54.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-10.1.48-150200.5.54.1.noarch"
},
"product_reference": "tomcat10-10.1.48-150200.5.54.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat10-admin-webapps-10.1.48-150200.5.54.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-admin-webapps-10.1.48-150200.5.54.1.noarch"
},
"product_reference": "tomcat10-admin-webapps-10.1.48-150200.5.54.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat10-el-5_0-api-10.1.48-150200.5.54.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-el-5_0-api-10.1.48-150200.5.54.1.noarch"
},
"product_reference": "tomcat10-el-5_0-api-10.1.48-150200.5.54.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat10-jsp-3_1-api-10.1.48-150200.5.54.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-jsp-3_1-api-10.1.48-150200.5.54.1.noarch"
},
"product_reference": "tomcat10-jsp-3_1-api-10.1.48-150200.5.54.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat10-lib-10.1.48-150200.5.54.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-lib-10.1.48-150200.5.54.1.noarch"
},
"product_reference": "tomcat10-lib-10.1.48-150200.5.54.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat10-servlet-6_0-api-10.1.48-150200.5.54.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-servlet-6_0-api-10.1.48-150200.5.54.1.noarch"
},
"product_reference": "tomcat10-servlet-6_0-api-10.1.48-150200.5.54.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat10-webapps-10.1.48-150200.5.54.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-webapps-10.1.48-150200.5.54.1.noarch"
},
"product_reference": "tomcat10-webapps-10.1.48-150200.5.54.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat10-10.1.48-150200.5.54.1.noarch as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-10.1.48-150200.5.54.1.noarch"
},
"product_reference": "tomcat10-10.1.48-150200.5.54.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat10-admin-webapps-10.1.48-150200.5.54.1.noarch as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-admin-webapps-10.1.48-150200.5.54.1.noarch"
},
"product_reference": "tomcat10-admin-webapps-10.1.48-150200.5.54.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat10-el-5_0-api-10.1.48-150200.5.54.1.noarch as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-el-5_0-api-10.1.48-150200.5.54.1.noarch"
},
"product_reference": "tomcat10-el-5_0-api-10.1.48-150200.5.54.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat10-jsp-3_1-api-10.1.48-150200.5.54.1.noarch as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-jsp-3_1-api-10.1.48-150200.5.54.1.noarch"
},
"product_reference": "tomcat10-jsp-3_1-api-10.1.48-150200.5.54.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat10-lib-10.1.48-150200.5.54.1.noarch as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-lib-10.1.48-150200.5.54.1.noarch"
},
"product_reference": "tomcat10-lib-10.1.48-150200.5.54.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat10-servlet-6_0-api-10.1.48-150200.5.54.1.noarch as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-servlet-6_0-api-10.1.48-150200.5.54.1.noarch"
},
"product_reference": "tomcat10-servlet-6_0-api-10.1.48-150200.5.54.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat10-webapps-10.1.48-150200.5.54.1.noarch as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-webapps-10.1.48-150200.5.54.1.noarch"
},
"product_reference": "tomcat10-webapps-10.1.48-150200.5.54.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat10-10.1.48-150200.5.54.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-10.1.48-150200.5.54.1.noarch"
},
"product_reference": "tomcat10-10.1.48-150200.5.54.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat10-admin-webapps-10.1.48-150200.5.54.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-admin-webapps-10.1.48-150200.5.54.1.noarch"
},
"product_reference": "tomcat10-admin-webapps-10.1.48-150200.5.54.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat10-el-5_0-api-10.1.48-150200.5.54.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-el-5_0-api-10.1.48-150200.5.54.1.noarch"
},
"product_reference": "tomcat10-el-5_0-api-10.1.48-150200.5.54.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat10-jsp-3_1-api-10.1.48-150200.5.54.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-jsp-3_1-api-10.1.48-150200.5.54.1.noarch"
},
"product_reference": "tomcat10-jsp-3_1-api-10.1.48-150200.5.54.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat10-lib-10.1.48-150200.5.54.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-lib-10.1.48-150200.5.54.1.noarch"
},
"product_reference": "tomcat10-lib-10.1.48-150200.5.54.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat10-servlet-6_0-api-10.1.48-150200.5.54.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-servlet-6_0-api-10.1.48-150200.5.54.1.noarch"
},
"product_reference": "tomcat10-servlet-6_0-api-10.1.48-150200.5.54.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat10-webapps-10.1.48-150200.5.54.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-webapps-10.1.48-150200.5.54.1.noarch"
},
"product_reference": "tomcat10-webapps-10.1.48-150200.5.54.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat10-10.1.48-150200.5.54.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:tomcat10-10.1.48-150200.5.54.1.noarch"
},
"product_reference": "tomcat10-10.1.48-150200.5.54.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat10-admin-webapps-10.1.48-150200.5.54.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:tomcat10-admin-webapps-10.1.48-150200.5.54.1.noarch"
},
"product_reference": "tomcat10-admin-webapps-10.1.48-150200.5.54.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat10-doc-10.1.48-150200.5.54.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:tomcat10-doc-10.1.48-150200.5.54.1.noarch"
},
"product_reference": "tomcat10-doc-10.1.48-150200.5.54.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat10-docs-webapp-10.1.48-150200.5.54.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:tomcat10-docs-webapp-10.1.48-150200.5.54.1.noarch"
},
"product_reference": "tomcat10-docs-webapp-10.1.48-150200.5.54.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat10-el-5_0-api-10.1.48-150200.5.54.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:tomcat10-el-5_0-api-10.1.48-150200.5.54.1.noarch"
},
"product_reference": "tomcat10-el-5_0-api-10.1.48-150200.5.54.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat10-embed-10.1.48-150200.5.54.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:tomcat10-embed-10.1.48-150200.5.54.1.noarch"
},
"product_reference": "tomcat10-embed-10.1.48-150200.5.54.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat10-jsp-3_1-api-10.1.48-150200.5.54.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:tomcat10-jsp-3_1-api-10.1.48-150200.5.54.1.noarch"
},
"product_reference": "tomcat10-jsp-3_1-api-10.1.48-150200.5.54.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat10-jsvc-10.1.48-150200.5.54.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:tomcat10-jsvc-10.1.48-150200.5.54.1.noarch"
},
"product_reference": "tomcat10-jsvc-10.1.48-150200.5.54.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat10-lib-10.1.48-150200.5.54.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:tomcat10-lib-10.1.48-150200.5.54.1.noarch"
},
"product_reference": "tomcat10-lib-10.1.48-150200.5.54.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat10-servlet-6_0-api-10.1.48-150200.5.54.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:tomcat10-servlet-6_0-api-10.1.48-150200.5.54.1.noarch"
},
"product_reference": "tomcat10-servlet-6_0-api-10.1.48-150200.5.54.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat10-webapps-10.1.48-150200.5.54.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:tomcat10-webapps-10.1.48-150200.5.54.1.noarch"
},
"product_reference": "tomcat10-webapps-10.1.48-150200.5.54.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-55752",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-55752"
}
],
"notes": [
{
"category": "general",
"text": "Relative Path Traversal vulnerability in Apache Tomcat.\n\nThe fix for bug 60013 introduced a regression where the rewritten URL was normalized before it was decoded. This introduced the possibility that, for rewrite rules that rewrite query parameters to the URL, an attacker could manipulate the request URI to bypass security constraints including the protection for /WEB-INF/ and /META-INF/. If PUT requests were also enabled then malicious files could be uploaded leading to remote code execution. PUT requests are normally limited to trusted users and it is considered unlikely that PUT requests would be enabled in conjunction with a rewrite that manipulated the URI.\n\n\n\nThis issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.10, from 10.1.0-M1 through 10.1.44, from 9.0.0.M11 through 9.0.108.\n\nThe following versions were EOL at the time the CVE was created but are \nknown to be affected: 8.5.6 though 8.5.100. Other, older, EOL versions may also be affected.\nUsers are recommended to upgrade to version 11.0.11 or later, 10.1.45 or later or 9.0.109 or later, which fix the issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-admin-webapps-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-el-5_0-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-jsp-3_1-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-lib-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-servlet-6_0-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-webapps-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-admin-webapps-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-el-5_0-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-jsp-3_1-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-lib-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-servlet-6_0-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-webapps-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-admin-webapps-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-el-5_0-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-jsp-3_1-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-lib-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-servlet-6_0-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-webapps-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-admin-webapps-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-el-5_0-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-jsp-3_1-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-lib-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-servlet-6_0-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-webapps-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-admin-webapps-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-el-5_0-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-jsp-3_1-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-lib-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-servlet-6_0-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-webapps-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-admin-webapps-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-el-5_0-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-jsp-3_1-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-lib-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-servlet-6_0-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-webapps-10.1.48-150200.5.54.1.noarch",
"openSUSE Leap 15.6:tomcat10-10.1.48-150200.5.54.1.noarch",
"openSUSE Leap 15.6:tomcat10-admin-webapps-10.1.48-150200.5.54.1.noarch",
"openSUSE Leap 15.6:tomcat10-doc-10.1.48-150200.5.54.1.noarch",
"openSUSE Leap 15.6:tomcat10-docs-webapp-10.1.48-150200.5.54.1.noarch",
"openSUSE Leap 15.6:tomcat10-el-5_0-api-10.1.48-150200.5.54.1.noarch",
"openSUSE Leap 15.6:tomcat10-embed-10.1.48-150200.5.54.1.noarch",
"openSUSE Leap 15.6:tomcat10-jsp-3_1-api-10.1.48-150200.5.54.1.noarch",
"openSUSE Leap 15.6:tomcat10-jsvc-10.1.48-150200.5.54.1.noarch",
"openSUSE Leap 15.6:tomcat10-lib-10.1.48-150200.5.54.1.noarch",
"openSUSE Leap 15.6:tomcat10-servlet-6_0-api-10.1.48-150200.5.54.1.noarch",
"openSUSE Leap 15.6:tomcat10-webapps-10.1.48-150200.5.54.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-55752",
"url": "https://www.suse.com/security/cve/CVE-2025-55752"
},
{
"category": "external",
"summary": "SUSE Bug 1252753 for CVE-2025-55752",
"url": "https://bugzilla.suse.com/1252753"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-admin-webapps-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-el-5_0-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-jsp-3_1-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-lib-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-servlet-6_0-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-webapps-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-admin-webapps-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-el-5_0-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-jsp-3_1-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-lib-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-servlet-6_0-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-webapps-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-admin-webapps-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-el-5_0-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-jsp-3_1-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-lib-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-servlet-6_0-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-webapps-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-admin-webapps-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-el-5_0-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-jsp-3_1-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-lib-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-servlet-6_0-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-webapps-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-admin-webapps-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-el-5_0-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-jsp-3_1-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-lib-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-servlet-6_0-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-webapps-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-admin-webapps-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-el-5_0-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-jsp-3_1-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-lib-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-servlet-6_0-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-webapps-10.1.48-150200.5.54.1.noarch",
"openSUSE Leap 15.6:tomcat10-10.1.48-150200.5.54.1.noarch",
"openSUSE Leap 15.6:tomcat10-admin-webapps-10.1.48-150200.5.54.1.noarch",
"openSUSE Leap 15.6:tomcat10-doc-10.1.48-150200.5.54.1.noarch",
"openSUSE Leap 15.6:tomcat10-docs-webapp-10.1.48-150200.5.54.1.noarch",
"openSUSE Leap 15.6:tomcat10-el-5_0-api-10.1.48-150200.5.54.1.noarch",
"openSUSE Leap 15.6:tomcat10-embed-10.1.48-150200.5.54.1.noarch",
"openSUSE Leap 15.6:tomcat10-jsp-3_1-api-10.1.48-150200.5.54.1.noarch",
"openSUSE Leap 15.6:tomcat10-jsvc-10.1.48-150200.5.54.1.noarch",
"openSUSE Leap 15.6:tomcat10-lib-10.1.48-150200.5.54.1.noarch",
"openSUSE Leap 15.6:tomcat10-servlet-6_0-api-10.1.48-150200.5.54.1.noarch",
"openSUSE Leap 15.6:tomcat10-webapps-10.1.48-150200.5.54.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-admin-webapps-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-el-5_0-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-jsp-3_1-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-lib-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-servlet-6_0-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-webapps-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-admin-webapps-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-el-5_0-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-jsp-3_1-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-lib-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-servlet-6_0-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-webapps-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-admin-webapps-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-el-5_0-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-jsp-3_1-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-lib-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-servlet-6_0-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-webapps-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-admin-webapps-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-el-5_0-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-jsp-3_1-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-lib-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-servlet-6_0-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-webapps-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-admin-webapps-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-el-5_0-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-jsp-3_1-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-lib-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-servlet-6_0-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-webapps-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-admin-webapps-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-el-5_0-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-jsp-3_1-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-lib-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-servlet-6_0-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-webapps-10.1.48-150200.5.54.1.noarch",
"openSUSE Leap 15.6:tomcat10-10.1.48-150200.5.54.1.noarch",
"openSUSE Leap 15.6:tomcat10-admin-webapps-10.1.48-150200.5.54.1.noarch",
"openSUSE Leap 15.6:tomcat10-doc-10.1.48-150200.5.54.1.noarch",
"openSUSE Leap 15.6:tomcat10-docs-webapp-10.1.48-150200.5.54.1.noarch",
"openSUSE Leap 15.6:tomcat10-el-5_0-api-10.1.48-150200.5.54.1.noarch",
"openSUSE Leap 15.6:tomcat10-embed-10.1.48-150200.5.54.1.noarch",
"openSUSE Leap 15.6:tomcat10-jsp-3_1-api-10.1.48-150200.5.54.1.noarch",
"openSUSE Leap 15.6:tomcat10-jsvc-10.1.48-150200.5.54.1.noarch",
"openSUSE Leap 15.6:tomcat10-lib-10.1.48-150200.5.54.1.noarch",
"openSUSE Leap 15.6:tomcat10-servlet-6_0-api-10.1.48-150200.5.54.1.noarch",
"openSUSE Leap 15.6:tomcat10-webapps-10.1.48-150200.5.54.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-14T09:56:37Z",
"details": "important"
}
],
"title": "CVE-2025-55752"
},
{
"cve": "CVE-2025-55754",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-55754"
}
],
"notes": [
{
"category": "general",
"text": "Improper Neutralization of Escape, Meta, or Control Sequences vulnerability in Apache Tomcat.\n\nTomcat did not escape ANSI escape sequences in log messages. If Tomcat was running in a console on a Windows operating system, and the console supported ANSI escape sequences, it was possible for an attacker to use a specially crafted URL to inject ANSI escape sequences to manipulate the console and the clipboard and attempt to trick an administrator into running an attacker controlled command. While no attack vector was found, it may have been possible to mount this attack on other operating systems.\n\n\n\nThis issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.10, from 10.1.0-M1 through 10.1.44, from 9.0.40 through 9.0.108.\n\nThe following versions were EOL at the time the CVE was created but are \nknown to be affected: 8.5.60 though 8.5.100. Other, older, EOL versions may also be affected.\nUsers are recommended to upgrade to version 11.0.11 or later, 10.1.45 or later or 9.0.109 or later, which fix the issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-admin-webapps-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-el-5_0-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-jsp-3_1-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-lib-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-servlet-6_0-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-webapps-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-admin-webapps-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-el-5_0-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-jsp-3_1-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-lib-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-servlet-6_0-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-webapps-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-admin-webapps-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-el-5_0-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-jsp-3_1-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-lib-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-servlet-6_0-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-webapps-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-admin-webapps-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-el-5_0-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-jsp-3_1-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-lib-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-servlet-6_0-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-webapps-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-admin-webapps-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-el-5_0-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-jsp-3_1-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-lib-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-servlet-6_0-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-webapps-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-admin-webapps-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-el-5_0-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-jsp-3_1-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-lib-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-servlet-6_0-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-webapps-10.1.48-150200.5.54.1.noarch",
"openSUSE Leap 15.6:tomcat10-10.1.48-150200.5.54.1.noarch",
"openSUSE Leap 15.6:tomcat10-admin-webapps-10.1.48-150200.5.54.1.noarch",
"openSUSE Leap 15.6:tomcat10-doc-10.1.48-150200.5.54.1.noarch",
"openSUSE Leap 15.6:tomcat10-docs-webapp-10.1.48-150200.5.54.1.noarch",
"openSUSE Leap 15.6:tomcat10-el-5_0-api-10.1.48-150200.5.54.1.noarch",
"openSUSE Leap 15.6:tomcat10-embed-10.1.48-150200.5.54.1.noarch",
"openSUSE Leap 15.6:tomcat10-jsp-3_1-api-10.1.48-150200.5.54.1.noarch",
"openSUSE Leap 15.6:tomcat10-jsvc-10.1.48-150200.5.54.1.noarch",
"openSUSE Leap 15.6:tomcat10-lib-10.1.48-150200.5.54.1.noarch",
"openSUSE Leap 15.6:tomcat10-servlet-6_0-api-10.1.48-150200.5.54.1.noarch",
"openSUSE Leap 15.6:tomcat10-webapps-10.1.48-150200.5.54.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-55754",
"url": "https://www.suse.com/security/cve/CVE-2025-55754"
},
{
"category": "external",
"summary": "SUSE Bug 1252905 for CVE-2025-55754",
"url": "https://bugzilla.suse.com/1252905"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-admin-webapps-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-el-5_0-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-jsp-3_1-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-lib-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-servlet-6_0-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-webapps-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-admin-webapps-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-el-5_0-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-jsp-3_1-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-lib-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-servlet-6_0-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-webapps-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-admin-webapps-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-el-5_0-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-jsp-3_1-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-lib-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-servlet-6_0-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-webapps-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-admin-webapps-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-el-5_0-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-jsp-3_1-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-lib-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-servlet-6_0-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-webapps-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-admin-webapps-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-el-5_0-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-jsp-3_1-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-lib-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-servlet-6_0-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-webapps-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-admin-webapps-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-el-5_0-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-jsp-3_1-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-lib-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-servlet-6_0-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-webapps-10.1.48-150200.5.54.1.noarch",
"openSUSE Leap 15.6:tomcat10-10.1.48-150200.5.54.1.noarch",
"openSUSE Leap 15.6:tomcat10-admin-webapps-10.1.48-150200.5.54.1.noarch",
"openSUSE Leap 15.6:tomcat10-doc-10.1.48-150200.5.54.1.noarch",
"openSUSE Leap 15.6:tomcat10-docs-webapp-10.1.48-150200.5.54.1.noarch",
"openSUSE Leap 15.6:tomcat10-el-5_0-api-10.1.48-150200.5.54.1.noarch",
"openSUSE Leap 15.6:tomcat10-embed-10.1.48-150200.5.54.1.noarch",
"openSUSE Leap 15.6:tomcat10-jsp-3_1-api-10.1.48-150200.5.54.1.noarch",
"openSUSE Leap 15.6:tomcat10-jsvc-10.1.48-150200.5.54.1.noarch",
"openSUSE Leap 15.6:tomcat10-lib-10.1.48-150200.5.54.1.noarch",
"openSUSE Leap 15.6:tomcat10-servlet-6_0-api-10.1.48-150200.5.54.1.noarch",
"openSUSE Leap 15.6:tomcat10-webapps-10.1.48-150200.5.54.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-admin-webapps-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-el-5_0-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-jsp-3_1-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-lib-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-servlet-6_0-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-webapps-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-admin-webapps-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-el-5_0-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-jsp-3_1-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-lib-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-servlet-6_0-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-webapps-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-admin-webapps-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-el-5_0-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-jsp-3_1-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-lib-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-servlet-6_0-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-webapps-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-admin-webapps-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-el-5_0-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-jsp-3_1-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-lib-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-servlet-6_0-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-webapps-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-admin-webapps-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-el-5_0-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-jsp-3_1-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-lib-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-servlet-6_0-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-webapps-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-admin-webapps-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-el-5_0-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-jsp-3_1-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-lib-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-servlet-6_0-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-webapps-10.1.48-150200.5.54.1.noarch",
"openSUSE Leap 15.6:tomcat10-10.1.48-150200.5.54.1.noarch",
"openSUSE Leap 15.6:tomcat10-admin-webapps-10.1.48-150200.5.54.1.noarch",
"openSUSE Leap 15.6:tomcat10-doc-10.1.48-150200.5.54.1.noarch",
"openSUSE Leap 15.6:tomcat10-docs-webapp-10.1.48-150200.5.54.1.noarch",
"openSUSE Leap 15.6:tomcat10-el-5_0-api-10.1.48-150200.5.54.1.noarch",
"openSUSE Leap 15.6:tomcat10-embed-10.1.48-150200.5.54.1.noarch",
"openSUSE Leap 15.6:tomcat10-jsp-3_1-api-10.1.48-150200.5.54.1.noarch",
"openSUSE Leap 15.6:tomcat10-jsvc-10.1.48-150200.5.54.1.noarch",
"openSUSE Leap 15.6:tomcat10-lib-10.1.48-150200.5.54.1.noarch",
"openSUSE Leap 15.6:tomcat10-servlet-6_0-api-10.1.48-150200.5.54.1.noarch",
"openSUSE Leap 15.6:tomcat10-webapps-10.1.48-150200.5.54.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-14T09:56:37Z",
"details": "moderate"
}
],
"title": "CVE-2025-55754"
},
{
"cve": "CVE-2025-61795",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-61795"
}
],
"notes": [
{
"category": "general",
"text": "Improper Resource Shutdown or Release vulnerability in Apache Tomcat.\n\nIf an error occurred (including exceeding limits) during the processing of a multipart upload, temporary copies of the uploaded parts written to disc were not cleaned up immediately but left for the garbage collection process to delete. Depending on JVM settings, application memory usage and application load, it was possible that space for the temporary copies of uploaded parts would be filled faster than GC cleared it, leading to a DoS.\n\n\n\nThis issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.11, from 10.1.0-M1 through 10.1.46, from 9.0.0.M1 through 9.0.109.\n\nThe following versions were EOL at the time the CVE was created but are \nknown to be affected: 8.5.0 though 8.5.100. Other, older, EOL versions may also be affected.\nUsers are recommended to upgrade to version 11.0.12 or later, 10.1.47 or later or 9.0.110 or later which fixes the issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-admin-webapps-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-el-5_0-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-jsp-3_1-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-lib-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-servlet-6_0-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-webapps-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-admin-webapps-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-el-5_0-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-jsp-3_1-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-lib-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-servlet-6_0-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-webapps-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-admin-webapps-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-el-5_0-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-jsp-3_1-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-lib-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-servlet-6_0-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-webapps-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-admin-webapps-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-el-5_0-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-jsp-3_1-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-lib-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-servlet-6_0-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-webapps-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-admin-webapps-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-el-5_0-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-jsp-3_1-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-lib-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-servlet-6_0-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-webapps-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-admin-webapps-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-el-5_0-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-jsp-3_1-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-lib-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-servlet-6_0-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-webapps-10.1.48-150200.5.54.1.noarch",
"openSUSE Leap 15.6:tomcat10-10.1.48-150200.5.54.1.noarch",
"openSUSE Leap 15.6:tomcat10-admin-webapps-10.1.48-150200.5.54.1.noarch",
"openSUSE Leap 15.6:tomcat10-doc-10.1.48-150200.5.54.1.noarch",
"openSUSE Leap 15.6:tomcat10-docs-webapp-10.1.48-150200.5.54.1.noarch",
"openSUSE Leap 15.6:tomcat10-el-5_0-api-10.1.48-150200.5.54.1.noarch",
"openSUSE Leap 15.6:tomcat10-embed-10.1.48-150200.5.54.1.noarch",
"openSUSE Leap 15.6:tomcat10-jsp-3_1-api-10.1.48-150200.5.54.1.noarch",
"openSUSE Leap 15.6:tomcat10-jsvc-10.1.48-150200.5.54.1.noarch",
"openSUSE Leap 15.6:tomcat10-lib-10.1.48-150200.5.54.1.noarch",
"openSUSE Leap 15.6:tomcat10-servlet-6_0-api-10.1.48-150200.5.54.1.noarch",
"openSUSE Leap 15.6:tomcat10-webapps-10.1.48-150200.5.54.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-61795",
"url": "https://www.suse.com/security/cve/CVE-2025-61795"
},
{
"category": "external",
"summary": "SUSE Bug 1252756 for CVE-2025-61795",
"url": "https://bugzilla.suse.com/1252756"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-admin-webapps-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-el-5_0-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-jsp-3_1-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-lib-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-servlet-6_0-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-webapps-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-admin-webapps-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-el-5_0-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-jsp-3_1-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-lib-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-servlet-6_0-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-webapps-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-admin-webapps-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-el-5_0-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-jsp-3_1-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-lib-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-servlet-6_0-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-webapps-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-admin-webapps-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-el-5_0-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-jsp-3_1-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-lib-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-servlet-6_0-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-webapps-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-admin-webapps-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-el-5_0-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-jsp-3_1-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-lib-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-servlet-6_0-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-webapps-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-admin-webapps-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-el-5_0-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-jsp-3_1-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-lib-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-servlet-6_0-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-webapps-10.1.48-150200.5.54.1.noarch",
"openSUSE Leap 15.6:tomcat10-10.1.48-150200.5.54.1.noarch",
"openSUSE Leap 15.6:tomcat10-admin-webapps-10.1.48-150200.5.54.1.noarch",
"openSUSE Leap 15.6:tomcat10-doc-10.1.48-150200.5.54.1.noarch",
"openSUSE Leap 15.6:tomcat10-docs-webapp-10.1.48-150200.5.54.1.noarch",
"openSUSE Leap 15.6:tomcat10-el-5_0-api-10.1.48-150200.5.54.1.noarch",
"openSUSE Leap 15.6:tomcat10-embed-10.1.48-150200.5.54.1.noarch",
"openSUSE Leap 15.6:tomcat10-jsp-3_1-api-10.1.48-150200.5.54.1.noarch",
"openSUSE Leap 15.6:tomcat10-jsvc-10.1.48-150200.5.54.1.noarch",
"openSUSE Leap 15.6:tomcat10-lib-10.1.48-150200.5.54.1.noarch",
"openSUSE Leap 15.6:tomcat10-servlet-6_0-api-10.1.48-150200.5.54.1.noarch",
"openSUSE Leap 15.6:tomcat10-webapps-10.1.48-150200.5.54.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-admin-webapps-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-el-5_0-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-jsp-3_1-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-lib-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-servlet-6_0-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-webapps-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-admin-webapps-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-el-5_0-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-jsp-3_1-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-lib-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-servlet-6_0-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-webapps-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-admin-webapps-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-el-5_0-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-jsp-3_1-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-lib-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-servlet-6_0-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-webapps-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-admin-webapps-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-el-5_0-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-jsp-3_1-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-lib-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-servlet-6_0-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-webapps-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-admin-webapps-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-el-5_0-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-jsp-3_1-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-lib-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-servlet-6_0-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-webapps-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-admin-webapps-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-el-5_0-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-jsp-3_1-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-lib-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-servlet-6_0-api-10.1.48-150200.5.54.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-webapps-10.1.48-150200.5.54.1.noarch",
"openSUSE Leap 15.6:tomcat10-10.1.48-150200.5.54.1.noarch",
"openSUSE Leap 15.6:tomcat10-admin-webapps-10.1.48-150200.5.54.1.noarch",
"openSUSE Leap 15.6:tomcat10-doc-10.1.48-150200.5.54.1.noarch",
"openSUSE Leap 15.6:tomcat10-docs-webapp-10.1.48-150200.5.54.1.noarch",
"openSUSE Leap 15.6:tomcat10-el-5_0-api-10.1.48-150200.5.54.1.noarch",
"openSUSE Leap 15.6:tomcat10-embed-10.1.48-150200.5.54.1.noarch",
"openSUSE Leap 15.6:tomcat10-jsp-3_1-api-10.1.48-150200.5.54.1.noarch",
"openSUSE Leap 15.6:tomcat10-jsvc-10.1.48-150200.5.54.1.noarch",
"openSUSE Leap 15.6:tomcat10-lib-10.1.48-150200.5.54.1.noarch",
"openSUSE Leap 15.6:tomcat10-servlet-6_0-api-10.1.48-150200.5.54.1.noarch",
"openSUSE Leap 15.6:tomcat10-webapps-10.1.48-150200.5.54.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-14T09:56:37Z",
"details": "moderate"
}
],
"title": "CVE-2025-61795"
}
]
}
suse-su-2025:4086-1
Vulnerability from csaf_suse
Published
2025-11-12 15:02
Modified
2025-11-12 15:02
Summary
Security update for tomcat11
Notes
Title of the patch
Security update for tomcat11
Description of the patch
This update for tomcat11 fixes the following issues:
Update to Tomcat 11.0.13
- CVE-2025-55752: Fixed directory traversal via rewrite with possible RCE if PUT
is enabled (bsc#1252753)
- CVE-2025-55754: Fixed improper neutralization of escape, meta, or control
sequences vulnerability (bsc#1252905)
- CVE-2025-61795: Fixed denial of service due to temporary copies during
the processing of multipart upload (bsc#1252756)
Patchnames
SUSE-2025-4086,SUSE-SLE-Module-Web-Scripting-15-SP6-2025-4086,SUSE-SLE-Module-Web-Scripting-15-SP7-2025-4086,openSUSE-SLE-15.6-2025-4086
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for tomcat11",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for tomcat11 fixes the following issues:\n\nUpdate to Tomcat 11.0.13\n\n - CVE-2025-55752: Fixed directory traversal via rewrite with possible RCE if PUT\n is enabled (bsc#1252753)\n - CVE-2025-55754: Fixed improper neutralization of escape, meta, or control \n sequences vulnerability (bsc#1252905)\n - CVE-2025-61795: Fixed denial of service due to temporary copies during \n the processing of multipart upload (bsc#1252756)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-4086,SUSE-SLE-Module-Web-Scripting-15-SP6-2025-4086,SUSE-SLE-Module-Web-Scripting-15-SP7-2025-4086,openSUSE-SLE-15.6-2025-4086",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_4086-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:4086-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20254086-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:4086-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-November/023270.html"
},
{
"category": "self",
"summary": "SUSE Bug 1252753",
"url": "https://bugzilla.suse.com/1252753"
},
{
"category": "self",
"summary": "SUSE Bug 1252756",
"url": "https://bugzilla.suse.com/1252756"
},
{
"category": "self",
"summary": "SUSE Bug 1252905",
"url": "https://bugzilla.suse.com/1252905"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-55752 page",
"url": "https://www.suse.com/security/cve/CVE-2025-55752/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-55754 page",
"url": "https://www.suse.com/security/cve/CVE-2025-55754/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-61795 page",
"url": "https://www.suse.com/security/cve/CVE-2025-61795/"
}
],
"title": "Security update for tomcat11",
"tracking": {
"current_release_date": "2025-11-12T15:02:26Z",
"generator": {
"date": "2025-11-12T15:02:26Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:4086-1",
"initial_release_date": "2025-11-12T15:02:26Z",
"revision_history": [
{
"date": "2025-11-12T15:02:26Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "tomcat11-11.0.13-150600.13.12.1.noarch",
"product": {
"name": "tomcat11-11.0.13-150600.13.12.1.noarch",
"product_id": "tomcat11-11.0.13-150600.13.12.1.noarch"
}
},
{
"category": "product_version",
"name": "tomcat11-admin-webapps-11.0.13-150600.13.12.1.noarch",
"product": {
"name": "tomcat11-admin-webapps-11.0.13-150600.13.12.1.noarch",
"product_id": "tomcat11-admin-webapps-11.0.13-150600.13.12.1.noarch"
}
},
{
"category": "product_version",
"name": "tomcat11-doc-11.0.13-150600.13.12.1.noarch",
"product": {
"name": "tomcat11-doc-11.0.13-150600.13.12.1.noarch",
"product_id": "tomcat11-doc-11.0.13-150600.13.12.1.noarch"
}
},
{
"category": "product_version",
"name": "tomcat11-docs-webapp-11.0.13-150600.13.12.1.noarch",
"product": {
"name": "tomcat11-docs-webapp-11.0.13-150600.13.12.1.noarch",
"product_id": "tomcat11-docs-webapp-11.0.13-150600.13.12.1.noarch"
}
},
{
"category": "product_version",
"name": "tomcat11-el-6_0-api-11.0.13-150600.13.12.1.noarch",
"product": {
"name": "tomcat11-el-6_0-api-11.0.13-150600.13.12.1.noarch",
"product_id": "tomcat11-el-6_0-api-11.0.13-150600.13.12.1.noarch"
}
},
{
"category": "product_version",
"name": "tomcat11-embed-11.0.13-150600.13.12.1.noarch",
"product": {
"name": "tomcat11-embed-11.0.13-150600.13.12.1.noarch",
"product_id": "tomcat11-embed-11.0.13-150600.13.12.1.noarch"
}
},
{
"category": "product_version",
"name": "tomcat11-jsp-4_0-api-11.0.13-150600.13.12.1.noarch",
"product": {
"name": "tomcat11-jsp-4_0-api-11.0.13-150600.13.12.1.noarch",
"product_id": "tomcat11-jsp-4_0-api-11.0.13-150600.13.12.1.noarch"
}
},
{
"category": "product_version",
"name": "tomcat11-jsvc-11.0.13-150600.13.12.1.noarch",
"product": {
"name": "tomcat11-jsvc-11.0.13-150600.13.12.1.noarch",
"product_id": "tomcat11-jsvc-11.0.13-150600.13.12.1.noarch"
}
},
{
"category": "product_version",
"name": "tomcat11-lib-11.0.13-150600.13.12.1.noarch",
"product": {
"name": "tomcat11-lib-11.0.13-150600.13.12.1.noarch",
"product_id": "tomcat11-lib-11.0.13-150600.13.12.1.noarch"
}
},
{
"category": "product_version",
"name": "tomcat11-servlet-6_1-api-11.0.13-150600.13.12.1.noarch",
"product": {
"name": "tomcat11-servlet-6_1-api-11.0.13-150600.13.12.1.noarch",
"product_id": "tomcat11-servlet-6_1-api-11.0.13-150600.13.12.1.noarch"
}
},
{
"category": "product_version",
"name": "tomcat11-webapps-11.0.13-150600.13.12.1.noarch",
"product": {
"name": "tomcat11-webapps-11.0.13-150600.13.12.1.noarch",
"product_id": "tomcat11-webapps-11.0.13-150600.13.12.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Web and Scripting 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Module for Web and Scripting 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 15 SP6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-web-scripting:15:sp6"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Web and Scripting 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Module for Web and Scripting 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 15 SP7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-web-scripting:15:sp7"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.6",
"product": {
"name": "openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.6"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat11-11.0.13-150600.13.12.1.noarch as component of SUSE Linux Enterprise Module for Web and Scripting 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat11-11.0.13-150600.13.12.1.noarch"
},
"product_reference": "tomcat11-11.0.13-150600.13.12.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat11-admin-webapps-11.0.13-150600.13.12.1.noarch as component of SUSE Linux Enterprise Module for Web and Scripting 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat11-admin-webapps-11.0.13-150600.13.12.1.noarch"
},
"product_reference": "tomcat11-admin-webapps-11.0.13-150600.13.12.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat11-el-6_0-api-11.0.13-150600.13.12.1.noarch as component of SUSE Linux Enterprise Module for Web and Scripting 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat11-el-6_0-api-11.0.13-150600.13.12.1.noarch"
},
"product_reference": "tomcat11-el-6_0-api-11.0.13-150600.13.12.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat11-jsp-4_0-api-11.0.13-150600.13.12.1.noarch as component of SUSE Linux Enterprise Module for Web and Scripting 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat11-jsp-4_0-api-11.0.13-150600.13.12.1.noarch"
},
"product_reference": "tomcat11-jsp-4_0-api-11.0.13-150600.13.12.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat11-lib-11.0.13-150600.13.12.1.noarch as component of SUSE Linux Enterprise Module for Web and Scripting 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat11-lib-11.0.13-150600.13.12.1.noarch"
},
"product_reference": "tomcat11-lib-11.0.13-150600.13.12.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat11-servlet-6_1-api-11.0.13-150600.13.12.1.noarch as component of SUSE Linux Enterprise Module for Web and Scripting 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat11-servlet-6_1-api-11.0.13-150600.13.12.1.noarch"
},
"product_reference": "tomcat11-servlet-6_1-api-11.0.13-150600.13.12.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat11-webapps-11.0.13-150600.13.12.1.noarch as component of SUSE Linux Enterprise Module for Web and Scripting 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat11-webapps-11.0.13-150600.13.12.1.noarch"
},
"product_reference": "tomcat11-webapps-11.0.13-150600.13.12.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat11-11.0.13-150600.13.12.1.noarch as component of SUSE Linux Enterprise Module for Web and Scripting 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat11-11.0.13-150600.13.12.1.noarch"
},
"product_reference": "tomcat11-11.0.13-150600.13.12.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat11-admin-webapps-11.0.13-150600.13.12.1.noarch as component of SUSE Linux Enterprise Module for Web and Scripting 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat11-admin-webapps-11.0.13-150600.13.12.1.noarch"
},
"product_reference": "tomcat11-admin-webapps-11.0.13-150600.13.12.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat11-el-6_0-api-11.0.13-150600.13.12.1.noarch as component of SUSE Linux Enterprise Module for Web and Scripting 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat11-el-6_0-api-11.0.13-150600.13.12.1.noarch"
},
"product_reference": "tomcat11-el-6_0-api-11.0.13-150600.13.12.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat11-jsp-4_0-api-11.0.13-150600.13.12.1.noarch as component of SUSE Linux Enterprise Module for Web and Scripting 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat11-jsp-4_0-api-11.0.13-150600.13.12.1.noarch"
},
"product_reference": "tomcat11-jsp-4_0-api-11.0.13-150600.13.12.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat11-lib-11.0.13-150600.13.12.1.noarch as component of SUSE Linux Enterprise Module for Web and Scripting 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat11-lib-11.0.13-150600.13.12.1.noarch"
},
"product_reference": "tomcat11-lib-11.0.13-150600.13.12.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat11-servlet-6_1-api-11.0.13-150600.13.12.1.noarch as component of SUSE Linux Enterprise Module for Web and Scripting 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat11-servlet-6_1-api-11.0.13-150600.13.12.1.noarch"
},
"product_reference": "tomcat11-servlet-6_1-api-11.0.13-150600.13.12.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat11-webapps-11.0.13-150600.13.12.1.noarch as component of SUSE Linux Enterprise Module for Web and Scripting 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat11-webapps-11.0.13-150600.13.12.1.noarch"
},
"product_reference": "tomcat11-webapps-11.0.13-150600.13.12.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat11-11.0.13-150600.13.12.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:tomcat11-11.0.13-150600.13.12.1.noarch"
},
"product_reference": "tomcat11-11.0.13-150600.13.12.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat11-admin-webapps-11.0.13-150600.13.12.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:tomcat11-admin-webapps-11.0.13-150600.13.12.1.noarch"
},
"product_reference": "tomcat11-admin-webapps-11.0.13-150600.13.12.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat11-doc-11.0.13-150600.13.12.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:tomcat11-doc-11.0.13-150600.13.12.1.noarch"
},
"product_reference": "tomcat11-doc-11.0.13-150600.13.12.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat11-docs-webapp-11.0.13-150600.13.12.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:tomcat11-docs-webapp-11.0.13-150600.13.12.1.noarch"
},
"product_reference": "tomcat11-docs-webapp-11.0.13-150600.13.12.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat11-el-6_0-api-11.0.13-150600.13.12.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:tomcat11-el-6_0-api-11.0.13-150600.13.12.1.noarch"
},
"product_reference": "tomcat11-el-6_0-api-11.0.13-150600.13.12.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat11-embed-11.0.13-150600.13.12.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:tomcat11-embed-11.0.13-150600.13.12.1.noarch"
},
"product_reference": "tomcat11-embed-11.0.13-150600.13.12.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat11-jsp-4_0-api-11.0.13-150600.13.12.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:tomcat11-jsp-4_0-api-11.0.13-150600.13.12.1.noarch"
},
"product_reference": "tomcat11-jsp-4_0-api-11.0.13-150600.13.12.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat11-jsvc-11.0.13-150600.13.12.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:tomcat11-jsvc-11.0.13-150600.13.12.1.noarch"
},
"product_reference": "tomcat11-jsvc-11.0.13-150600.13.12.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat11-lib-11.0.13-150600.13.12.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:tomcat11-lib-11.0.13-150600.13.12.1.noarch"
},
"product_reference": "tomcat11-lib-11.0.13-150600.13.12.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat11-servlet-6_1-api-11.0.13-150600.13.12.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:tomcat11-servlet-6_1-api-11.0.13-150600.13.12.1.noarch"
},
"product_reference": "tomcat11-servlet-6_1-api-11.0.13-150600.13.12.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat11-webapps-11.0.13-150600.13.12.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:tomcat11-webapps-11.0.13-150600.13.12.1.noarch"
},
"product_reference": "tomcat11-webapps-11.0.13-150600.13.12.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-55752",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-55752"
}
],
"notes": [
{
"category": "general",
"text": "Relative Path Traversal vulnerability in Apache Tomcat.\n\nThe fix for bug 60013 introduced a regression where the rewritten URL was normalized before it was decoded. This introduced the possibility that, for rewrite rules that rewrite query parameters to the URL, an attacker could manipulate the request URI to bypass security constraints including the protection for /WEB-INF/ and /META-INF/. If PUT requests were also enabled then malicious files could be uploaded leading to remote code execution. PUT requests are normally limited to trusted users and it is considered unlikely that PUT requests would be enabled in conjunction with a rewrite that manipulated the URI.\n\n\n\nThis issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.10, from 10.1.0-M1 through 10.1.44, from 9.0.0.M11 through 9.0.108.\n\nThe following versions were EOL at the time the CVE was created but are \nknown to be affected: 8.5.6 though 8.5.100. Other, older, EOL versions may also be affected.\nUsers are recommended to upgrade to version 11.0.11 or later, 10.1.45 or later or 9.0.109 or later, which fix the issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat11-11.0.13-150600.13.12.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat11-admin-webapps-11.0.13-150600.13.12.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat11-el-6_0-api-11.0.13-150600.13.12.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat11-jsp-4_0-api-11.0.13-150600.13.12.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat11-lib-11.0.13-150600.13.12.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat11-servlet-6_1-api-11.0.13-150600.13.12.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat11-webapps-11.0.13-150600.13.12.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat11-11.0.13-150600.13.12.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat11-admin-webapps-11.0.13-150600.13.12.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat11-el-6_0-api-11.0.13-150600.13.12.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat11-jsp-4_0-api-11.0.13-150600.13.12.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat11-lib-11.0.13-150600.13.12.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat11-servlet-6_1-api-11.0.13-150600.13.12.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat11-webapps-11.0.13-150600.13.12.1.noarch",
"openSUSE Leap 15.6:tomcat11-11.0.13-150600.13.12.1.noarch",
"openSUSE Leap 15.6:tomcat11-admin-webapps-11.0.13-150600.13.12.1.noarch",
"openSUSE Leap 15.6:tomcat11-doc-11.0.13-150600.13.12.1.noarch",
"openSUSE Leap 15.6:tomcat11-docs-webapp-11.0.13-150600.13.12.1.noarch",
"openSUSE Leap 15.6:tomcat11-el-6_0-api-11.0.13-150600.13.12.1.noarch",
"openSUSE Leap 15.6:tomcat11-embed-11.0.13-150600.13.12.1.noarch",
"openSUSE Leap 15.6:tomcat11-jsp-4_0-api-11.0.13-150600.13.12.1.noarch",
"openSUSE Leap 15.6:tomcat11-jsvc-11.0.13-150600.13.12.1.noarch",
"openSUSE Leap 15.6:tomcat11-lib-11.0.13-150600.13.12.1.noarch",
"openSUSE Leap 15.6:tomcat11-servlet-6_1-api-11.0.13-150600.13.12.1.noarch",
"openSUSE Leap 15.6:tomcat11-webapps-11.0.13-150600.13.12.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-55752",
"url": "https://www.suse.com/security/cve/CVE-2025-55752"
},
{
"category": "external",
"summary": "SUSE Bug 1252753 for CVE-2025-55752",
"url": "https://bugzilla.suse.com/1252753"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat11-11.0.13-150600.13.12.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat11-admin-webapps-11.0.13-150600.13.12.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat11-el-6_0-api-11.0.13-150600.13.12.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat11-jsp-4_0-api-11.0.13-150600.13.12.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat11-lib-11.0.13-150600.13.12.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat11-servlet-6_1-api-11.0.13-150600.13.12.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat11-webapps-11.0.13-150600.13.12.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat11-11.0.13-150600.13.12.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat11-admin-webapps-11.0.13-150600.13.12.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat11-el-6_0-api-11.0.13-150600.13.12.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat11-jsp-4_0-api-11.0.13-150600.13.12.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat11-lib-11.0.13-150600.13.12.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat11-servlet-6_1-api-11.0.13-150600.13.12.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat11-webapps-11.0.13-150600.13.12.1.noarch",
"openSUSE Leap 15.6:tomcat11-11.0.13-150600.13.12.1.noarch",
"openSUSE Leap 15.6:tomcat11-admin-webapps-11.0.13-150600.13.12.1.noarch",
"openSUSE Leap 15.6:tomcat11-doc-11.0.13-150600.13.12.1.noarch",
"openSUSE Leap 15.6:tomcat11-docs-webapp-11.0.13-150600.13.12.1.noarch",
"openSUSE Leap 15.6:tomcat11-el-6_0-api-11.0.13-150600.13.12.1.noarch",
"openSUSE Leap 15.6:tomcat11-embed-11.0.13-150600.13.12.1.noarch",
"openSUSE Leap 15.6:tomcat11-jsp-4_0-api-11.0.13-150600.13.12.1.noarch",
"openSUSE Leap 15.6:tomcat11-jsvc-11.0.13-150600.13.12.1.noarch",
"openSUSE Leap 15.6:tomcat11-lib-11.0.13-150600.13.12.1.noarch",
"openSUSE Leap 15.6:tomcat11-servlet-6_1-api-11.0.13-150600.13.12.1.noarch",
"openSUSE Leap 15.6:tomcat11-webapps-11.0.13-150600.13.12.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat11-11.0.13-150600.13.12.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat11-admin-webapps-11.0.13-150600.13.12.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat11-el-6_0-api-11.0.13-150600.13.12.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat11-jsp-4_0-api-11.0.13-150600.13.12.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat11-lib-11.0.13-150600.13.12.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat11-servlet-6_1-api-11.0.13-150600.13.12.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat11-webapps-11.0.13-150600.13.12.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat11-11.0.13-150600.13.12.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat11-admin-webapps-11.0.13-150600.13.12.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat11-el-6_0-api-11.0.13-150600.13.12.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat11-jsp-4_0-api-11.0.13-150600.13.12.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat11-lib-11.0.13-150600.13.12.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat11-servlet-6_1-api-11.0.13-150600.13.12.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat11-webapps-11.0.13-150600.13.12.1.noarch",
"openSUSE Leap 15.6:tomcat11-11.0.13-150600.13.12.1.noarch",
"openSUSE Leap 15.6:tomcat11-admin-webapps-11.0.13-150600.13.12.1.noarch",
"openSUSE Leap 15.6:tomcat11-doc-11.0.13-150600.13.12.1.noarch",
"openSUSE Leap 15.6:tomcat11-docs-webapp-11.0.13-150600.13.12.1.noarch",
"openSUSE Leap 15.6:tomcat11-el-6_0-api-11.0.13-150600.13.12.1.noarch",
"openSUSE Leap 15.6:tomcat11-embed-11.0.13-150600.13.12.1.noarch",
"openSUSE Leap 15.6:tomcat11-jsp-4_0-api-11.0.13-150600.13.12.1.noarch",
"openSUSE Leap 15.6:tomcat11-jsvc-11.0.13-150600.13.12.1.noarch",
"openSUSE Leap 15.6:tomcat11-lib-11.0.13-150600.13.12.1.noarch",
"openSUSE Leap 15.6:tomcat11-servlet-6_1-api-11.0.13-150600.13.12.1.noarch",
"openSUSE Leap 15.6:tomcat11-webapps-11.0.13-150600.13.12.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-12T15:02:26Z",
"details": "important"
}
],
"title": "CVE-2025-55752"
},
{
"cve": "CVE-2025-55754",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-55754"
}
],
"notes": [
{
"category": "general",
"text": "Improper Neutralization of Escape, Meta, or Control Sequences vulnerability in Apache Tomcat.\n\nTomcat did not escape ANSI escape sequences in log messages. If Tomcat was running in a console on a Windows operating system, and the console supported ANSI escape sequences, it was possible for an attacker to use a specially crafted URL to inject ANSI escape sequences to manipulate the console and the clipboard and attempt to trick an administrator into running an attacker controlled command. While no attack vector was found, it may have been possible to mount this attack on other operating systems.\n\n\n\nThis issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.10, from 10.1.0-M1 through 10.1.44, from 9.0.40 through 9.0.108.\n\nThe following versions were EOL at the time the CVE was created but are \nknown to be affected: 8.5.60 though 8.5.100. Other, older, EOL versions may also be affected.\nUsers are recommended to upgrade to version 11.0.11 or later, 10.1.45 or later or 9.0.109 or later, which fix the issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat11-11.0.13-150600.13.12.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat11-admin-webapps-11.0.13-150600.13.12.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat11-el-6_0-api-11.0.13-150600.13.12.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat11-jsp-4_0-api-11.0.13-150600.13.12.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat11-lib-11.0.13-150600.13.12.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat11-servlet-6_1-api-11.0.13-150600.13.12.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat11-webapps-11.0.13-150600.13.12.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat11-11.0.13-150600.13.12.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat11-admin-webapps-11.0.13-150600.13.12.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat11-el-6_0-api-11.0.13-150600.13.12.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat11-jsp-4_0-api-11.0.13-150600.13.12.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat11-lib-11.0.13-150600.13.12.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat11-servlet-6_1-api-11.0.13-150600.13.12.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat11-webapps-11.0.13-150600.13.12.1.noarch",
"openSUSE Leap 15.6:tomcat11-11.0.13-150600.13.12.1.noarch",
"openSUSE Leap 15.6:tomcat11-admin-webapps-11.0.13-150600.13.12.1.noarch",
"openSUSE Leap 15.6:tomcat11-doc-11.0.13-150600.13.12.1.noarch",
"openSUSE Leap 15.6:tomcat11-docs-webapp-11.0.13-150600.13.12.1.noarch",
"openSUSE Leap 15.6:tomcat11-el-6_0-api-11.0.13-150600.13.12.1.noarch",
"openSUSE Leap 15.6:tomcat11-embed-11.0.13-150600.13.12.1.noarch",
"openSUSE Leap 15.6:tomcat11-jsp-4_0-api-11.0.13-150600.13.12.1.noarch",
"openSUSE Leap 15.6:tomcat11-jsvc-11.0.13-150600.13.12.1.noarch",
"openSUSE Leap 15.6:tomcat11-lib-11.0.13-150600.13.12.1.noarch",
"openSUSE Leap 15.6:tomcat11-servlet-6_1-api-11.0.13-150600.13.12.1.noarch",
"openSUSE Leap 15.6:tomcat11-webapps-11.0.13-150600.13.12.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-55754",
"url": "https://www.suse.com/security/cve/CVE-2025-55754"
},
{
"category": "external",
"summary": "SUSE Bug 1252905 for CVE-2025-55754",
"url": "https://bugzilla.suse.com/1252905"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat11-11.0.13-150600.13.12.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat11-admin-webapps-11.0.13-150600.13.12.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat11-el-6_0-api-11.0.13-150600.13.12.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat11-jsp-4_0-api-11.0.13-150600.13.12.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat11-lib-11.0.13-150600.13.12.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat11-servlet-6_1-api-11.0.13-150600.13.12.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat11-webapps-11.0.13-150600.13.12.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat11-11.0.13-150600.13.12.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat11-admin-webapps-11.0.13-150600.13.12.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat11-el-6_0-api-11.0.13-150600.13.12.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat11-jsp-4_0-api-11.0.13-150600.13.12.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat11-lib-11.0.13-150600.13.12.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat11-servlet-6_1-api-11.0.13-150600.13.12.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat11-webapps-11.0.13-150600.13.12.1.noarch",
"openSUSE Leap 15.6:tomcat11-11.0.13-150600.13.12.1.noarch",
"openSUSE Leap 15.6:tomcat11-admin-webapps-11.0.13-150600.13.12.1.noarch",
"openSUSE Leap 15.6:tomcat11-doc-11.0.13-150600.13.12.1.noarch",
"openSUSE Leap 15.6:tomcat11-docs-webapp-11.0.13-150600.13.12.1.noarch",
"openSUSE Leap 15.6:tomcat11-el-6_0-api-11.0.13-150600.13.12.1.noarch",
"openSUSE Leap 15.6:tomcat11-embed-11.0.13-150600.13.12.1.noarch",
"openSUSE Leap 15.6:tomcat11-jsp-4_0-api-11.0.13-150600.13.12.1.noarch",
"openSUSE Leap 15.6:tomcat11-jsvc-11.0.13-150600.13.12.1.noarch",
"openSUSE Leap 15.6:tomcat11-lib-11.0.13-150600.13.12.1.noarch",
"openSUSE Leap 15.6:tomcat11-servlet-6_1-api-11.0.13-150600.13.12.1.noarch",
"openSUSE Leap 15.6:tomcat11-webapps-11.0.13-150600.13.12.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat11-11.0.13-150600.13.12.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat11-admin-webapps-11.0.13-150600.13.12.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat11-el-6_0-api-11.0.13-150600.13.12.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat11-jsp-4_0-api-11.0.13-150600.13.12.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat11-lib-11.0.13-150600.13.12.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat11-servlet-6_1-api-11.0.13-150600.13.12.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat11-webapps-11.0.13-150600.13.12.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat11-11.0.13-150600.13.12.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat11-admin-webapps-11.0.13-150600.13.12.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat11-el-6_0-api-11.0.13-150600.13.12.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat11-jsp-4_0-api-11.0.13-150600.13.12.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat11-lib-11.0.13-150600.13.12.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat11-servlet-6_1-api-11.0.13-150600.13.12.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat11-webapps-11.0.13-150600.13.12.1.noarch",
"openSUSE Leap 15.6:tomcat11-11.0.13-150600.13.12.1.noarch",
"openSUSE Leap 15.6:tomcat11-admin-webapps-11.0.13-150600.13.12.1.noarch",
"openSUSE Leap 15.6:tomcat11-doc-11.0.13-150600.13.12.1.noarch",
"openSUSE Leap 15.6:tomcat11-docs-webapp-11.0.13-150600.13.12.1.noarch",
"openSUSE Leap 15.6:tomcat11-el-6_0-api-11.0.13-150600.13.12.1.noarch",
"openSUSE Leap 15.6:tomcat11-embed-11.0.13-150600.13.12.1.noarch",
"openSUSE Leap 15.6:tomcat11-jsp-4_0-api-11.0.13-150600.13.12.1.noarch",
"openSUSE Leap 15.6:tomcat11-jsvc-11.0.13-150600.13.12.1.noarch",
"openSUSE Leap 15.6:tomcat11-lib-11.0.13-150600.13.12.1.noarch",
"openSUSE Leap 15.6:tomcat11-servlet-6_1-api-11.0.13-150600.13.12.1.noarch",
"openSUSE Leap 15.6:tomcat11-webapps-11.0.13-150600.13.12.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-12T15:02:26Z",
"details": "moderate"
}
],
"title": "CVE-2025-55754"
},
{
"cve": "CVE-2025-61795",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-61795"
}
],
"notes": [
{
"category": "general",
"text": "Improper Resource Shutdown or Release vulnerability in Apache Tomcat.\n\nIf an error occurred (including exceeding limits) during the processing of a multipart upload, temporary copies of the uploaded parts written to disc were not cleaned up immediately but left for the garbage collection process to delete. Depending on JVM settings, application memory usage and application load, it was possible that space for the temporary copies of uploaded parts would be filled faster than GC cleared it, leading to a DoS.\n\n\n\nThis issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.11, from 10.1.0-M1 through 10.1.46, from 9.0.0.M1 through 9.0.109.\n\nThe following versions were EOL at the time the CVE was created but are \nknown to be affected: 8.5.0 though 8.5.100. Other, older, EOL versions may also be affected.\nUsers are recommended to upgrade to version 11.0.12 or later, 10.1.47 or later or 9.0.110 or later which fixes the issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat11-11.0.13-150600.13.12.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat11-admin-webapps-11.0.13-150600.13.12.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat11-el-6_0-api-11.0.13-150600.13.12.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat11-jsp-4_0-api-11.0.13-150600.13.12.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat11-lib-11.0.13-150600.13.12.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat11-servlet-6_1-api-11.0.13-150600.13.12.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat11-webapps-11.0.13-150600.13.12.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat11-11.0.13-150600.13.12.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat11-admin-webapps-11.0.13-150600.13.12.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat11-el-6_0-api-11.0.13-150600.13.12.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat11-jsp-4_0-api-11.0.13-150600.13.12.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat11-lib-11.0.13-150600.13.12.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat11-servlet-6_1-api-11.0.13-150600.13.12.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat11-webapps-11.0.13-150600.13.12.1.noarch",
"openSUSE Leap 15.6:tomcat11-11.0.13-150600.13.12.1.noarch",
"openSUSE Leap 15.6:tomcat11-admin-webapps-11.0.13-150600.13.12.1.noarch",
"openSUSE Leap 15.6:tomcat11-doc-11.0.13-150600.13.12.1.noarch",
"openSUSE Leap 15.6:tomcat11-docs-webapp-11.0.13-150600.13.12.1.noarch",
"openSUSE Leap 15.6:tomcat11-el-6_0-api-11.0.13-150600.13.12.1.noarch",
"openSUSE Leap 15.6:tomcat11-embed-11.0.13-150600.13.12.1.noarch",
"openSUSE Leap 15.6:tomcat11-jsp-4_0-api-11.0.13-150600.13.12.1.noarch",
"openSUSE Leap 15.6:tomcat11-jsvc-11.0.13-150600.13.12.1.noarch",
"openSUSE Leap 15.6:tomcat11-lib-11.0.13-150600.13.12.1.noarch",
"openSUSE Leap 15.6:tomcat11-servlet-6_1-api-11.0.13-150600.13.12.1.noarch",
"openSUSE Leap 15.6:tomcat11-webapps-11.0.13-150600.13.12.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-61795",
"url": "https://www.suse.com/security/cve/CVE-2025-61795"
},
{
"category": "external",
"summary": "SUSE Bug 1252756 for CVE-2025-61795",
"url": "https://bugzilla.suse.com/1252756"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat11-11.0.13-150600.13.12.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat11-admin-webapps-11.0.13-150600.13.12.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat11-el-6_0-api-11.0.13-150600.13.12.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat11-jsp-4_0-api-11.0.13-150600.13.12.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat11-lib-11.0.13-150600.13.12.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat11-servlet-6_1-api-11.0.13-150600.13.12.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat11-webapps-11.0.13-150600.13.12.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat11-11.0.13-150600.13.12.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat11-admin-webapps-11.0.13-150600.13.12.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat11-el-6_0-api-11.0.13-150600.13.12.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat11-jsp-4_0-api-11.0.13-150600.13.12.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat11-lib-11.0.13-150600.13.12.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat11-servlet-6_1-api-11.0.13-150600.13.12.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat11-webapps-11.0.13-150600.13.12.1.noarch",
"openSUSE Leap 15.6:tomcat11-11.0.13-150600.13.12.1.noarch",
"openSUSE Leap 15.6:tomcat11-admin-webapps-11.0.13-150600.13.12.1.noarch",
"openSUSE Leap 15.6:tomcat11-doc-11.0.13-150600.13.12.1.noarch",
"openSUSE Leap 15.6:tomcat11-docs-webapp-11.0.13-150600.13.12.1.noarch",
"openSUSE Leap 15.6:tomcat11-el-6_0-api-11.0.13-150600.13.12.1.noarch",
"openSUSE Leap 15.6:tomcat11-embed-11.0.13-150600.13.12.1.noarch",
"openSUSE Leap 15.6:tomcat11-jsp-4_0-api-11.0.13-150600.13.12.1.noarch",
"openSUSE Leap 15.6:tomcat11-jsvc-11.0.13-150600.13.12.1.noarch",
"openSUSE Leap 15.6:tomcat11-lib-11.0.13-150600.13.12.1.noarch",
"openSUSE Leap 15.6:tomcat11-servlet-6_1-api-11.0.13-150600.13.12.1.noarch",
"openSUSE Leap 15.6:tomcat11-webapps-11.0.13-150600.13.12.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat11-11.0.13-150600.13.12.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat11-admin-webapps-11.0.13-150600.13.12.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat11-el-6_0-api-11.0.13-150600.13.12.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat11-jsp-4_0-api-11.0.13-150600.13.12.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat11-lib-11.0.13-150600.13.12.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat11-servlet-6_1-api-11.0.13-150600.13.12.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat11-webapps-11.0.13-150600.13.12.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat11-11.0.13-150600.13.12.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat11-admin-webapps-11.0.13-150600.13.12.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat11-el-6_0-api-11.0.13-150600.13.12.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat11-jsp-4_0-api-11.0.13-150600.13.12.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat11-lib-11.0.13-150600.13.12.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat11-servlet-6_1-api-11.0.13-150600.13.12.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat11-webapps-11.0.13-150600.13.12.1.noarch",
"openSUSE Leap 15.6:tomcat11-11.0.13-150600.13.12.1.noarch",
"openSUSE Leap 15.6:tomcat11-admin-webapps-11.0.13-150600.13.12.1.noarch",
"openSUSE Leap 15.6:tomcat11-doc-11.0.13-150600.13.12.1.noarch",
"openSUSE Leap 15.6:tomcat11-docs-webapp-11.0.13-150600.13.12.1.noarch",
"openSUSE Leap 15.6:tomcat11-el-6_0-api-11.0.13-150600.13.12.1.noarch",
"openSUSE Leap 15.6:tomcat11-embed-11.0.13-150600.13.12.1.noarch",
"openSUSE Leap 15.6:tomcat11-jsp-4_0-api-11.0.13-150600.13.12.1.noarch",
"openSUSE Leap 15.6:tomcat11-jsvc-11.0.13-150600.13.12.1.noarch",
"openSUSE Leap 15.6:tomcat11-lib-11.0.13-150600.13.12.1.noarch",
"openSUSE Leap 15.6:tomcat11-servlet-6_1-api-11.0.13-150600.13.12.1.noarch",
"openSUSE Leap 15.6:tomcat11-webapps-11.0.13-150600.13.12.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-12T15:02:26Z",
"details": "moderate"
}
],
"title": "CVE-2025-61795"
}
]
}
suse-su-2025:4159-1
Vulnerability from csaf_suse
Published
2025-11-21 14:31
Modified
2025-11-21 14:31
Summary
Security update for tomcat
Notes
Title of the patch
Security update for tomcat
Description of the patch
This update for tomcat fixes the following issues:
Update to Tomcat 9.0.111:
- CVE-2025-55752: Fixed directory traversal via rewrite with possible RCE if PUT
is enabled (bsc#1252753)
- CVE-2025-55754: Fixed improper neutralization of escape, meta, or control
sequences vulnerability (bsc#1252905)
- CVE-2025-61795: Fixed denial of service due to temporary copies during
the processing of multipart upload (bsc#1252756)
Patchnames
SUSE-2025-4159,SUSE-SLE-Module-Web-Scripting-15-SP6-2025-4159,SUSE-SLE-Module-Web-Scripting-15-SP7-2025-4159,SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-4159,SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-4159,SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-4159,SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-4159,SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-4159,SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-4159,SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-4159,SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-4159,SUSE-SLE-Product-SLES_SAP-15-SP3-2025-4159,SUSE-SLE-Product-SLES_SAP-15-SP4-2025-4159,SUSE-SLE-Product-SLES_SAP-15-SP5-2025-4159,SUSE-SLE-Product-SUSE-Manager-Server-4.3-LTS-2025-4159,SUSE-Storage-7.1-2025-4159,openSUSE-SLE-15.6-2025-4159
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for tomcat",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for tomcat fixes the following issues:\n\n Update to Tomcat 9.0.111:\n\n - CVE-2025-55752: Fixed directory traversal via rewrite with possible RCE if PUT\n is enabled (bsc#1252753)\n - CVE-2025-55754: Fixed improper neutralization of escape, meta, or control \n sequences vulnerability (bsc#1252905)\n - CVE-2025-61795: Fixed denial of service due to temporary copies during \n the processing of multipart upload (bsc#1252756)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-4159,SUSE-SLE-Module-Web-Scripting-15-SP6-2025-4159,SUSE-SLE-Module-Web-Scripting-15-SP7-2025-4159,SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-4159,SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-4159,SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-4159,SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-4159,SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-4159,SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-4159,SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-4159,SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-4159,SUSE-SLE-Product-SLES_SAP-15-SP3-2025-4159,SUSE-SLE-Product-SLES_SAP-15-SP4-2025-4159,SUSE-SLE-Product-SLES_SAP-15-SP5-2025-4159,SUSE-SLE-Product-SUSE-Manager-Server-4.3-LTS-2025-4159,SUSE-Storage-7.1-2025-4159,openSUSE-SLE-15.6-2025-4159",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_4159-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:4159-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20254159-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:4159-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-November/023311.html"
},
{
"category": "self",
"summary": "SUSE Bug 1252753",
"url": "https://bugzilla.suse.com/1252753"
},
{
"category": "self",
"summary": "SUSE Bug 1252756",
"url": "https://bugzilla.suse.com/1252756"
},
{
"category": "self",
"summary": "SUSE Bug 1252905",
"url": "https://bugzilla.suse.com/1252905"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-55752 page",
"url": "https://www.suse.com/security/cve/CVE-2025-55752/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-55754 page",
"url": "https://www.suse.com/security/cve/CVE-2025-55754/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-61795 page",
"url": "https://www.suse.com/security/cve/CVE-2025-61795/"
}
],
"title": "Security update for tomcat",
"tracking": {
"current_release_date": "2025-11-21T14:31:51Z",
"generator": {
"date": "2025-11-21T14:31:51Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:4159-1",
"initial_release_date": "2025-11-21T14:31:51Z",
"revision_history": [
{
"date": "2025-11-21T14:31:51Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "tomcat-9.0.111-150200.96.1.noarch",
"product": {
"name": "tomcat-9.0.111-150200.96.1.noarch",
"product_id": "tomcat-9.0.111-150200.96.1.noarch"
}
},
{
"category": "product_version",
"name": "tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"product": {
"name": "tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"product_id": "tomcat-admin-webapps-9.0.111-150200.96.1.noarch"
}
},
{
"category": "product_version",
"name": "tomcat-docs-webapp-9.0.111-150200.96.1.noarch",
"product": {
"name": "tomcat-docs-webapp-9.0.111-150200.96.1.noarch",
"product_id": "tomcat-docs-webapp-9.0.111-150200.96.1.noarch"
}
},
{
"category": "product_version",
"name": "tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"product": {
"name": "tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"product_id": "tomcat-el-3_0-api-9.0.111-150200.96.1.noarch"
}
},
{
"category": "product_version",
"name": "tomcat-embed-9.0.111-150200.96.1.noarch",
"product": {
"name": "tomcat-embed-9.0.111-150200.96.1.noarch",
"product_id": "tomcat-embed-9.0.111-150200.96.1.noarch"
}
},
{
"category": "product_version",
"name": "tomcat-javadoc-9.0.111-150200.96.1.noarch",
"product": {
"name": "tomcat-javadoc-9.0.111-150200.96.1.noarch",
"product_id": "tomcat-javadoc-9.0.111-150200.96.1.noarch"
}
},
{
"category": "product_version",
"name": "tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"product": {
"name": "tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"product_id": "tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch"
}
},
{
"category": "product_version",
"name": "tomcat-jsvc-9.0.111-150200.96.1.noarch",
"product": {
"name": "tomcat-jsvc-9.0.111-150200.96.1.noarch",
"product_id": "tomcat-jsvc-9.0.111-150200.96.1.noarch"
}
},
{
"category": "product_version",
"name": "tomcat-lib-9.0.111-150200.96.1.noarch",
"product": {
"name": "tomcat-lib-9.0.111-150200.96.1.noarch",
"product_id": "tomcat-lib-9.0.111-150200.96.1.noarch"
}
},
{
"category": "product_version",
"name": "tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"product": {
"name": "tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"product_id": "tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch"
}
},
{
"category": "product_version",
"name": "tomcat-webapps-9.0.111-150200.96.1.noarch",
"product": {
"name": "tomcat-webapps-9.0.111-150200.96.1.noarch",
"product_id": "tomcat-webapps-9.0.111-150200.96.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Web and Scripting 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Module for Web and Scripting 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 15 SP6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-web-scripting:15:sp6"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Web and Scripting 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Module for Web and Scripting 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 15 SP7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-web-scripting:15:sp7"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP3-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Manager Server LTS 4.3",
"product": {
"name": "SUSE Manager Server LTS 4.3",
"product_id": "SUSE Manager Server LTS 4.3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-manager-server-lts:4.3"
}
}
},
{
"category": "product_name",
"name": "SUSE Enterprise Storage 7.1",
"product": {
"name": "SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:ses:7.1"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.6",
"product": {
"name": "openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.6"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-9.0.111-150200.96.1.noarch as component of SUSE Linux Enterprise Module for Web and Scripting 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat-9.0.111-150200.96.1.noarch"
},
"product_reference": "tomcat-9.0.111-150200.96.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-admin-webapps-9.0.111-150200.96.1.noarch as component of SUSE Linux Enterprise Module for Web and Scripting 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat-admin-webapps-9.0.111-150200.96.1.noarch"
},
"product_reference": "tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-el-3_0-api-9.0.111-150200.96.1.noarch as component of SUSE Linux Enterprise Module for Web and Scripting 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch"
},
"product_reference": "tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch as component of SUSE Linux Enterprise Module for Web and Scripting 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch"
},
"product_reference": "tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-lib-9.0.111-150200.96.1.noarch as component of SUSE Linux Enterprise Module for Web and Scripting 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat-lib-9.0.111-150200.96.1.noarch"
},
"product_reference": "tomcat-lib-9.0.111-150200.96.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch as component of SUSE Linux Enterprise Module for Web and Scripting 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch"
},
"product_reference": "tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-webapps-9.0.111-150200.96.1.noarch as component of SUSE Linux Enterprise Module for Web and Scripting 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat-webapps-9.0.111-150200.96.1.noarch"
},
"product_reference": "tomcat-webapps-9.0.111-150200.96.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-9.0.111-150200.96.1.noarch as component of SUSE Linux Enterprise Module for Web and Scripting 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat-9.0.111-150200.96.1.noarch"
},
"product_reference": "tomcat-9.0.111-150200.96.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-admin-webapps-9.0.111-150200.96.1.noarch as component of SUSE Linux Enterprise Module for Web and Scripting 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat-admin-webapps-9.0.111-150200.96.1.noarch"
},
"product_reference": "tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-el-3_0-api-9.0.111-150200.96.1.noarch as component of SUSE Linux Enterprise Module for Web and Scripting 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch"
},
"product_reference": "tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch as component of SUSE Linux Enterprise Module for Web and Scripting 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch"
},
"product_reference": "tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-lib-9.0.111-150200.96.1.noarch as component of SUSE Linux Enterprise Module for Web and Scripting 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat-lib-9.0.111-150200.96.1.noarch"
},
"product_reference": "tomcat-lib-9.0.111-150200.96.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch as component of SUSE Linux Enterprise Module for Web and Scripting 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch"
},
"product_reference": "tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-webapps-9.0.111-150200.96.1.noarch as component of SUSE Linux Enterprise Module for Web and Scripting 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat-webapps-9.0.111-150200.96.1.noarch"
},
"product_reference": "tomcat-webapps-9.0.111-150200.96.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-9.0.111-150200.96.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:tomcat-9.0.111-150200.96.1.noarch"
},
"product_reference": "tomcat-9.0.111-150200.96.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-admin-webapps-9.0.111-150200.96.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:tomcat-admin-webapps-9.0.111-150200.96.1.noarch"
},
"product_reference": "tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-el-3_0-api-9.0.111-150200.96.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch"
},
"product_reference": "tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch"
},
"product_reference": "tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-lib-9.0.111-150200.96.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:tomcat-lib-9.0.111-150200.96.1.noarch"
},
"product_reference": "tomcat-lib-9.0.111-150200.96.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch"
},
"product_reference": "tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-webapps-9.0.111-150200.96.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:tomcat-webapps-9.0.111-150200.96.1.noarch"
},
"product_reference": "tomcat-webapps-9.0.111-150200.96.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-9.0.111-150200.96.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:tomcat-9.0.111-150200.96.1.noarch"
},
"product_reference": "tomcat-9.0.111-150200.96.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-admin-webapps-9.0.111-150200.96.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:tomcat-admin-webapps-9.0.111-150200.96.1.noarch"
},
"product_reference": "tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-el-3_0-api-9.0.111-150200.96.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch"
},
"product_reference": "tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch"
},
"product_reference": "tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-lib-9.0.111-150200.96.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:tomcat-lib-9.0.111-150200.96.1.noarch"
},
"product_reference": "tomcat-lib-9.0.111-150200.96.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch"
},
"product_reference": "tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-webapps-9.0.111-150200.96.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:tomcat-webapps-9.0.111-150200.96.1.noarch"
},
"product_reference": "tomcat-webapps-9.0.111-150200.96.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-9.0.111-150200.96.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:tomcat-9.0.111-150200.96.1.noarch"
},
"product_reference": "tomcat-9.0.111-150200.96.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-admin-webapps-9.0.111-150200.96.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:tomcat-admin-webapps-9.0.111-150200.96.1.noarch"
},
"product_reference": "tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-el-3_0-api-9.0.111-150200.96.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch"
},
"product_reference": "tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch"
},
"product_reference": "tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-lib-9.0.111-150200.96.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:tomcat-lib-9.0.111-150200.96.1.noarch"
},
"product_reference": "tomcat-lib-9.0.111-150200.96.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch"
},
"product_reference": "tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-webapps-9.0.111-150200.96.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:tomcat-webapps-9.0.111-150200.96.1.noarch"
},
"product_reference": "tomcat-webapps-9.0.111-150200.96.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-9.0.111-150200.96.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat-9.0.111-150200.96.1.noarch"
},
"product_reference": "tomcat-9.0.111-150200.96.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-admin-webapps-9.0.111-150200.96.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat-admin-webapps-9.0.111-150200.96.1.noarch"
},
"product_reference": "tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-el-3_0-api-9.0.111-150200.96.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch"
},
"product_reference": "tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch"
},
"product_reference": "tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-lib-9.0.111-150200.96.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat-lib-9.0.111-150200.96.1.noarch"
},
"product_reference": "tomcat-lib-9.0.111-150200.96.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch"
},
"product_reference": "tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-webapps-9.0.111-150200.96.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat-webapps-9.0.111-150200.96.1.noarch"
},
"product_reference": "tomcat-webapps-9.0.111-150200.96.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-9.0.111-150200.96.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat-9.0.111-150200.96.1.noarch"
},
"product_reference": "tomcat-9.0.111-150200.96.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-admin-webapps-9.0.111-150200.96.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat-admin-webapps-9.0.111-150200.96.1.noarch"
},
"product_reference": "tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-el-3_0-api-9.0.111-150200.96.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch"
},
"product_reference": "tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch"
},
"product_reference": "tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-lib-9.0.111-150200.96.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat-lib-9.0.111-150200.96.1.noarch"
},
"product_reference": "tomcat-lib-9.0.111-150200.96.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch"
},
"product_reference": "tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-webapps-9.0.111-150200.96.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat-webapps-9.0.111-150200.96.1.noarch"
},
"product_reference": "tomcat-webapps-9.0.111-150200.96.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-9.0.111-150200.96.1.noarch as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:tomcat-9.0.111-150200.96.1.noarch"
},
"product_reference": "tomcat-9.0.111-150200.96.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-admin-webapps-9.0.111-150200.96.1.noarch as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:tomcat-admin-webapps-9.0.111-150200.96.1.noarch"
},
"product_reference": "tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-el-3_0-api-9.0.111-150200.96.1.noarch as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch"
},
"product_reference": "tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch"
},
"product_reference": "tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-lib-9.0.111-150200.96.1.noarch as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:tomcat-lib-9.0.111-150200.96.1.noarch"
},
"product_reference": "tomcat-lib-9.0.111-150200.96.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch"
},
"product_reference": "tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-webapps-9.0.111-150200.96.1.noarch as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:tomcat-webapps-9.0.111-150200.96.1.noarch"
},
"product_reference": "tomcat-webapps-9.0.111-150200.96.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-9.0.111-150200.96.1.noarch as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:tomcat-9.0.111-150200.96.1.noarch"
},
"product_reference": "tomcat-9.0.111-150200.96.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-admin-webapps-9.0.111-150200.96.1.noarch as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:tomcat-admin-webapps-9.0.111-150200.96.1.noarch"
},
"product_reference": "tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-el-3_0-api-9.0.111-150200.96.1.noarch as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch"
},
"product_reference": "tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch"
},
"product_reference": "tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-lib-9.0.111-150200.96.1.noarch as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:tomcat-lib-9.0.111-150200.96.1.noarch"
},
"product_reference": "tomcat-lib-9.0.111-150200.96.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch"
},
"product_reference": "tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-webapps-9.0.111-150200.96.1.noarch as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:tomcat-webapps-9.0.111-150200.96.1.noarch"
},
"product_reference": "tomcat-webapps-9.0.111-150200.96.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-9.0.111-150200.96.1.noarch as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat-9.0.111-150200.96.1.noarch"
},
"product_reference": "tomcat-9.0.111-150200.96.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-admin-webapps-9.0.111-150200.96.1.noarch as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat-admin-webapps-9.0.111-150200.96.1.noarch"
},
"product_reference": "tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-el-3_0-api-9.0.111-150200.96.1.noarch as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch"
},
"product_reference": "tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch"
},
"product_reference": "tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-lib-9.0.111-150200.96.1.noarch as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat-lib-9.0.111-150200.96.1.noarch"
},
"product_reference": "tomcat-lib-9.0.111-150200.96.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch"
},
"product_reference": "tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-webapps-9.0.111-150200.96.1.noarch as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat-webapps-9.0.111-150200.96.1.noarch"
},
"product_reference": "tomcat-webapps-9.0.111-150200.96.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-9.0.111-150200.96.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:tomcat-9.0.111-150200.96.1.noarch"
},
"product_reference": "tomcat-9.0.111-150200.96.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-admin-webapps-9.0.111-150200.96.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:tomcat-admin-webapps-9.0.111-150200.96.1.noarch"
},
"product_reference": "tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-el-3_0-api-9.0.111-150200.96.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch"
},
"product_reference": "tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch"
},
"product_reference": "tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-lib-9.0.111-150200.96.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:tomcat-lib-9.0.111-150200.96.1.noarch"
},
"product_reference": "tomcat-lib-9.0.111-150200.96.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch"
},
"product_reference": "tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-webapps-9.0.111-150200.96.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:tomcat-webapps-9.0.111-150200.96.1.noarch"
},
"product_reference": "tomcat-webapps-9.0.111-150200.96.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-9.0.111-150200.96.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:tomcat-9.0.111-150200.96.1.noarch"
},
"product_reference": "tomcat-9.0.111-150200.96.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-admin-webapps-9.0.111-150200.96.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:tomcat-admin-webapps-9.0.111-150200.96.1.noarch"
},
"product_reference": "tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-el-3_0-api-9.0.111-150200.96.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch"
},
"product_reference": "tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch"
},
"product_reference": "tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-lib-9.0.111-150200.96.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:tomcat-lib-9.0.111-150200.96.1.noarch"
},
"product_reference": "tomcat-lib-9.0.111-150200.96.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch"
},
"product_reference": "tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-webapps-9.0.111-150200.96.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:tomcat-webapps-9.0.111-150200.96.1.noarch"
},
"product_reference": "tomcat-webapps-9.0.111-150200.96.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-9.0.111-150200.96.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat-9.0.111-150200.96.1.noarch"
},
"product_reference": "tomcat-9.0.111-150200.96.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-admin-webapps-9.0.111-150200.96.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat-admin-webapps-9.0.111-150200.96.1.noarch"
},
"product_reference": "tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-el-3_0-api-9.0.111-150200.96.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch"
},
"product_reference": "tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch"
},
"product_reference": "tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-lib-9.0.111-150200.96.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat-lib-9.0.111-150200.96.1.noarch"
},
"product_reference": "tomcat-lib-9.0.111-150200.96.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch"
},
"product_reference": "tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-webapps-9.0.111-150200.96.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat-webapps-9.0.111-150200.96.1.noarch"
},
"product_reference": "tomcat-webapps-9.0.111-150200.96.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-9.0.111-150200.96.1.noarch as component of SUSE Manager Server LTS 4.3",
"product_id": "SUSE Manager Server LTS 4.3:tomcat-9.0.111-150200.96.1.noarch"
},
"product_reference": "tomcat-9.0.111-150200.96.1.noarch",
"relates_to_product_reference": "SUSE Manager Server LTS 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-admin-webapps-9.0.111-150200.96.1.noarch as component of SUSE Manager Server LTS 4.3",
"product_id": "SUSE Manager Server LTS 4.3:tomcat-admin-webapps-9.0.111-150200.96.1.noarch"
},
"product_reference": "tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"relates_to_product_reference": "SUSE Manager Server LTS 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-el-3_0-api-9.0.111-150200.96.1.noarch as component of SUSE Manager Server LTS 4.3",
"product_id": "SUSE Manager Server LTS 4.3:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch"
},
"product_reference": "tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"relates_to_product_reference": "SUSE Manager Server LTS 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch as component of SUSE Manager Server LTS 4.3",
"product_id": "SUSE Manager Server LTS 4.3:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch"
},
"product_reference": "tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"relates_to_product_reference": "SUSE Manager Server LTS 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-lib-9.0.111-150200.96.1.noarch as component of SUSE Manager Server LTS 4.3",
"product_id": "SUSE Manager Server LTS 4.3:tomcat-lib-9.0.111-150200.96.1.noarch"
},
"product_reference": "tomcat-lib-9.0.111-150200.96.1.noarch",
"relates_to_product_reference": "SUSE Manager Server LTS 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch as component of SUSE Manager Server LTS 4.3",
"product_id": "SUSE Manager Server LTS 4.3:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch"
},
"product_reference": "tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"relates_to_product_reference": "SUSE Manager Server LTS 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-webapps-9.0.111-150200.96.1.noarch as component of SUSE Manager Server LTS 4.3",
"product_id": "SUSE Manager Server LTS 4.3:tomcat-webapps-9.0.111-150200.96.1.noarch"
},
"product_reference": "tomcat-webapps-9.0.111-150200.96.1.noarch",
"relates_to_product_reference": "SUSE Manager Server LTS 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-9.0.111-150200.96.1.noarch as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:tomcat-9.0.111-150200.96.1.noarch"
},
"product_reference": "tomcat-9.0.111-150200.96.1.noarch",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-admin-webapps-9.0.111-150200.96.1.noarch as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:tomcat-admin-webapps-9.0.111-150200.96.1.noarch"
},
"product_reference": "tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-el-3_0-api-9.0.111-150200.96.1.noarch as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch"
},
"product_reference": "tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch"
},
"product_reference": "tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-lib-9.0.111-150200.96.1.noarch as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:tomcat-lib-9.0.111-150200.96.1.noarch"
},
"product_reference": "tomcat-lib-9.0.111-150200.96.1.noarch",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch"
},
"product_reference": "tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-webapps-9.0.111-150200.96.1.noarch as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:tomcat-webapps-9.0.111-150200.96.1.noarch"
},
"product_reference": "tomcat-webapps-9.0.111-150200.96.1.noarch",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-9.0.111-150200.96.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:tomcat-9.0.111-150200.96.1.noarch"
},
"product_reference": "tomcat-9.0.111-150200.96.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-admin-webapps-9.0.111-150200.96.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:tomcat-admin-webapps-9.0.111-150200.96.1.noarch"
},
"product_reference": "tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-docs-webapp-9.0.111-150200.96.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:tomcat-docs-webapp-9.0.111-150200.96.1.noarch"
},
"product_reference": "tomcat-docs-webapp-9.0.111-150200.96.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-el-3_0-api-9.0.111-150200.96.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch"
},
"product_reference": "tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-embed-9.0.111-150200.96.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:tomcat-embed-9.0.111-150200.96.1.noarch"
},
"product_reference": "tomcat-embed-9.0.111-150200.96.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-javadoc-9.0.111-150200.96.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:tomcat-javadoc-9.0.111-150200.96.1.noarch"
},
"product_reference": "tomcat-javadoc-9.0.111-150200.96.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch"
},
"product_reference": "tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-jsvc-9.0.111-150200.96.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:tomcat-jsvc-9.0.111-150200.96.1.noarch"
},
"product_reference": "tomcat-jsvc-9.0.111-150200.96.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-lib-9.0.111-150200.96.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:tomcat-lib-9.0.111-150200.96.1.noarch"
},
"product_reference": "tomcat-lib-9.0.111-150200.96.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch"
},
"product_reference": "tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat-webapps-9.0.111-150200.96.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:tomcat-webapps-9.0.111-150200.96.1.noarch"
},
"product_reference": "tomcat-webapps-9.0.111-150200.96.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-55752",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-55752"
}
],
"notes": [
{
"category": "general",
"text": "Relative Path Traversal vulnerability in Apache Tomcat.\n\nThe fix for bug 60013 introduced a regression where the rewritten URL was normalized before it was decoded. This introduced the possibility that, for rewrite rules that rewrite query parameters to the URL, an attacker could manipulate the request URI to bypass security constraints including the protection for /WEB-INF/ and /META-INF/. If PUT requests were also enabled then malicious files could be uploaded leading to remote code execution. PUT requests are normally limited to trusted users and it is considered unlikely that PUT requests would be enabled in conjunction with a rewrite that manipulated the URI.\n\n\n\nThis issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.10, from 10.1.0-M1 through 10.1.44, from 9.0.0.M11 through 9.0.108.\n\nThe following versions were EOL at the time the CVE was created but are \nknown to be affected: 8.5.6 though 8.5.100. Other, older, EOL versions may also be affected.\nUsers are recommended to upgrade to version 11.0.11 or later, 10.1.45 or later or 9.0.109 or later, which fix the issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Enterprise Storage 7.1:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Enterprise Storage 7.1:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Enterprise Storage 7.1:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Enterprise Storage 7.1:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Enterprise Storage 7.1:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Enterprise Storage 7.1:tomcat-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:tomcat-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:tomcat-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:tomcat-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:tomcat-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:tomcat-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:tomcat-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:tomcat-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat-webapps-9.0.111-150200.96.1.noarch",
"SUSE Manager Server LTS 4.3:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Manager Server LTS 4.3:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Manager Server LTS 4.3:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Manager Server LTS 4.3:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Manager Server LTS 4.3:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Manager Server LTS 4.3:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Manager Server LTS 4.3:tomcat-webapps-9.0.111-150200.96.1.noarch",
"openSUSE Leap 15.6:tomcat-9.0.111-150200.96.1.noarch",
"openSUSE Leap 15.6:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"openSUSE Leap 15.6:tomcat-docs-webapp-9.0.111-150200.96.1.noarch",
"openSUSE Leap 15.6:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"openSUSE Leap 15.6:tomcat-embed-9.0.111-150200.96.1.noarch",
"openSUSE Leap 15.6:tomcat-javadoc-9.0.111-150200.96.1.noarch",
"openSUSE Leap 15.6:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"openSUSE Leap 15.6:tomcat-jsvc-9.0.111-150200.96.1.noarch",
"openSUSE Leap 15.6:tomcat-lib-9.0.111-150200.96.1.noarch",
"openSUSE Leap 15.6:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"openSUSE Leap 15.6:tomcat-webapps-9.0.111-150200.96.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-55752",
"url": "https://www.suse.com/security/cve/CVE-2025-55752"
},
{
"category": "external",
"summary": "SUSE Bug 1252753 for CVE-2025-55752",
"url": "https://bugzilla.suse.com/1252753"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Enterprise Storage 7.1:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Enterprise Storage 7.1:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Enterprise Storage 7.1:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Enterprise Storage 7.1:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Enterprise Storage 7.1:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Enterprise Storage 7.1:tomcat-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:tomcat-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:tomcat-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:tomcat-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:tomcat-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:tomcat-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:tomcat-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:tomcat-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat-webapps-9.0.111-150200.96.1.noarch",
"SUSE Manager Server LTS 4.3:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Manager Server LTS 4.3:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Manager Server LTS 4.3:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Manager Server LTS 4.3:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Manager Server LTS 4.3:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Manager Server LTS 4.3:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Manager Server LTS 4.3:tomcat-webapps-9.0.111-150200.96.1.noarch",
"openSUSE Leap 15.6:tomcat-9.0.111-150200.96.1.noarch",
"openSUSE Leap 15.6:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"openSUSE Leap 15.6:tomcat-docs-webapp-9.0.111-150200.96.1.noarch",
"openSUSE Leap 15.6:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"openSUSE Leap 15.6:tomcat-embed-9.0.111-150200.96.1.noarch",
"openSUSE Leap 15.6:tomcat-javadoc-9.0.111-150200.96.1.noarch",
"openSUSE Leap 15.6:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"openSUSE Leap 15.6:tomcat-jsvc-9.0.111-150200.96.1.noarch",
"openSUSE Leap 15.6:tomcat-lib-9.0.111-150200.96.1.noarch",
"openSUSE Leap 15.6:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"openSUSE Leap 15.6:tomcat-webapps-9.0.111-150200.96.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Enterprise Storage 7.1:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Enterprise Storage 7.1:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Enterprise Storage 7.1:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Enterprise Storage 7.1:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Enterprise Storage 7.1:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Enterprise Storage 7.1:tomcat-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:tomcat-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:tomcat-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:tomcat-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:tomcat-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:tomcat-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:tomcat-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:tomcat-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat-webapps-9.0.111-150200.96.1.noarch",
"SUSE Manager Server LTS 4.3:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Manager Server LTS 4.3:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Manager Server LTS 4.3:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Manager Server LTS 4.3:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Manager Server LTS 4.3:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Manager Server LTS 4.3:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Manager Server LTS 4.3:tomcat-webapps-9.0.111-150200.96.1.noarch",
"openSUSE Leap 15.6:tomcat-9.0.111-150200.96.1.noarch",
"openSUSE Leap 15.6:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"openSUSE Leap 15.6:tomcat-docs-webapp-9.0.111-150200.96.1.noarch",
"openSUSE Leap 15.6:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"openSUSE Leap 15.6:tomcat-embed-9.0.111-150200.96.1.noarch",
"openSUSE Leap 15.6:tomcat-javadoc-9.0.111-150200.96.1.noarch",
"openSUSE Leap 15.6:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"openSUSE Leap 15.6:tomcat-jsvc-9.0.111-150200.96.1.noarch",
"openSUSE Leap 15.6:tomcat-lib-9.0.111-150200.96.1.noarch",
"openSUSE Leap 15.6:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"openSUSE Leap 15.6:tomcat-webapps-9.0.111-150200.96.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-21T14:31:51Z",
"details": "important"
}
],
"title": "CVE-2025-55752"
},
{
"cve": "CVE-2025-55754",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-55754"
}
],
"notes": [
{
"category": "general",
"text": "Improper Neutralization of Escape, Meta, or Control Sequences vulnerability in Apache Tomcat.\n\nTomcat did not escape ANSI escape sequences in log messages. If Tomcat was running in a console on a Windows operating system, and the console supported ANSI escape sequences, it was possible for an attacker to use a specially crafted URL to inject ANSI escape sequences to manipulate the console and the clipboard and attempt to trick an administrator into running an attacker controlled command. While no attack vector was found, it may have been possible to mount this attack on other operating systems.\n\n\n\nThis issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.10, from 10.1.0-M1 through 10.1.44, from 9.0.40 through 9.0.108.\n\nThe following versions were EOL at the time the CVE was created but are \nknown to be affected: 8.5.60 though 8.5.100. Other, older, EOL versions may also be affected.\nUsers are recommended to upgrade to version 11.0.11 or later, 10.1.45 or later or 9.0.109 or later, which fix the issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Enterprise Storage 7.1:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Enterprise Storage 7.1:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Enterprise Storage 7.1:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Enterprise Storage 7.1:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Enterprise Storage 7.1:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Enterprise Storage 7.1:tomcat-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:tomcat-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:tomcat-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:tomcat-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:tomcat-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:tomcat-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:tomcat-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:tomcat-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat-webapps-9.0.111-150200.96.1.noarch",
"SUSE Manager Server LTS 4.3:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Manager Server LTS 4.3:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Manager Server LTS 4.3:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Manager Server LTS 4.3:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Manager Server LTS 4.3:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Manager Server LTS 4.3:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Manager Server LTS 4.3:tomcat-webapps-9.0.111-150200.96.1.noarch",
"openSUSE Leap 15.6:tomcat-9.0.111-150200.96.1.noarch",
"openSUSE Leap 15.6:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"openSUSE Leap 15.6:tomcat-docs-webapp-9.0.111-150200.96.1.noarch",
"openSUSE Leap 15.6:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"openSUSE Leap 15.6:tomcat-embed-9.0.111-150200.96.1.noarch",
"openSUSE Leap 15.6:tomcat-javadoc-9.0.111-150200.96.1.noarch",
"openSUSE Leap 15.6:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"openSUSE Leap 15.6:tomcat-jsvc-9.0.111-150200.96.1.noarch",
"openSUSE Leap 15.6:tomcat-lib-9.0.111-150200.96.1.noarch",
"openSUSE Leap 15.6:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"openSUSE Leap 15.6:tomcat-webapps-9.0.111-150200.96.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-55754",
"url": "https://www.suse.com/security/cve/CVE-2025-55754"
},
{
"category": "external",
"summary": "SUSE Bug 1252905 for CVE-2025-55754",
"url": "https://bugzilla.suse.com/1252905"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Enterprise Storage 7.1:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Enterprise Storage 7.1:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Enterprise Storage 7.1:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Enterprise Storage 7.1:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Enterprise Storage 7.1:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Enterprise Storage 7.1:tomcat-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:tomcat-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:tomcat-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:tomcat-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:tomcat-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:tomcat-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:tomcat-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:tomcat-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat-webapps-9.0.111-150200.96.1.noarch",
"SUSE Manager Server LTS 4.3:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Manager Server LTS 4.3:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Manager Server LTS 4.3:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Manager Server LTS 4.3:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Manager Server LTS 4.3:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Manager Server LTS 4.3:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Manager Server LTS 4.3:tomcat-webapps-9.0.111-150200.96.1.noarch",
"openSUSE Leap 15.6:tomcat-9.0.111-150200.96.1.noarch",
"openSUSE Leap 15.6:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"openSUSE Leap 15.6:tomcat-docs-webapp-9.0.111-150200.96.1.noarch",
"openSUSE Leap 15.6:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"openSUSE Leap 15.6:tomcat-embed-9.0.111-150200.96.1.noarch",
"openSUSE Leap 15.6:tomcat-javadoc-9.0.111-150200.96.1.noarch",
"openSUSE Leap 15.6:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"openSUSE Leap 15.6:tomcat-jsvc-9.0.111-150200.96.1.noarch",
"openSUSE Leap 15.6:tomcat-lib-9.0.111-150200.96.1.noarch",
"openSUSE Leap 15.6:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"openSUSE Leap 15.6:tomcat-webapps-9.0.111-150200.96.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Enterprise Storage 7.1:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Enterprise Storage 7.1:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Enterprise Storage 7.1:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Enterprise Storage 7.1:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Enterprise Storage 7.1:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Enterprise Storage 7.1:tomcat-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:tomcat-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:tomcat-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:tomcat-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:tomcat-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:tomcat-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:tomcat-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:tomcat-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat-webapps-9.0.111-150200.96.1.noarch",
"SUSE Manager Server LTS 4.3:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Manager Server LTS 4.3:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Manager Server LTS 4.3:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Manager Server LTS 4.3:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Manager Server LTS 4.3:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Manager Server LTS 4.3:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Manager Server LTS 4.3:tomcat-webapps-9.0.111-150200.96.1.noarch",
"openSUSE Leap 15.6:tomcat-9.0.111-150200.96.1.noarch",
"openSUSE Leap 15.6:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"openSUSE Leap 15.6:tomcat-docs-webapp-9.0.111-150200.96.1.noarch",
"openSUSE Leap 15.6:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"openSUSE Leap 15.6:tomcat-embed-9.0.111-150200.96.1.noarch",
"openSUSE Leap 15.6:tomcat-javadoc-9.0.111-150200.96.1.noarch",
"openSUSE Leap 15.6:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"openSUSE Leap 15.6:tomcat-jsvc-9.0.111-150200.96.1.noarch",
"openSUSE Leap 15.6:tomcat-lib-9.0.111-150200.96.1.noarch",
"openSUSE Leap 15.6:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"openSUSE Leap 15.6:tomcat-webapps-9.0.111-150200.96.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-21T14:31:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-55754"
},
{
"cve": "CVE-2025-61795",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-61795"
}
],
"notes": [
{
"category": "general",
"text": "Improper Resource Shutdown or Release vulnerability in Apache Tomcat.\n\nIf an error occurred (including exceeding limits) during the processing of a multipart upload, temporary copies of the uploaded parts written to disc were not cleaned up immediately but left for the garbage collection process to delete. Depending on JVM settings, application memory usage and application load, it was possible that space for the temporary copies of uploaded parts would be filled faster than GC cleared it, leading to a DoS.\n\n\n\nThis issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.11, from 10.1.0-M1 through 10.1.46, from 9.0.0.M1 through 9.0.109.\n\nThe following versions were EOL at the time the CVE was created but are \nknown to be affected: 8.5.0 though 8.5.100. Other, older, EOL versions may also be affected.\nUsers are recommended to upgrade to version 11.0.12 or later, 10.1.47 or later or 9.0.110 or later which fixes the issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Enterprise Storage 7.1:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Enterprise Storage 7.1:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Enterprise Storage 7.1:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Enterprise Storage 7.1:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Enterprise Storage 7.1:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Enterprise Storage 7.1:tomcat-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:tomcat-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:tomcat-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:tomcat-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:tomcat-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:tomcat-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:tomcat-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:tomcat-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat-webapps-9.0.111-150200.96.1.noarch",
"SUSE Manager Server LTS 4.3:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Manager Server LTS 4.3:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Manager Server LTS 4.3:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Manager Server LTS 4.3:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Manager Server LTS 4.3:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Manager Server LTS 4.3:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Manager Server LTS 4.3:tomcat-webapps-9.0.111-150200.96.1.noarch",
"openSUSE Leap 15.6:tomcat-9.0.111-150200.96.1.noarch",
"openSUSE Leap 15.6:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"openSUSE Leap 15.6:tomcat-docs-webapp-9.0.111-150200.96.1.noarch",
"openSUSE Leap 15.6:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"openSUSE Leap 15.6:tomcat-embed-9.0.111-150200.96.1.noarch",
"openSUSE Leap 15.6:tomcat-javadoc-9.0.111-150200.96.1.noarch",
"openSUSE Leap 15.6:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"openSUSE Leap 15.6:tomcat-jsvc-9.0.111-150200.96.1.noarch",
"openSUSE Leap 15.6:tomcat-lib-9.0.111-150200.96.1.noarch",
"openSUSE Leap 15.6:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"openSUSE Leap 15.6:tomcat-webapps-9.0.111-150200.96.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-61795",
"url": "https://www.suse.com/security/cve/CVE-2025-61795"
},
{
"category": "external",
"summary": "SUSE Bug 1252756 for CVE-2025-61795",
"url": "https://bugzilla.suse.com/1252756"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Enterprise Storage 7.1:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Enterprise Storage 7.1:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Enterprise Storage 7.1:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Enterprise Storage 7.1:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Enterprise Storage 7.1:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Enterprise Storage 7.1:tomcat-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:tomcat-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:tomcat-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:tomcat-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:tomcat-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:tomcat-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:tomcat-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:tomcat-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat-webapps-9.0.111-150200.96.1.noarch",
"SUSE Manager Server LTS 4.3:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Manager Server LTS 4.3:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Manager Server LTS 4.3:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Manager Server LTS 4.3:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Manager Server LTS 4.3:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Manager Server LTS 4.3:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Manager Server LTS 4.3:tomcat-webapps-9.0.111-150200.96.1.noarch",
"openSUSE Leap 15.6:tomcat-9.0.111-150200.96.1.noarch",
"openSUSE Leap 15.6:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"openSUSE Leap 15.6:tomcat-docs-webapp-9.0.111-150200.96.1.noarch",
"openSUSE Leap 15.6:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"openSUSE Leap 15.6:tomcat-embed-9.0.111-150200.96.1.noarch",
"openSUSE Leap 15.6:tomcat-javadoc-9.0.111-150200.96.1.noarch",
"openSUSE Leap 15.6:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"openSUSE Leap 15.6:tomcat-jsvc-9.0.111-150200.96.1.noarch",
"openSUSE Leap 15.6:tomcat-lib-9.0.111-150200.96.1.noarch",
"openSUSE Leap 15.6:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"openSUSE Leap 15.6:tomcat-webapps-9.0.111-150200.96.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Enterprise Storage 7.1:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Enterprise Storage 7.1:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Enterprise Storage 7.1:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Enterprise Storage 7.1:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Enterprise Storage 7.1:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Enterprise Storage 7.1:tomcat-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:tomcat-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:tomcat-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:tomcat-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:tomcat-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:tomcat-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:tomcat-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:tomcat-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat-webapps-9.0.111-150200.96.1.noarch",
"SUSE Manager Server LTS 4.3:tomcat-9.0.111-150200.96.1.noarch",
"SUSE Manager Server LTS 4.3:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"SUSE Manager Server LTS 4.3:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"SUSE Manager Server LTS 4.3:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"SUSE Manager Server LTS 4.3:tomcat-lib-9.0.111-150200.96.1.noarch",
"SUSE Manager Server LTS 4.3:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"SUSE Manager Server LTS 4.3:tomcat-webapps-9.0.111-150200.96.1.noarch",
"openSUSE Leap 15.6:tomcat-9.0.111-150200.96.1.noarch",
"openSUSE Leap 15.6:tomcat-admin-webapps-9.0.111-150200.96.1.noarch",
"openSUSE Leap 15.6:tomcat-docs-webapp-9.0.111-150200.96.1.noarch",
"openSUSE Leap 15.6:tomcat-el-3_0-api-9.0.111-150200.96.1.noarch",
"openSUSE Leap 15.6:tomcat-embed-9.0.111-150200.96.1.noarch",
"openSUSE Leap 15.6:tomcat-javadoc-9.0.111-150200.96.1.noarch",
"openSUSE Leap 15.6:tomcat-jsp-2_3-api-9.0.111-150200.96.1.noarch",
"openSUSE Leap 15.6:tomcat-jsvc-9.0.111-150200.96.1.noarch",
"openSUSE Leap 15.6:tomcat-lib-9.0.111-150200.96.1.noarch",
"openSUSE Leap 15.6:tomcat-servlet-4_0-api-9.0.111-150200.96.1.noarch",
"openSUSE Leap 15.6:tomcat-webapps-9.0.111-150200.96.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-21T14:31:51Z",
"details": "moderate"
}
],
"title": "CVE-2025-61795"
}
]
}
wid-sec-w-2025-2420
Vulnerability from csaf_certbund
Published
2025-10-27 23:00
Modified
2025-10-28 23:00
Summary
Apache Tomcat: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Apache Tomcat ist ein Web-Applikationsserver für verschiedene Plattformen.
Angriff
Ein entfernter, authentisierter oder anonymer Angreifer kann mehrere Schwachstellen in Apache Tomcat ausnutzen, um beliebigen Programmcode auszuführen, Sicherheitsmaßnahmen zu umgehen, Daten zu manipulieren und einen Denial-of-Service-Zustand zu verursachen.
Betroffene Betriebssysteme
- Sonstiges
- UNIX
- Windows
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Apache Tomcat ist ein Web-Applikationsserver f\u00fcr verschiedene Plattformen.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, authentisierter oder anonymer Angreifer kann mehrere Schwachstellen in Apache Tomcat ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, Daten zu manipulieren und einen Denial-of-Service-Zustand zu verursachen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Sonstiges\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2025-2420 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-2420.json"
},
{
"category": "self",
"summary": "WID-SEC-2025-2420 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-2420"
},
{
"category": "external",
"summary": "NIST Vulnerability Database vom 2025-10-27",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-55752"
},
{
"category": "external",
"summary": "NIST Vulnerability Database vom 2025-10-27",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-55754"
},
{
"category": "external",
"summary": "NIST Vulnerability Database vom 2025-10-27",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61795"
},
{
"category": "external",
"summary": "Apache Tomcat Security vom 2025-10-27",
"url": "https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.110"
},
{
"category": "external",
"summary": "Apache Tomcat Security vom 2025-10-27",
"url": "https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.47"
},
{
"category": "external",
"summary": "Apache Tomcat Security vom 2025-10-27",
"url": "https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.12"
},
{
"category": "external",
"summary": "PoC CVE-2025-55752 vom 2025-10-28",
"url": "https://github.com/TAM-K592/CVE-2025-55752"
}
],
"source_lang": "en-US",
"title": "Apache Tomcat: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2025-10-28T23:00:00.000+00:00",
"generator": {
"date": "2025-10-29T05:38:27.157+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.4.0"
}
},
"id": "WID-SEC-W-2025-2420",
"initial_release_date": "2025-10-27T23:00:00.000+00:00",
"revision_history": [
{
"date": "2025-10-27T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2025-10-28T23:00:00.000+00:00",
"number": "2",
"summary": "PoC f\u00fcr CVE-2025-55752 aufgenommen"
}
],
"status": "final",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.1.47",
"product": {
"name": "Apache Tomcat \u003c10.1.47",
"product_id": "T048171"
}
},
{
"category": "product_version",
"name": "10.1.47",
"product": {
"name": "Apache Tomcat 10.1.47",
"product_id": "T048171-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:apache:tomcat:10.1.47"
}
}
},
{
"category": "product_version_range",
"name": "\u003c11.0.12",
"product": {
"name": "Apache Tomcat \u003c11.0.12",
"product_id": "T048172"
}
},
{
"category": "product_version",
"name": "11.0.12",
"product": {
"name": "Apache Tomcat 11.0.12",
"product_id": "T048172-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:apache:tomcat:11.0.12"
}
}
},
{
"category": "product_version_range",
"name": "\u003c9.0.110",
"product": {
"name": "Apache Tomcat \u003c9.0.110",
"product_id": "T048173"
}
},
{
"category": "product_version",
"name": "9.0.110",
"product": {
"name": "Apache Tomcat 9.0.110",
"product_id": "T048173-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:apache:tomcat:9.0.110"
}
}
}
],
"category": "product_name",
"name": "Tomcat"
}
],
"category": "vendor",
"name": "Apache"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-55752",
"product_status": {
"known_affected": [
"T048171",
"T048173",
"T048172"
]
},
"release_date": "2025-10-27T23:00:00.000+00:00",
"title": "CVE-2025-55752"
},
{
"cve": "CVE-2025-55754",
"product_status": {
"known_affected": [
"T048171",
"T048173",
"T048172"
]
},
"release_date": "2025-10-27T23:00:00.000+00:00",
"title": "CVE-2025-55754"
},
{
"cve": "CVE-2025-61795",
"product_status": {
"known_affected": [
"T048171",
"T048173",
"T048172"
]
},
"release_date": "2025-10-27T23:00:00.000+00:00",
"title": "CVE-2025-61795"
}
]
}
rhsa-2025:19809
Vulnerability from csaf_redhat
Published
2025-11-06 16:32
Modified
2025-11-21 19:30
Summary
Red Hat Security Advisory: Red Hat JBoss Web Server 6.1.3 release and security update
Notes
Topic
Red Hat JBoss Web Server 6.1.3 is now available for Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9, and Red Hat Enterprise Linux 10.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache Tomcat Servlet container, JBoss HTTP Connector (mod_cluster), the PicketLink Vault extension for Apache Tomcat, and the Tomcat Native library.
This release of Red Hat JBoss Web Server 6.1.3 serves as a replacement for Red Hat JBoss Web Server 6.1.2. This release includes bug fixes, enhancements and component upgrades, which are documented in the Release Notes that are linked to in the References section.
Security Fix(es):
* tomcat-catalina: Apache Tomcat: Directory traversal via rewrite with possible RCE [jws-6] (CVE-2025-55752)
* tomcat: Apache Tomcat: Bypass of rules in Rewrite Valve [jws-6] (CVE-2025-31651)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat JBoss Web Server 6.1.3 is now available for Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9, and Red Hat Enterprise Linux 10.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache Tomcat Servlet container, JBoss HTTP Connector (mod_cluster), the PicketLink Vault extension for Apache Tomcat, and the Tomcat Native library.\n\nThis release of Red Hat JBoss Web Server 6.1.3 serves as a replacement for Red Hat JBoss Web Server 6.1.2. This release includes bug fixes, enhancements and component upgrades, which are documented in the Release Notes that are linked to in the References section.\n\nSecurity Fix(es):\n\n* tomcat-catalina: Apache Tomcat: Directory traversal via rewrite with possible RCE [jws-6] (CVE-2025-55752)\n* tomcat: Apache Tomcat: Bypass of rules in Rewrite Valve [jws-6] (CVE-2025-31651)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:19809",
"url": "https://access.redhat.com/errata/RHSA-2025:19809"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_jboss_web_server/6.1/html/red_hat_jboss_web_server_6.1_service_pack_3_release_notes/index",
"url": "https://docs.redhat.com/en/documentation/red_hat_jboss_web_server/6.1/html/red_hat_jboss_web_server_6.1_service_pack_3_release_notes/index"
},
{
"category": "external",
"summary": "2362782",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2362782"
},
{
"category": "external",
"summary": "2406591",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2406591"
},
{
"category": "external",
"summary": "JWS-3618",
"url": "https://issues.redhat.com/browse/JWS-3618"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_19809.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Web Server 6.1.3 release and security update",
"tracking": {
"current_release_date": "2025-11-21T19:30:27+00:00",
"generator": {
"date": "2025-11-21T19:30:27+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2025:19809",
"initial_release_date": "2025-11-06T16:32:43+00:00",
"revision_history": [
{
"date": "2025-11-06T16:32:43+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-11-06T16:32:43+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T19:30:27+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss Web Server 6.1 for RHEL 10",
"product": {
"name": "Red Hat JBoss Web Server 6.1 for RHEL 10",
"product_id": "10Base-JWS-6.1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_web_server:6.1::el10"
}
}
},
{
"category": "product_name",
"name": "Red Hat JBoss Web Server 6.1 for RHEL 8",
"product": {
"name": "Red Hat JBoss Web Server 6.1 for RHEL 8",
"product_id": "8Base-JWS-6.1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_web_server:6.1::el8"
}
}
},
{
"category": "product_name",
"name": "Red Hat JBoss Web Server 6.1 for RHEL 9",
"product": {
"name": "Red Hat JBoss Web Server 6.1 for RHEL 9",
"product_id": "9Base-JWS-6.1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_web_server:6.1::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Web Server"
},
{
"branches": [
{
"category": "product_version",
"name": "jws6-tomcat-0:10.1.36-19.redhat_00018.1.el10jws.src",
"product": {
"name": "jws6-tomcat-0:10.1.36-19.redhat_00018.1.el10jws.src",
"product_id": "jws6-tomcat-0:10.1.36-19.redhat_00018.1.el10jws.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jws6-tomcat@10.1.36-19.redhat_00018.1.el10jws?arch=src"
}
}
},
{
"category": "product_version",
"name": "jws6-tomcat-0:10.1.36-19.redhat_00018.1.el8jws.src",
"product": {
"name": "jws6-tomcat-0:10.1.36-19.redhat_00018.1.el8jws.src",
"product_id": "jws6-tomcat-0:10.1.36-19.redhat_00018.1.el8jws.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jws6-tomcat@10.1.36-19.redhat_00018.1.el8jws?arch=src"
}
}
},
{
"category": "product_version",
"name": "jws6-tomcat-0:10.1.36-19.redhat_00018.1.el9jws.src",
"product": {
"name": "jws6-tomcat-0:10.1.36-19.redhat_00018.1.el9jws.src",
"product_id": "jws6-tomcat-0:10.1.36-19.redhat_00018.1.el9jws.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jws6-tomcat@10.1.36-19.redhat_00018.1.el9jws?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "jws6-tomcat-0:10.1.36-19.redhat_00018.1.el10jws.noarch",
"product": {
"name": "jws6-tomcat-0:10.1.36-19.redhat_00018.1.el10jws.noarch",
"product_id": "jws6-tomcat-0:10.1.36-19.redhat_00018.1.el10jws.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jws6-tomcat@10.1.36-19.redhat_00018.1.el10jws?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jws6-tomcat-admin-webapps-0:10.1.36-19.redhat_00018.1.el10jws.noarch",
"product": {
"name": "jws6-tomcat-admin-webapps-0:10.1.36-19.redhat_00018.1.el10jws.noarch",
"product_id": "jws6-tomcat-admin-webapps-0:10.1.36-19.redhat_00018.1.el10jws.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jws6-tomcat-admin-webapps@10.1.36-19.redhat_00018.1.el10jws?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jws6-tomcat-docs-webapp-0:10.1.36-19.redhat_00018.1.el10jws.noarch",
"product": {
"name": "jws6-tomcat-docs-webapp-0:10.1.36-19.redhat_00018.1.el10jws.noarch",
"product_id": "jws6-tomcat-docs-webapp-0:10.1.36-19.redhat_00018.1.el10jws.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jws6-tomcat-docs-webapp@10.1.36-19.redhat_00018.1.el10jws?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jws6-tomcat-el-5.0-api-0:10.1.36-19.redhat_00018.1.el10jws.noarch",
"product": {
"name": "jws6-tomcat-el-5.0-api-0:10.1.36-19.redhat_00018.1.el10jws.noarch",
"product_id": "jws6-tomcat-el-5.0-api-0:10.1.36-19.redhat_00018.1.el10jws.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jws6-tomcat-el-5.0-api@10.1.36-19.redhat_00018.1.el10jws?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jws6-tomcat-javadoc-0:10.1.36-19.redhat_00018.1.el10jws.noarch",
"product": {
"name": "jws6-tomcat-javadoc-0:10.1.36-19.redhat_00018.1.el10jws.noarch",
"product_id": "jws6-tomcat-javadoc-0:10.1.36-19.redhat_00018.1.el10jws.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jws6-tomcat-javadoc@10.1.36-19.redhat_00018.1.el10jws?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jws6-tomcat-jsp-3.1-api-0:10.1.36-19.redhat_00018.1.el10jws.noarch",
"product": {
"name": "jws6-tomcat-jsp-3.1-api-0:10.1.36-19.redhat_00018.1.el10jws.noarch",
"product_id": "jws6-tomcat-jsp-3.1-api-0:10.1.36-19.redhat_00018.1.el10jws.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jws6-tomcat-jsp-3.1-api@10.1.36-19.redhat_00018.1.el10jws?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jws6-tomcat-lib-0:10.1.36-19.redhat_00018.1.el10jws.noarch",
"product": {
"name": "jws6-tomcat-lib-0:10.1.36-19.redhat_00018.1.el10jws.noarch",
"product_id": "jws6-tomcat-lib-0:10.1.36-19.redhat_00018.1.el10jws.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jws6-tomcat-lib@10.1.36-19.redhat_00018.1.el10jws?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jws6-tomcat-selinux-0:10.1.36-19.redhat_00018.1.el10jws.noarch",
"product": {
"name": "jws6-tomcat-selinux-0:10.1.36-19.redhat_00018.1.el10jws.noarch",
"product_id": "jws6-tomcat-selinux-0:10.1.36-19.redhat_00018.1.el10jws.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jws6-tomcat-selinux@10.1.36-19.redhat_00018.1.el10jws?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jws6-tomcat-servlet-6.0-api-0:10.1.36-19.redhat_00018.1.el10jws.noarch",
"product": {
"name": "jws6-tomcat-servlet-6.0-api-0:10.1.36-19.redhat_00018.1.el10jws.noarch",
"product_id": "jws6-tomcat-servlet-6.0-api-0:10.1.36-19.redhat_00018.1.el10jws.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jws6-tomcat-servlet-6.0-api@10.1.36-19.redhat_00018.1.el10jws?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jws6-tomcat-webapps-0:10.1.36-19.redhat_00018.1.el10jws.noarch",
"product": {
"name": "jws6-tomcat-webapps-0:10.1.36-19.redhat_00018.1.el10jws.noarch",
"product_id": "jws6-tomcat-webapps-0:10.1.36-19.redhat_00018.1.el10jws.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jws6-tomcat-webapps@10.1.36-19.redhat_00018.1.el10jws?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jws6-tomcat-0:10.1.36-19.redhat_00018.1.el8jws.noarch",
"product": {
"name": "jws6-tomcat-0:10.1.36-19.redhat_00018.1.el8jws.noarch",
"product_id": "jws6-tomcat-0:10.1.36-19.redhat_00018.1.el8jws.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jws6-tomcat@10.1.36-19.redhat_00018.1.el8jws?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jws6-tomcat-admin-webapps-0:10.1.36-19.redhat_00018.1.el8jws.noarch",
"product": {
"name": "jws6-tomcat-admin-webapps-0:10.1.36-19.redhat_00018.1.el8jws.noarch",
"product_id": "jws6-tomcat-admin-webapps-0:10.1.36-19.redhat_00018.1.el8jws.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jws6-tomcat-admin-webapps@10.1.36-19.redhat_00018.1.el8jws?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jws6-tomcat-docs-webapp-0:10.1.36-19.redhat_00018.1.el8jws.noarch",
"product": {
"name": "jws6-tomcat-docs-webapp-0:10.1.36-19.redhat_00018.1.el8jws.noarch",
"product_id": "jws6-tomcat-docs-webapp-0:10.1.36-19.redhat_00018.1.el8jws.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jws6-tomcat-docs-webapp@10.1.36-19.redhat_00018.1.el8jws?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jws6-tomcat-el-5.0-api-0:10.1.36-19.redhat_00018.1.el8jws.noarch",
"product": {
"name": "jws6-tomcat-el-5.0-api-0:10.1.36-19.redhat_00018.1.el8jws.noarch",
"product_id": "jws6-tomcat-el-5.0-api-0:10.1.36-19.redhat_00018.1.el8jws.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jws6-tomcat-el-5.0-api@10.1.36-19.redhat_00018.1.el8jws?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jws6-tomcat-javadoc-0:10.1.36-19.redhat_00018.1.el8jws.noarch",
"product": {
"name": "jws6-tomcat-javadoc-0:10.1.36-19.redhat_00018.1.el8jws.noarch",
"product_id": "jws6-tomcat-javadoc-0:10.1.36-19.redhat_00018.1.el8jws.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jws6-tomcat-javadoc@10.1.36-19.redhat_00018.1.el8jws?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jws6-tomcat-jsp-3.1-api-0:10.1.36-19.redhat_00018.1.el8jws.noarch",
"product": {
"name": "jws6-tomcat-jsp-3.1-api-0:10.1.36-19.redhat_00018.1.el8jws.noarch",
"product_id": "jws6-tomcat-jsp-3.1-api-0:10.1.36-19.redhat_00018.1.el8jws.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jws6-tomcat-jsp-3.1-api@10.1.36-19.redhat_00018.1.el8jws?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jws6-tomcat-lib-0:10.1.36-19.redhat_00018.1.el8jws.noarch",
"product": {
"name": "jws6-tomcat-lib-0:10.1.36-19.redhat_00018.1.el8jws.noarch",
"product_id": "jws6-tomcat-lib-0:10.1.36-19.redhat_00018.1.el8jws.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jws6-tomcat-lib@10.1.36-19.redhat_00018.1.el8jws?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jws6-tomcat-selinux-0:10.1.36-19.redhat_00018.1.el8jws.noarch",
"product": {
"name": "jws6-tomcat-selinux-0:10.1.36-19.redhat_00018.1.el8jws.noarch",
"product_id": "jws6-tomcat-selinux-0:10.1.36-19.redhat_00018.1.el8jws.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jws6-tomcat-selinux@10.1.36-19.redhat_00018.1.el8jws?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jws6-tomcat-servlet-6.0-api-0:10.1.36-19.redhat_00018.1.el8jws.noarch",
"product": {
"name": "jws6-tomcat-servlet-6.0-api-0:10.1.36-19.redhat_00018.1.el8jws.noarch",
"product_id": "jws6-tomcat-servlet-6.0-api-0:10.1.36-19.redhat_00018.1.el8jws.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jws6-tomcat-servlet-6.0-api@10.1.36-19.redhat_00018.1.el8jws?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jws6-tomcat-webapps-0:10.1.36-19.redhat_00018.1.el8jws.noarch",
"product": {
"name": "jws6-tomcat-webapps-0:10.1.36-19.redhat_00018.1.el8jws.noarch",
"product_id": "jws6-tomcat-webapps-0:10.1.36-19.redhat_00018.1.el8jws.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jws6-tomcat-webapps@10.1.36-19.redhat_00018.1.el8jws?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jws6-tomcat-0:10.1.36-19.redhat_00018.1.el9jws.noarch",
"product": {
"name": "jws6-tomcat-0:10.1.36-19.redhat_00018.1.el9jws.noarch",
"product_id": "jws6-tomcat-0:10.1.36-19.redhat_00018.1.el9jws.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jws6-tomcat@10.1.36-19.redhat_00018.1.el9jws?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jws6-tomcat-admin-webapps-0:10.1.36-19.redhat_00018.1.el9jws.noarch",
"product": {
"name": "jws6-tomcat-admin-webapps-0:10.1.36-19.redhat_00018.1.el9jws.noarch",
"product_id": "jws6-tomcat-admin-webapps-0:10.1.36-19.redhat_00018.1.el9jws.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jws6-tomcat-admin-webapps@10.1.36-19.redhat_00018.1.el9jws?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jws6-tomcat-docs-webapp-0:10.1.36-19.redhat_00018.1.el9jws.noarch",
"product": {
"name": "jws6-tomcat-docs-webapp-0:10.1.36-19.redhat_00018.1.el9jws.noarch",
"product_id": "jws6-tomcat-docs-webapp-0:10.1.36-19.redhat_00018.1.el9jws.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jws6-tomcat-docs-webapp@10.1.36-19.redhat_00018.1.el9jws?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jws6-tomcat-el-5.0-api-0:10.1.36-19.redhat_00018.1.el9jws.noarch",
"product": {
"name": "jws6-tomcat-el-5.0-api-0:10.1.36-19.redhat_00018.1.el9jws.noarch",
"product_id": "jws6-tomcat-el-5.0-api-0:10.1.36-19.redhat_00018.1.el9jws.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jws6-tomcat-el-5.0-api@10.1.36-19.redhat_00018.1.el9jws?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jws6-tomcat-javadoc-0:10.1.36-19.redhat_00018.1.el9jws.noarch",
"product": {
"name": "jws6-tomcat-javadoc-0:10.1.36-19.redhat_00018.1.el9jws.noarch",
"product_id": "jws6-tomcat-javadoc-0:10.1.36-19.redhat_00018.1.el9jws.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jws6-tomcat-javadoc@10.1.36-19.redhat_00018.1.el9jws?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jws6-tomcat-jsp-3.1-api-0:10.1.36-19.redhat_00018.1.el9jws.noarch",
"product": {
"name": "jws6-tomcat-jsp-3.1-api-0:10.1.36-19.redhat_00018.1.el9jws.noarch",
"product_id": "jws6-tomcat-jsp-3.1-api-0:10.1.36-19.redhat_00018.1.el9jws.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jws6-tomcat-jsp-3.1-api@10.1.36-19.redhat_00018.1.el9jws?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jws6-tomcat-lib-0:10.1.36-19.redhat_00018.1.el9jws.noarch",
"product": {
"name": "jws6-tomcat-lib-0:10.1.36-19.redhat_00018.1.el9jws.noarch",
"product_id": "jws6-tomcat-lib-0:10.1.36-19.redhat_00018.1.el9jws.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jws6-tomcat-lib@10.1.36-19.redhat_00018.1.el9jws?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jws6-tomcat-selinux-0:10.1.36-19.redhat_00018.1.el9jws.noarch",
"product": {
"name": "jws6-tomcat-selinux-0:10.1.36-19.redhat_00018.1.el9jws.noarch",
"product_id": "jws6-tomcat-selinux-0:10.1.36-19.redhat_00018.1.el9jws.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jws6-tomcat-selinux@10.1.36-19.redhat_00018.1.el9jws?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jws6-tomcat-servlet-6.0-api-0:10.1.36-19.redhat_00018.1.el9jws.noarch",
"product": {
"name": "jws6-tomcat-servlet-6.0-api-0:10.1.36-19.redhat_00018.1.el9jws.noarch",
"product_id": "jws6-tomcat-servlet-6.0-api-0:10.1.36-19.redhat_00018.1.el9jws.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jws6-tomcat-servlet-6.0-api@10.1.36-19.redhat_00018.1.el9jws?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jws6-tomcat-webapps-0:10.1.36-19.redhat_00018.1.el9jws.noarch",
"product": {
"name": "jws6-tomcat-webapps-0:10.1.36-19.redhat_00018.1.el9jws.noarch",
"product_id": "jws6-tomcat-webapps-0:10.1.36-19.redhat_00018.1.el9jws.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jws6-tomcat-webapps@10.1.36-19.redhat_00018.1.el9jws?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "jws6-tomcat-0:10.1.36-19.redhat_00018.1.el10jws.noarch as a component of Red Hat JBoss Web Server 6.1 for RHEL 10",
"product_id": "10Base-JWS-6.1:jws6-tomcat-0:10.1.36-19.redhat_00018.1.el10jws.noarch"
},
"product_reference": "jws6-tomcat-0:10.1.36-19.redhat_00018.1.el10jws.noarch",
"relates_to_product_reference": "10Base-JWS-6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jws6-tomcat-0:10.1.36-19.redhat_00018.1.el10jws.src as a component of Red Hat JBoss Web Server 6.1 for RHEL 10",
"product_id": "10Base-JWS-6.1:jws6-tomcat-0:10.1.36-19.redhat_00018.1.el10jws.src"
},
"product_reference": "jws6-tomcat-0:10.1.36-19.redhat_00018.1.el10jws.src",
"relates_to_product_reference": "10Base-JWS-6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jws6-tomcat-admin-webapps-0:10.1.36-19.redhat_00018.1.el10jws.noarch as a component of Red Hat JBoss Web Server 6.1 for RHEL 10",
"product_id": "10Base-JWS-6.1:jws6-tomcat-admin-webapps-0:10.1.36-19.redhat_00018.1.el10jws.noarch"
},
"product_reference": "jws6-tomcat-admin-webapps-0:10.1.36-19.redhat_00018.1.el10jws.noarch",
"relates_to_product_reference": "10Base-JWS-6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jws6-tomcat-docs-webapp-0:10.1.36-19.redhat_00018.1.el10jws.noarch as a component of Red Hat JBoss Web Server 6.1 for RHEL 10",
"product_id": "10Base-JWS-6.1:jws6-tomcat-docs-webapp-0:10.1.36-19.redhat_00018.1.el10jws.noarch"
},
"product_reference": "jws6-tomcat-docs-webapp-0:10.1.36-19.redhat_00018.1.el10jws.noarch",
"relates_to_product_reference": "10Base-JWS-6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jws6-tomcat-el-5.0-api-0:10.1.36-19.redhat_00018.1.el10jws.noarch as a component of Red Hat JBoss Web Server 6.1 for RHEL 10",
"product_id": "10Base-JWS-6.1:jws6-tomcat-el-5.0-api-0:10.1.36-19.redhat_00018.1.el10jws.noarch"
},
"product_reference": "jws6-tomcat-el-5.0-api-0:10.1.36-19.redhat_00018.1.el10jws.noarch",
"relates_to_product_reference": "10Base-JWS-6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jws6-tomcat-javadoc-0:10.1.36-19.redhat_00018.1.el10jws.noarch as a component of Red Hat JBoss Web Server 6.1 for RHEL 10",
"product_id": "10Base-JWS-6.1:jws6-tomcat-javadoc-0:10.1.36-19.redhat_00018.1.el10jws.noarch"
},
"product_reference": "jws6-tomcat-javadoc-0:10.1.36-19.redhat_00018.1.el10jws.noarch",
"relates_to_product_reference": "10Base-JWS-6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jws6-tomcat-jsp-3.1-api-0:10.1.36-19.redhat_00018.1.el10jws.noarch as a component of Red Hat JBoss Web Server 6.1 for RHEL 10",
"product_id": "10Base-JWS-6.1:jws6-tomcat-jsp-3.1-api-0:10.1.36-19.redhat_00018.1.el10jws.noarch"
},
"product_reference": "jws6-tomcat-jsp-3.1-api-0:10.1.36-19.redhat_00018.1.el10jws.noarch",
"relates_to_product_reference": "10Base-JWS-6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jws6-tomcat-lib-0:10.1.36-19.redhat_00018.1.el10jws.noarch as a component of Red Hat JBoss Web Server 6.1 for RHEL 10",
"product_id": "10Base-JWS-6.1:jws6-tomcat-lib-0:10.1.36-19.redhat_00018.1.el10jws.noarch"
},
"product_reference": "jws6-tomcat-lib-0:10.1.36-19.redhat_00018.1.el10jws.noarch",
"relates_to_product_reference": "10Base-JWS-6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jws6-tomcat-selinux-0:10.1.36-19.redhat_00018.1.el10jws.noarch as a component of Red Hat JBoss Web Server 6.1 for RHEL 10",
"product_id": "10Base-JWS-6.1:jws6-tomcat-selinux-0:10.1.36-19.redhat_00018.1.el10jws.noarch"
},
"product_reference": "jws6-tomcat-selinux-0:10.1.36-19.redhat_00018.1.el10jws.noarch",
"relates_to_product_reference": "10Base-JWS-6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jws6-tomcat-servlet-6.0-api-0:10.1.36-19.redhat_00018.1.el10jws.noarch as a component of Red Hat JBoss Web Server 6.1 for RHEL 10",
"product_id": "10Base-JWS-6.1:jws6-tomcat-servlet-6.0-api-0:10.1.36-19.redhat_00018.1.el10jws.noarch"
},
"product_reference": "jws6-tomcat-servlet-6.0-api-0:10.1.36-19.redhat_00018.1.el10jws.noarch",
"relates_to_product_reference": "10Base-JWS-6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jws6-tomcat-webapps-0:10.1.36-19.redhat_00018.1.el10jws.noarch as a component of Red Hat JBoss Web Server 6.1 for RHEL 10",
"product_id": "10Base-JWS-6.1:jws6-tomcat-webapps-0:10.1.36-19.redhat_00018.1.el10jws.noarch"
},
"product_reference": "jws6-tomcat-webapps-0:10.1.36-19.redhat_00018.1.el10jws.noarch",
"relates_to_product_reference": "10Base-JWS-6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jws6-tomcat-0:10.1.36-19.redhat_00018.1.el8jws.noarch as a component of Red Hat JBoss Web Server 6.1 for RHEL 8",
"product_id": "8Base-JWS-6.1:jws6-tomcat-0:10.1.36-19.redhat_00018.1.el8jws.noarch"
},
"product_reference": "jws6-tomcat-0:10.1.36-19.redhat_00018.1.el8jws.noarch",
"relates_to_product_reference": "8Base-JWS-6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jws6-tomcat-0:10.1.36-19.redhat_00018.1.el8jws.src as a component of Red Hat JBoss Web Server 6.1 for RHEL 8",
"product_id": "8Base-JWS-6.1:jws6-tomcat-0:10.1.36-19.redhat_00018.1.el8jws.src"
},
"product_reference": "jws6-tomcat-0:10.1.36-19.redhat_00018.1.el8jws.src",
"relates_to_product_reference": "8Base-JWS-6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jws6-tomcat-admin-webapps-0:10.1.36-19.redhat_00018.1.el8jws.noarch as a component of Red Hat JBoss Web Server 6.1 for RHEL 8",
"product_id": "8Base-JWS-6.1:jws6-tomcat-admin-webapps-0:10.1.36-19.redhat_00018.1.el8jws.noarch"
},
"product_reference": "jws6-tomcat-admin-webapps-0:10.1.36-19.redhat_00018.1.el8jws.noarch",
"relates_to_product_reference": "8Base-JWS-6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jws6-tomcat-docs-webapp-0:10.1.36-19.redhat_00018.1.el8jws.noarch as a component of Red Hat JBoss Web Server 6.1 for RHEL 8",
"product_id": "8Base-JWS-6.1:jws6-tomcat-docs-webapp-0:10.1.36-19.redhat_00018.1.el8jws.noarch"
},
"product_reference": "jws6-tomcat-docs-webapp-0:10.1.36-19.redhat_00018.1.el8jws.noarch",
"relates_to_product_reference": "8Base-JWS-6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jws6-tomcat-el-5.0-api-0:10.1.36-19.redhat_00018.1.el8jws.noarch as a component of Red Hat JBoss Web Server 6.1 for RHEL 8",
"product_id": "8Base-JWS-6.1:jws6-tomcat-el-5.0-api-0:10.1.36-19.redhat_00018.1.el8jws.noarch"
},
"product_reference": "jws6-tomcat-el-5.0-api-0:10.1.36-19.redhat_00018.1.el8jws.noarch",
"relates_to_product_reference": "8Base-JWS-6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jws6-tomcat-javadoc-0:10.1.36-19.redhat_00018.1.el8jws.noarch as a component of Red Hat JBoss Web Server 6.1 for RHEL 8",
"product_id": "8Base-JWS-6.1:jws6-tomcat-javadoc-0:10.1.36-19.redhat_00018.1.el8jws.noarch"
},
"product_reference": "jws6-tomcat-javadoc-0:10.1.36-19.redhat_00018.1.el8jws.noarch",
"relates_to_product_reference": "8Base-JWS-6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jws6-tomcat-jsp-3.1-api-0:10.1.36-19.redhat_00018.1.el8jws.noarch as a component of Red Hat JBoss Web Server 6.1 for RHEL 8",
"product_id": "8Base-JWS-6.1:jws6-tomcat-jsp-3.1-api-0:10.1.36-19.redhat_00018.1.el8jws.noarch"
},
"product_reference": "jws6-tomcat-jsp-3.1-api-0:10.1.36-19.redhat_00018.1.el8jws.noarch",
"relates_to_product_reference": "8Base-JWS-6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jws6-tomcat-lib-0:10.1.36-19.redhat_00018.1.el8jws.noarch as a component of Red Hat JBoss Web Server 6.1 for RHEL 8",
"product_id": "8Base-JWS-6.1:jws6-tomcat-lib-0:10.1.36-19.redhat_00018.1.el8jws.noarch"
},
"product_reference": "jws6-tomcat-lib-0:10.1.36-19.redhat_00018.1.el8jws.noarch",
"relates_to_product_reference": "8Base-JWS-6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jws6-tomcat-selinux-0:10.1.36-19.redhat_00018.1.el8jws.noarch as a component of Red Hat JBoss Web Server 6.1 for RHEL 8",
"product_id": "8Base-JWS-6.1:jws6-tomcat-selinux-0:10.1.36-19.redhat_00018.1.el8jws.noarch"
},
"product_reference": "jws6-tomcat-selinux-0:10.1.36-19.redhat_00018.1.el8jws.noarch",
"relates_to_product_reference": "8Base-JWS-6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jws6-tomcat-servlet-6.0-api-0:10.1.36-19.redhat_00018.1.el8jws.noarch as a component of Red Hat JBoss Web Server 6.1 for RHEL 8",
"product_id": "8Base-JWS-6.1:jws6-tomcat-servlet-6.0-api-0:10.1.36-19.redhat_00018.1.el8jws.noarch"
},
"product_reference": "jws6-tomcat-servlet-6.0-api-0:10.1.36-19.redhat_00018.1.el8jws.noarch",
"relates_to_product_reference": "8Base-JWS-6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jws6-tomcat-webapps-0:10.1.36-19.redhat_00018.1.el8jws.noarch as a component of Red Hat JBoss Web Server 6.1 for RHEL 8",
"product_id": "8Base-JWS-6.1:jws6-tomcat-webapps-0:10.1.36-19.redhat_00018.1.el8jws.noarch"
},
"product_reference": "jws6-tomcat-webapps-0:10.1.36-19.redhat_00018.1.el8jws.noarch",
"relates_to_product_reference": "8Base-JWS-6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jws6-tomcat-0:10.1.36-19.redhat_00018.1.el9jws.noarch as a component of Red Hat JBoss Web Server 6.1 for RHEL 9",
"product_id": "9Base-JWS-6.1:jws6-tomcat-0:10.1.36-19.redhat_00018.1.el9jws.noarch"
},
"product_reference": "jws6-tomcat-0:10.1.36-19.redhat_00018.1.el9jws.noarch",
"relates_to_product_reference": "9Base-JWS-6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jws6-tomcat-0:10.1.36-19.redhat_00018.1.el9jws.src as a component of Red Hat JBoss Web Server 6.1 for RHEL 9",
"product_id": "9Base-JWS-6.1:jws6-tomcat-0:10.1.36-19.redhat_00018.1.el9jws.src"
},
"product_reference": "jws6-tomcat-0:10.1.36-19.redhat_00018.1.el9jws.src",
"relates_to_product_reference": "9Base-JWS-6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jws6-tomcat-admin-webapps-0:10.1.36-19.redhat_00018.1.el9jws.noarch as a component of Red Hat JBoss Web Server 6.1 for RHEL 9",
"product_id": "9Base-JWS-6.1:jws6-tomcat-admin-webapps-0:10.1.36-19.redhat_00018.1.el9jws.noarch"
},
"product_reference": "jws6-tomcat-admin-webapps-0:10.1.36-19.redhat_00018.1.el9jws.noarch",
"relates_to_product_reference": "9Base-JWS-6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jws6-tomcat-docs-webapp-0:10.1.36-19.redhat_00018.1.el9jws.noarch as a component of Red Hat JBoss Web Server 6.1 for RHEL 9",
"product_id": "9Base-JWS-6.1:jws6-tomcat-docs-webapp-0:10.1.36-19.redhat_00018.1.el9jws.noarch"
},
"product_reference": "jws6-tomcat-docs-webapp-0:10.1.36-19.redhat_00018.1.el9jws.noarch",
"relates_to_product_reference": "9Base-JWS-6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jws6-tomcat-el-5.0-api-0:10.1.36-19.redhat_00018.1.el9jws.noarch as a component of Red Hat JBoss Web Server 6.1 for RHEL 9",
"product_id": "9Base-JWS-6.1:jws6-tomcat-el-5.0-api-0:10.1.36-19.redhat_00018.1.el9jws.noarch"
},
"product_reference": "jws6-tomcat-el-5.0-api-0:10.1.36-19.redhat_00018.1.el9jws.noarch",
"relates_to_product_reference": "9Base-JWS-6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jws6-tomcat-javadoc-0:10.1.36-19.redhat_00018.1.el9jws.noarch as a component of Red Hat JBoss Web Server 6.1 for RHEL 9",
"product_id": "9Base-JWS-6.1:jws6-tomcat-javadoc-0:10.1.36-19.redhat_00018.1.el9jws.noarch"
},
"product_reference": "jws6-tomcat-javadoc-0:10.1.36-19.redhat_00018.1.el9jws.noarch",
"relates_to_product_reference": "9Base-JWS-6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jws6-tomcat-jsp-3.1-api-0:10.1.36-19.redhat_00018.1.el9jws.noarch as a component of Red Hat JBoss Web Server 6.1 for RHEL 9",
"product_id": "9Base-JWS-6.1:jws6-tomcat-jsp-3.1-api-0:10.1.36-19.redhat_00018.1.el9jws.noarch"
},
"product_reference": "jws6-tomcat-jsp-3.1-api-0:10.1.36-19.redhat_00018.1.el9jws.noarch",
"relates_to_product_reference": "9Base-JWS-6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jws6-tomcat-lib-0:10.1.36-19.redhat_00018.1.el9jws.noarch as a component of Red Hat JBoss Web Server 6.1 for RHEL 9",
"product_id": "9Base-JWS-6.1:jws6-tomcat-lib-0:10.1.36-19.redhat_00018.1.el9jws.noarch"
},
"product_reference": "jws6-tomcat-lib-0:10.1.36-19.redhat_00018.1.el9jws.noarch",
"relates_to_product_reference": "9Base-JWS-6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jws6-tomcat-selinux-0:10.1.36-19.redhat_00018.1.el9jws.noarch as a component of Red Hat JBoss Web Server 6.1 for RHEL 9",
"product_id": "9Base-JWS-6.1:jws6-tomcat-selinux-0:10.1.36-19.redhat_00018.1.el9jws.noarch"
},
"product_reference": "jws6-tomcat-selinux-0:10.1.36-19.redhat_00018.1.el9jws.noarch",
"relates_to_product_reference": "9Base-JWS-6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jws6-tomcat-servlet-6.0-api-0:10.1.36-19.redhat_00018.1.el9jws.noarch as a component of Red Hat JBoss Web Server 6.1 for RHEL 9",
"product_id": "9Base-JWS-6.1:jws6-tomcat-servlet-6.0-api-0:10.1.36-19.redhat_00018.1.el9jws.noarch"
},
"product_reference": "jws6-tomcat-servlet-6.0-api-0:10.1.36-19.redhat_00018.1.el9jws.noarch",
"relates_to_product_reference": "9Base-JWS-6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jws6-tomcat-webapps-0:10.1.36-19.redhat_00018.1.el9jws.noarch as a component of Red Hat JBoss Web Server 6.1 for RHEL 9",
"product_id": "9Base-JWS-6.1:jws6-tomcat-webapps-0:10.1.36-19.redhat_00018.1.el9jws.noarch"
},
"product_reference": "jws6-tomcat-webapps-0:10.1.36-19.redhat_00018.1.el9jws.noarch",
"relates_to_product_reference": "9Base-JWS-6.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-31651",
"cwe": {
"id": "CWE-150",
"name": "Improper Neutralization of Escape, Meta, or Control Sequences"
},
"discovery_date": "2025-04-28T20:00:56.551028+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2362782"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache Tomcat\u0027s rewrite rule processing component. This vulnerability allows security constraints to be bypassed via specially crafted HTTP requests when specific, uncommon rewrite rule configurations are in use.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: Apache Tomcat: Bypass of rules in Rewrite Valve",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated as Low severity because it only manifests under a narrow set of conditions involving uncommon and non-default rewrite rule configurations that rely on specific patterns in the raw requestURI, including path parameters. In most deployments, rewrite rules operate on decoded and normalized URIs or are used for non-security-critical purposes like routing. Furthermore, Tomcat\u2019s internal processing already normalizes and removes path parameters (;-delimited) before applying security constraints, meaning any bypass would only be feasible if the rewrite logic directly enforced security (which is a poor practice). The flaw does not allow direct code execution, data leakage, or privilege escalation unless the rewrite rule was explicitly misused as a substitute for proper access control. \n\nIts impact is further mitigated by the fact that rewrite rules are not typically relied upon for access enforcement. As such, while the bug may lead to incorrect rule evaluation under certain edge-case configurations, it does not represent a significant security risk in practice.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"10Base-JWS-6.1:jws6-tomcat-0:10.1.36-19.redhat_00018.1.el10jws.noarch",
"10Base-JWS-6.1:jws6-tomcat-0:10.1.36-19.redhat_00018.1.el10jws.src",
"10Base-JWS-6.1:jws6-tomcat-admin-webapps-0:10.1.36-19.redhat_00018.1.el10jws.noarch",
"10Base-JWS-6.1:jws6-tomcat-docs-webapp-0:10.1.36-19.redhat_00018.1.el10jws.noarch",
"10Base-JWS-6.1:jws6-tomcat-el-5.0-api-0:10.1.36-19.redhat_00018.1.el10jws.noarch",
"10Base-JWS-6.1:jws6-tomcat-javadoc-0:10.1.36-19.redhat_00018.1.el10jws.noarch",
"10Base-JWS-6.1:jws6-tomcat-jsp-3.1-api-0:10.1.36-19.redhat_00018.1.el10jws.noarch",
"10Base-JWS-6.1:jws6-tomcat-lib-0:10.1.36-19.redhat_00018.1.el10jws.noarch",
"10Base-JWS-6.1:jws6-tomcat-selinux-0:10.1.36-19.redhat_00018.1.el10jws.noarch",
"10Base-JWS-6.1:jws6-tomcat-servlet-6.0-api-0:10.1.36-19.redhat_00018.1.el10jws.noarch",
"10Base-JWS-6.1:jws6-tomcat-webapps-0:10.1.36-19.redhat_00018.1.el10jws.noarch",
"8Base-JWS-6.1:jws6-tomcat-0:10.1.36-19.redhat_00018.1.el8jws.noarch",
"8Base-JWS-6.1:jws6-tomcat-0:10.1.36-19.redhat_00018.1.el8jws.src",
"8Base-JWS-6.1:jws6-tomcat-admin-webapps-0:10.1.36-19.redhat_00018.1.el8jws.noarch",
"8Base-JWS-6.1:jws6-tomcat-docs-webapp-0:10.1.36-19.redhat_00018.1.el8jws.noarch",
"8Base-JWS-6.1:jws6-tomcat-el-5.0-api-0:10.1.36-19.redhat_00018.1.el8jws.noarch",
"8Base-JWS-6.1:jws6-tomcat-javadoc-0:10.1.36-19.redhat_00018.1.el8jws.noarch",
"8Base-JWS-6.1:jws6-tomcat-jsp-3.1-api-0:10.1.36-19.redhat_00018.1.el8jws.noarch",
"8Base-JWS-6.1:jws6-tomcat-lib-0:10.1.36-19.redhat_00018.1.el8jws.noarch",
"8Base-JWS-6.1:jws6-tomcat-selinux-0:10.1.36-19.redhat_00018.1.el8jws.noarch",
"8Base-JWS-6.1:jws6-tomcat-servlet-6.0-api-0:10.1.36-19.redhat_00018.1.el8jws.noarch",
"8Base-JWS-6.1:jws6-tomcat-webapps-0:10.1.36-19.redhat_00018.1.el8jws.noarch",
"9Base-JWS-6.1:jws6-tomcat-0:10.1.36-19.redhat_00018.1.el9jws.noarch",
"9Base-JWS-6.1:jws6-tomcat-0:10.1.36-19.redhat_00018.1.el9jws.src",
"9Base-JWS-6.1:jws6-tomcat-admin-webapps-0:10.1.36-19.redhat_00018.1.el9jws.noarch",
"9Base-JWS-6.1:jws6-tomcat-docs-webapp-0:10.1.36-19.redhat_00018.1.el9jws.noarch",
"9Base-JWS-6.1:jws6-tomcat-el-5.0-api-0:10.1.36-19.redhat_00018.1.el9jws.noarch",
"9Base-JWS-6.1:jws6-tomcat-javadoc-0:10.1.36-19.redhat_00018.1.el9jws.noarch",
"9Base-JWS-6.1:jws6-tomcat-jsp-3.1-api-0:10.1.36-19.redhat_00018.1.el9jws.noarch",
"9Base-JWS-6.1:jws6-tomcat-lib-0:10.1.36-19.redhat_00018.1.el9jws.noarch",
"9Base-JWS-6.1:jws6-tomcat-selinux-0:10.1.36-19.redhat_00018.1.el9jws.noarch",
"9Base-JWS-6.1:jws6-tomcat-servlet-6.0-api-0:10.1.36-19.redhat_00018.1.el9jws.noarch",
"9Base-JWS-6.1:jws6-tomcat-webapps-0:10.1.36-19.redhat_00018.1.el9jws.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-31651"
},
{
"category": "external",
"summary": "RHBZ#2362782",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2362782"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-31651",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31651"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-31651",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-31651"
},
{
"category": "external",
"summary": "https://lists.apache.org/list.html?announce@tomcat.apache.org",
"url": "https://lists.apache.org/list.html?announce@tomcat.apache.org"
}
],
"release_date": "2025-04-28T19:17:21.721000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-11-06T16:32:43+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"10Base-JWS-6.1:jws6-tomcat-0:10.1.36-19.redhat_00018.1.el10jws.noarch",
"10Base-JWS-6.1:jws6-tomcat-0:10.1.36-19.redhat_00018.1.el10jws.src",
"10Base-JWS-6.1:jws6-tomcat-admin-webapps-0:10.1.36-19.redhat_00018.1.el10jws.noarch",
"10Base-JWS-6.1:jws6-tomcat-docs-webapp-0:10.1.36-19.redhat_00018.1.el10jws.noarch",
"10Base-JWS-6.1:jws6-tomcat-el-5.0-api-0:10.1.36-19.redhat_00018.1.el10jws.noarch",
"10Base-JWS-6.1:jws6-tomcat-javadoc-0:10.1.36-19.redhat_00018.1.el10jws.noarch",
"10Base-JWS-6.1:jws6-tomcat-jsp-3.1-api-0:10.1.36-19.redhat_00018.1.el10jws.noarch",
"10Base-JWS-6.1:jws6-tomcat-lib-0:10.1.36-19.redhat_00018.1.el10jws.noarch",
"10Base-JWS-6.1:jws6-tomcat-selinux-0:10.1.36-19.redhat_00018.1.el10jws.noarch",
"10Base-JWS-6.1:jws6-tomcat-servlet-6.0-api-0:10.1.36-19.redhat_00018.1.el10jws.noarch",
"10Base-JWS-6.1:jws6-tomcat-webapps-0:10.1.36-19.redhat_00018.1.el10jws.noarch",
"8Base-JWS-6.1:jws6-tomcat-0:10.1.36-19.redhat_00018.1.el8jws.noarch",
"8Base-JWS-6.1:jws6-tomcat-0:10.1.36-19.redhat_00018.1.el8jws.src",
"8Base-JWS-6.1:jws6-tomcat-admin-webapps-0:10.1.36-19.redhat_00018.1.el8jws.noarch",
"8Base-JWS-6.1:jws6-tomcat-docs-webapp-0:10.1.36-19.redhat_00018.1.el8jws.noarch",
"8Base-JWS-6.1:jws6-tomcat-el-5.0-api-0:10.1.36-19.redhat_00018.1.el8jws.noarch",
"8Base-JWS-6.1:jws6-tomcat-javadoc-0:10.1.36-19.redhat_00018.1.el8jws.noarch",
"8Base-JWS-6.1:jws6-tomcat-jsp-3.1-api-0:10.1.36-19.redhat_00018.1.el8jws.noarch",
"8Base-JWS-6.1:jws6-tomcat-lib-0:10.1.36-19.redhat_00018.1.el8jws.noarch",
"8Base-JWS-6.1:jws6-tomcat-selinux-0:10.1.36-19.redhat_00018.1.el8jws.noarch",
"8Base-JWS-6.1:jws6-tomcat-servlet-6.0-api-0:10.1.36-19.redhat_00018.1.el8jws.noarch",
"8Base-JWS-6.1:jws6-tomcat-webapps-0:10.1.36-19.redhat_00018.1.el8jws.noarch",
"9Base-JWS-6.1:jws6-tomcat-0:10.1.36-19.redhat_00018.1.el9jws.noarch",
"9Base-JWS-6.1:jws6-tomcat-0:10.1.36-19.redhat_00018.1.el9jws.src",
"9Base-JWS-6.1:jws6-tomcat-admin-webapps-0:10.1.36-19.redhat_00018.1.el9jws.noarch",
"9Base-JWS-6.1:jws6-tomcat-docs-webapp-0:10.1.36-19.redhat_00018.1.el9jws.noarch",
"9Base-JWS-6.1:jws6-tomcat-el-5.0-api-0:10.1.36-19.redhat_00018.1.el9jws.noarch",
"9Base-JWS-6.1:jws6-tomcat-javadoc-0:10.1.36-19.redhat_00018.1.el9jws.noarch",
"9Base-JWS-6.1:jws6-tomcat-jsp-3.1-api-0:10.1.36-19.redhat_00018.1.el9jws.noarch",
"9Base-JWS-6.1:jws6-tomcat-lib-0:10.1.36-19.redhat_00018.1.el9jws.noarch",
"9Base-JWS-6.1:jws6-tomcat-selinux-0:10.1.36-19.redhat_00018.1.el9jws.noarch",
"9Base-JWS-6.1:jws6-tomcat-servlet-6.0-api-0:10.1.36-19.redhat_00018.1.el9jws.noarch",
"9Base-JWS-6.1:jws6-tomcat-webapps-0:10.1.36-19.redhat_00018.1.el9jws.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:19809"
},
{
"category": "workaround",
"details": "No mitigation is currently available that meets Red Hat Product Security\u2019s standards for usability, deployment, applicability, or stability.",
"product_ids": [
"10Base-JWS-6.1:jws6-tomcat-0:10.1.36-19.redhat_00018.1.el10jws.noarch",
"10Base-JWS-6.1:jws6-tomcat-0:10.1.36-19.redhat_00018.1.el10jws.src",
"10Base-JWS-6.1:jws6-tomcat-admin-webapps-0:10.1.36-19.redhat_00018.1.el10jws.noarch",
"10Base-JWS-6.1:jws6-tomcat-docs-webapp-0:10.1.36-19.redhat_00018.1.el10jws.noarch",
"10Base-JWS-6.1:jws6-tomcat-el-5.0-api-0:10.1.36-19.redhat_00018.1.el10jws.noarch",
"10Base-JWS-6.1:jws6-tomcat-javadoc-0:10.1.36-19.redhat_00018.1.el10jws.noarch",
"10Base-JWS-6.1:jws6-tomcat-jsp-3.1-api-0:10.1.36-19.redhat_00018.1.el10jws.noarch",
"10Base-JWS-6.1:jws6-tomcat-lib-0:10.1.36-19.redhat_00018.1.el10jws.noarch",
"10Base-JWS-6.1:jws6-tomcat-selinux-0:10.1.36-19.redhat_00018.1.el10jws.noarch",
"10Base-JWS-6.1:jws6-tomcat-servlet-6.0-api-0:10.1.36-19.redhat_00018.1.el10jws.noarch",
"10Base-JWS-6.1:jws6-tomcat-webapps-0:10.1.36-19.redhat_00018.1.el10jws.noarch",
"8Base-JWS-6.1:jws6-tomcat-0:10.1.36-19.redhat_00018.1.el8jws.noarch",
"8Base-JWS-6.1:jws6-tomcat-0:10.1.36-19.redhat_00018.1.el8jws.src",
"8Base-JWS-6.1:jws6-tomcat-admin-webapps-0:10.1.36-19.redhat_00018.1.el8jws.noarch",
"8Base-JWS-6.1:jws6-tomcat-docs-webapp-0:10.1.36-19.redhat_00018.1.el8jws.noarch",
"8Base-JWS-6.1:jws6-tomcat-el-5.0-api-0:10.1.36-19.redhat_00018.1.el8jws.noarch",
"8Base-JWS-6.1:jws6-tomcat-javadoc-0:10.1.36-19.redhat_00018.1.el8jws.noarch",
"8Base-JWS-6.1:jws6-tomcat-jsp-3.1-api-0:10.1.36-19.redhat_00018.1.el8jws.noarch",
"8Base-JWS-6.1:jws6-tomcat-lib-0:10.1.36-19.redhat_00018.1.el8jws.noarch",
"8Base-JWS-6.1:jws6-tomcat-selinux-0:10.1.36-19.redhat_00018.1.el8jws.noarch",
"8Base-JWS-6.1:jws6-tomcat-servlet-6.0-api-0:10.1.36-19.redhat_00018.1.el8jws.noarch",
"8Base-JWS-6.1:jws6-tomcat-webapps-0:10.1.36-19.redhat_00018.1.el8jws.noarch",
"9Base-JWS-6.1:jws6-tomcat-0:10.1.36-19.redhat_00018.1.el9jws.noarch",
"9Base-JWS-6.1:jws6-tomcat-0:10.1.36-19.redhat_00018.1.el9jws.src",
"9Base-JWS-6.1:jws6-tomcat-admin-webapps-0:10.1.36-19.redhat_00018.1.el9jws.noarch",
"9Base-JWS-6.1:jws6-tomcat-docs-webapp-0:10.1.36-19.redhat_00018.1.el9jws.noarch",
"9Base-JWS-6.1:jws6-tomcat-el-5.0-api-0:10.1.36-19.redhat_00018.1.el9jws.noarch",
"9Base-JWS-6.1:jws6-tomcat-javadoc-0:10.1.36-19.redhat_00018.1.el9jws.noarch",
"9Base-JWS-6.1:jws6-tomcat-jsp-3.1-api-0:10.1.36-19.redhat_00018.1.el9jws.noarch",
"9Base-JWS-6.1:jws6-tomcat-lib-0:10.1.36-19.redhat_00018.1.el9jws.noarch",
"9Base-JWS-6.1:jws6-tomcat-selinux-0:10.1.36-19.redhat_00018.1.el9jws.noarch",
"9Base-JWS-6.1:jws6-tomcat-servlet-6.0-api-0:10.1.36-19.redhat_00018.1.el9jws.noarch",
"9Base-JWS-6.1:jws6-tomcat-webapps-0:10.1.36-19.redhat_00018.1.el9jws.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"10Base-JWS-6.1:jws6-tomcat-0:10.1.36-19.redhat_00018.1.el10jws.noarch",
"10Base-JWS-6.1:jws6-tomcat-0:10.1.36-19.redhat_00018.1.el10jws.src",
"10Base-JWS-6.1:jws6-tomcat-admin-webapps-0:10.1.36-19.redhat_00018.1.el10jws.noarch",
"10Base-JWS-6.1:jws6-tomcat-docs-webapp-0:10.1.36-19.redhat_00018.1.el10jws.noarch",
"10Base-JWS-6.1:jws6-tomcat-el-5.0-api-0:10.1.36-19.redhat_00018.1.el10jws.noarch",
"10Base-JWS-6.1:jws6-tomcat-javadoc-0:10.1.36-19.redhat_00018.1.el10jws.noarch",
"10Base-JWS-6.1:jws6-tomcat-jsp-3.1-api-0:10.1.36-19.redhat_00018.1.el10jws.noarch",
"10Base-JWS-6.1:jws6-tomcat-lib-0:10.1.36-19.redhat_00018.1.el10jws.noarch",
"10Base-JWS-6.1:jws6-tomcat-selinux-0:10.1.36-19.redhat_00018.1.el10jws.noarch",
"10Base-JWS-6.1:jws6-tomcat-servlet-6.0-api-0:10.1.36-19.redhat_00018.1.el10jws.noarch",
"10Base-JWS-6.1:jws6-tomcat-webapps-0:10.1.36-19.redhat_00018.1.el10jws.noarch",
"8Base-JWS-6.1:jws6-tomcat-0:10.1.36-19.redhat_00018.1.el8jws.noarch",
"8Base-JWS-6.1:jws6-tomcat-0:10.1.36-19.redhat_00018.1.el8jws.src",
"8Base-JWS-6.1:jws6-tomcat-admin-webapps-0:10.1.36-19.redhat_00018.1.el8jws.noarch",
"8Base-JWS-6.1:jws6-tomcat-docs-webapp-0:10.1.36-19.redhat_00018.1.el8jws.noarch",
"8Base-JWS-6.1:jws6-tomcat-el-5.0-api-0:10.1.36-19.redhat_00018.1.el8jws.noarch",
"8Base-JWS-6.1:jws6-tomcat-javadoc-0:10.1.36-19.redhat_00018.1.el8jws.noarch",
"8Base-JWS-6.1:jws6-tomcat-jsp-3.1-api-0:10.1.36-19.redhat_00018.1.el8jws.noarch",
"8Base-JWS-6.1:jws6-tomcat-lib-0:10.1.36-19.redhat_00018.1.el8jws.noarch",
"8Base-JWS-6.1:jws6-tomcat-selinux-0:10.1.36-19.redhat_00018.1.el8jws.noarch",
"8Base-JWS-6.1:jws6-tomcat-servlet-6.0-api-0:10.1.36-19.redhat_00018.1.el8jws.noarch",
"8Base-JWS-6.1:jws6-tomcat-webapps-0:10.1.36-19.redhat_00018.1.el8jws.noarch",
"9Base-JWS-6.1:jws6-tomcat-0:10.1.36-19.redhat_00018.1.el9jws.noarch",
"9Base-JWS-6.1:jws6-tomcat-0:10.1.36-19.redhat_00018.1.el9jws.src",
"9Base-JWS-6.1:jws6-tomcat-admin-webapps-0:10.1.36-19.redhat_00018.1.el9jws.noarch",
"9Base-JWS-6.1:jws6-tomcat-docs-webapp-0:10.1.36-19.redhat_00018.1.el9jws.noarch",
"9Base-JWS-6.1:jws6-tomcat-el-5.0-api-0:10.1.36-19.redhat_00018.1.el9jws.noarch",
"9Base-JWS-6.1:jws6-tomcat-javadoc-0:10.1.36-19.redhat_00018.1.el9jws.noarch",
"9Base-JWS-6.1:jws6-tomcat-jsp-3.1-api-0:10.1.36-19.redhat_00018.1.el9jws.noarch",
"9Base-JWS-6.1:jws6-tomcat-lib-0:10.1.36-19.redhat_00018.1.el9jws.noarch",
"9Base-JWS-6.1:jws6-tomcat-selinux-0:10.1.36-19.redhat_00018.1.el9jws.noarch",
"9Base-JWS-6.1:jws6-tomcat-servlet-6.0-api-0:10.1.36-19.redhat_00018.1.el9jws.noarch",
"9Base-JWS-6.1:jws6-tomcat-webapps-0:10.1.36-19.redhat_00018.1.el9jws.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "tomcat: Apache Tomcat: Bypass of rules in Rewrite Valve"
},
{
"cve": "CVE-2025-55752",
"cwe": {
"id": "CWE-23",
"name": "Relative Path Traversal"
},
"discovery_date": "2025-10-27T18:01:22.818037+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2406591"
}
],
"notes": [
{
"category": "description",
"text": "A directory traversal vulnerability in Apache Tomcat caused by improper URL normalization during request rewriting. When specific rewrite rules are used, an attacker could craft a malicious request to bypass access restrictions and reach protected directories such as /WEB-INF/ or /META-INF/. If HTTP PUT requests are also enabled, this flaw could allow the upload of malicious files, potentially leading to remote code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: org.apache.tomcat/tomcat-catalina: Apache Tomcat: Directory traversal via rewrite with possible RCE",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated as Important rather than Critical because successful exploitation depends on specific, non-default configuration conditions. The flaw only becomes exploitable when both URL rewriting rules that modify the request path are in use and HTTP PUT requests are enabled \u2014 a feature typically restricted to administrative or trusted users. In standard Tomcat deployments, PUT is disabled or tightly controlled, and rewrite configurations rarely expose sensitive paths. Therefore, while the issue could theoretically lead to remote code execution, the limited attack surface and requirement for uncommon setup conditions significantly reduce its overall risk level.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"10Base-JWS-6.1:jws6-tomcat-0:10.1.36-19.redhat_00018.1.el10jws.noarch",
"10Base-JWS-6.1:jws6-tomcat-0:10.1.36-19.redhat_00018.1.el10jws.src",
"10Base-JWS-6.1:jws6-tomcat-admin-webapps-0:10.1.36-19.redhat_00018.1.el10jws.noarch",
"10Base-JWS-6.1:jws6-tomcat-docs-webapp-0:10.1.36-19.redhat_00018.1.el10jws.noarch",
"10Base-JWS-6.1:jws6-tomcat-el-5.0-api-0:10.1.36-19.redhat_00018.1.el10jws.noarch",
"10Base-JWS-6.1:jws6-tomcat-javadoc-0:10.1.36-19.redhat_00018.1.el10jws.noarch",
"10Base-JWS-6.1:jws6-tomcat-jsp-3.1-api-0:10.1.36-19.redhat_00018.1.el10jws.noarch",
"10Base-JWS-6.1:jws6-tomcat-lib-0:10.1.36-19.redhat_00018.1.el10jws.noarch",
"10Base-JWS-6.1:jws6-tomcat-selinux-0:10.1.36-19.redhat_00018.1.el10jws.noarch",
"10Base-JWS-6.1:jws6-tomcat-servlet-6.0-api-0:10.1.36-19.redhat_00018.1.el10jws.noarch",
"10Base-JWS-6.1:jws6-tomcat-webapps-0:10.1.36-19.redhat_00018.1.el10jws.noarch",
"8Base-JWS-6.1:jws6-tomcat-0:10.1.36-19.redhat_00018.1.el8jws.noarch",
"8Base-JWS-6.1:jws6-tomcat-0:10.1.36-19.redhat_00018.1.el8jws.src",
"8Base-JWS-6.1:jws6-tomcat-admin-webapps-0:10.1.36-19.redhat_00018.1.el8jws.noarch",
"8Base-JWS-6.1:jws6-tomcat-docs-webapp-0:10.1.36-19.redhat_00018.1.el8jws.noarch",
"8Base-JWS-6.1:jws6-tomcat-el-5.0-api-0:10.1.36-19.redhat_00018.1.el8jws.noarch",
"8Base-JWS-6.1:jws6-tomcat-javadoc-0:10.1.36-19.redhat_00018.1.el8jws.noarch",
"8Base-JWS-6.1:jws6-tomcat-jsp-3.1-api-0:10.1.36-19.redhat_00018.1.el8jws.noarch",
"8Base-JWS-6.1:jws6-tomcat-lib-0:10.1.36-19.redhat_00018.1.el8jws.noarch",
"8Base-JWS-6.1:jws6-tomcat-selinux-0:10.1.36-19.redhat_00018.1.el8jws.noarch",
"8Base-JWS-6.1:jws6-tomcat-servlet-6.0-api-0:10.1.36-19.redhat_00018.1.el8jws.noarch",
"8Base-JWS-6.1:jws6-tomcat-webapps-0:10.1.36-19.redhat_00018.1.el8jws.noarch",
"9Base-JWS-6.1:jws6-tomcat-0:10.1.36-19.redhat_00018.1.el9jws.noarch",
"9Base-JWS-6.1:jws6-tomcat-0:10.1.36-19.redhat_00018.1.el9jws.src",
"9Base-JWS-6.1:jws6-tomcat-admin-webapps-0:10.1.36-19.redhat_00018.1.el9jws.noarch",
"9Base-JWS-6.1:jws6-tomcat-docs-webapp-0:10.1.36-19.redhat_00018.1.el9jws.noarch",
"9Base-JWS-6.1:jws6-tomcat-el-5.0-api-0:10.1.36-19.redhat_00018.1.el9jws.noarch",
"9Base-JWS-6.1:jws6-tomcat-javadoc-0:10.1.36-19.redhat_00018.1.el9jws.noarch",
"9Base-JWS-6.1:jws6-tomcat-jsp-3.1-api-0:10.1.36-19.redhat_00018.1.el9jws.noarch",
"9Base-JWS-6.1:jws6-tomcat-lib-0:10.1.36-19.redhat_00018.1.el9jws.noarch",
"9Base-JWS-6.1:jws6-tomcat-selinux-0:10.1.36-19.redhat_00018.1.el9jws.noarch",
"9Base-JWS-6.1:jws6-tomcat-servlet-6.0-api-0:10.1.36-19.redhat_00018.1.el9jws.noarch",
"9Base-JWS-6.1:jws6-tomcat-webapps-0:10.1.36-19.redhat_00018.1.el9jws.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-55752"
},
{
"category": "external",
"summary": "RHBZ#2406591",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2406591"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-55752",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55752"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-55752",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-55752"
},
{
"category": "external",
"summary": "https://github.com/apache/tomcat/commit/fec06c610ed7466b401e29cc567a58aee5ed826a",
"url": "https://github.com/apache/tomcat/commit/fec06c610ed7466b401e29cc567a58aee5ed826a"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/n05kjcwyj1s45ovs8ll1qrrojhfb1tog",
"url": "https://lists.apache.org/thread/n05kjcwyj1s45ovs8ll1qrrojhfb1tog"
}
],
"release_date": "2025-10-27T17:29:56.060000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-11-06T16:32:43+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"10Base-JWS-6.1:jws6-tomcat-0:10.1.36-19.redhat_00018.1.el10jws.noarch",
"10Base-JWS-6.1:jws6-tomcat-0:10.1.36-19.redhat_00018.1.el10jws.src",
"10Base-JWS-6.1:jws6-tomcat-admin-webapps-0:10.1.36-19.redhat_00018.1.el10jws.noarch",
"10Base-JWS-6.1:jws6-tomcat-docs-webapp-0:10.1.36-19.redhat_00018.1.el10jws.noarch",
"10Base-JWS-6.1:jws6-tomcat-el-5.0-api-0:10.1.36-19.redhat_00018.1.el10jws.noarch",
"10Base-JWS-6.1:jws6-tomcat-javadoc-0:10.1.36-19.redhat_00018.1.el10jws.noarch",
"10Base-JWS-6.1:jws6-tomcat-jsp-3.1-api-0:10.1.36-19.redhat_00018.1.el10jws.noarch",
"10Base-JWS-6.1:jws6-tomcat-lib-0:10.1.36-19.redhat_00018.1.el10jws.noarch",
"10Base-JWS-6.1:jws6-tomcat-selinux-0:10.1.36-19.redhat_00018.1.el10jws.noarch",
"10Base-JWS-6.1:jws6-tomcat-servlet-6.0-api-0:10.1.36-19.redhat_00018.1.el10jws.noarch",
"10Base-JWS-6.1:jws6-tomcat-webapps-0:10.1.36-19.redhat_00018.1.el10jws.noarch",
"8Base-JWS-6.1:jws6-tomcat-0:10.1.36-19.redhat_00018.1.el8jws.noarch",
"8Base-JWS-6.1:jws6-tomcat-0:10.1.36-19.redhat_00018.1.el8jws.src",
"8Base-JWS-6.1:jws6-tomcat-admin-webapps-0:10.1.36-19.redhat_00018.1.el8jws.noarch",
"8Base-JWS-6.1:jws6-tomcat-docs-webapp-0:10.1.36-19.redhat_00018.1.el8jws.noarch",
"8Base-JWS-6.1:jws6-tomcat-el-5.0-api-0:10.1.36-19.redhat_00018.1.el8jws.noarch",
"8Base-JWS-6.1:jws6-tomcat-javadoc-0:10.1.36-19.redhat_00018.1.el8jws.noarch",
"8Base-JWS-6.1:jws6-tomcat-jsp-3.1-api-0:10.1.36-19.redhat_00018.1.el8jws.noarch",
"8Base-JWS-6.1:jws6-tomcat-lib-0:10.1.36-19.redhat_00018.1.el8jws.noarch",
"8Base-JWS-6.1:jws6-tomcat-selinux-0:10.1.36-19.redhat_00018.1.el8jws.noarch",
"8Base-JWS-6.1:jws6-tomcat-servlet-6.0-api-0:10.1.36-19.redhat_00018.1.el8jws.noarch",
"8Base-JWS-6.1:jws6-tomcat-webapps-0:10.1.36-19.redhat_00018.1.el8jws.noarch",
"9Base-JWS-6.1:jws6-tomcat-0:10.1.36-19.redhat_00018.1.el9jws.noarch",
"9Base-JWS-6.1:jws6-tomcat-0:10.1.36-19.redhat_00018.1.el9jws.src",
"9Base-JWS-6.1:jws6-tomcat-admin-webapps-0:10.1.36-19.redhat_00018.1.el9jws.noarch",
"9Base-JWS-6.1:jws6-tomcat-docs-webapp-0:10.1.36-19.redhat_00018.1.el9jws.noarch",
"9Base-JWS-6.1:jws6-tomcat-el-5.0-api-0:10.1.36-19.redhat_00018.1.el9jws.noarch",
"9Base-JWS-6.1:jws6-tomcat-javadoc-0:10.1.36-19.redhat_00018.1.el9jws.noarch",
"9Base-JWS-6.1:jws6-tomcat-jsp-3.1-api-0:10.1.36-19.redhat_00018.1.el9jws.noarch",
"9Base-JWS-6.1:jws6-tomcat-lib-0:10.1.36-19.redhat_00018.1.el9jws.noarch",
"9Base-JWS-6.1:jws6-tomcat-selinux-0:10.1.36-19.redhat_00018.1.el9jws.noarch",
"9Base-JWS-6.1:jws6-tomcat-servlet-6.0-api-0:10.1.36-19.redhat_00018.1.el9jws.noarch",
"9Base-JWS-6.1:jws6-tomcat-webapps-0:10.1.36-19.redhat_00018.1.el9jws.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:19809"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.\n\nTo reduced the risk, by disabling or strictly limiting the use of HTTP PUT requests to trusted, authenticated users only. Additionally, administrators should review and adjust URL rewrite rules to ensure they do not manipulate request paths in ways that could expose protected directories such as /WEB-INF/ or /META-INF/. Implementing strict access controls and monitoring for unexpected rewrite or upload behavior can further minimize potential exploitation.",
"product_ids": [
"10Base-JWS-6.1:jws6-tomcat-0:10.1.36-19.redhat_00018.1.el10jws.noarch",
"10Base-JWS-6.1:jws6-tomcat-0:10.1.36-19.redhat_00018.1.el10jws.src",
"10Base-JWS-6.1:jws6-tomcat-admin-webapps-0:10.1.36-19.redhat_00018.1.el10jws.noarch",
"10Base-JWS-6.1:jws6-tomcat-docs-webapp-0:10.1.36-19.redhat_00018.1.el10jws.noarch",
"10Base-JWS-6.1:jws6-tomcat-el-5.0-api-0:10.1.36-19.redhat_00018.1.el10jws.noarch",
"10Base-JWS-6.1:jws6-tomcat-javadoc-0:10.1.36-19.redhat_00018.1.el10jws.noarch",
"10Base-JWS-6.1:jws6-tomcat-jsp-3.1-api-0:10.1.36-19.redhat_00018.1.el10jws.noarch",
"10Base-JWS-6.1:jws6-tomcat-lib-0:10.1.36-19.redhat_00018.1.el10jws.noarch",
"10Base-JWS-6.1:jws6-tomcat-selinux-0:10.1.36-19.redhat_00018.1.el10jws.noarch",
"10Base-JWS-6.1:jws6-tomcat-servlet-6.0-api-0:10.1.36-19.redhat_00018.1.el10jws.noarch",
"10Base-JWS-6.1:jws6-tomcat-webapps-0:10.1.36-19.redhat_00018.1.el10jws.noarch",
"8Base-JWS-6.1:jws6-tomcat-0:10.1.36-19.redhat_00018.1.el8jws.noarch",
"8Base-JWS-6.1:jws6-tomcat-0:10.1.36-19.redhat_00018.1.el8jws.src",
"8Base-JWS-6.1:jws6-tomcat-admin-webapps-0:10.1.36-19.redhat_00018.1.el8jws.noarch",
"8Base-JWS-6.1:jws6-tomcat-docs-webapp-0:10.1.36-19.redhat_00018.1.el8jws.noarch",
"8Base-JWS-6.1:jws6-tomcat-el-5.0-api-0:10.1.36-19.redhat_00018.1.el8jws.noarch",
"8Base-JWS-6.1:jws6-tomcat-javadoc-0:10.1.36-19.redhat_00018.1.el8jws.noarch",
"8Base-JWS-6.1:jws6-tomcat-jsp-3.1-api-0:10.1.36-19.redhat_00018.1.el8jws.noarch",
"8Base-JWS-6.1:jws6-tomcat-lib-0:10.1.36-19.redhat_00018.1.el8jws.noarch",
"8Base-JWS-6.1:jws6-tomcat-selinux-0:10.1.36-19.redhat_00018.1.el8jws.noarch",
"8Base-JWS-6.1:jws6-tomcat-servlet-6.0-api-0:10.1.36-19.redhat_00018.1.el8jws.noarch",
"8Base-JWS-6.1:jws6-tomcat-webapps-0:10.1.36-19.redhat_00018.1.el8jws.noarch",
"9Base-JWS-6.1:jws6-tomcat-0:10.1.36-19.redhat_00018.1.el9jws.noarch",
"9Base-JWS-6.1:jws6-tomcat-0:10.1.36-19.redhat_00018.1.el9jws.src",
"9Base-JWS-6.1:jws6-tomcat-admin-webapps-0:10.1.36-19.redhat_00018.1.el9jws.noarch",
"9Base-JWS-6.1:jws6-tomcat-docs-webapp-0:10.1.36-19.redhat_00018.1.el9jws.noarch",
"9Base-JWS-6.1:jws6-tomcat-el-5.0-api-0:10.1.36-19.redhat_00018.1.el9jws.noarch",
"9Base-JWS-6.1:jws6-tomcat-javadoc-0:10.1.36-19.redhat_00018.1.el9jws.noarch",
"9Base-JWS-6.1:jws6-tomcat-jsp-3.1-api-0:10.1.36-19.redhat_00018.1.el9jws.noarch",
"9Base-JWS-6.1:jws6-tomcat-lib-0:10.1.36-19.redhat_00018.1.el9jws.noarch",
"9Base-JWS-6.1:jws6-tomcat-selinux-0:10.1.36-19.redhat_00018.1.el9jws.noarch",
"9Base-JWS-6.1:jws6-tomcat-servlet-6.0-api-0:10.1.36-19.redhat_00018.1.el9jws.noarch",
"9Base-JWS-6.1:jws6-tomcat-webapps-0:10.1.36-19.redhat_00018.1.el9jws.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"10Base-JWS-6.1:jws6-tomcat-0:10.1.36-19.redhat_00018.1.el10jws.noarch",
"10Base-JWS-6.1:jws6-tomcat-0:10.1.36-19.redhat_00018.1.el10jws.src",
"10Base-JWS-6.1:jws6-tomcat-admin-webapps-0:10.1.36-19.redhat_00018.1.el10jws.noarch",
"10Base-JWS-6.1:jws6-tomcat-docs-webapp-0:10.1.36-19.redhat_00018.1.el10jws.noarch",
"10Base-JWS-6.1:jws6-tomcat-el-5.0-api-0:10.1.36-19.redhat_00018.1.el10jws.noarch",
"10Base-JWS-6.1:jws6-tomcat-javadoc-0:10.1.36-19.redhat_00018.1.el10jws.noarch",
"10Base-JWS-6.1:jws6-tomcat-jsp-3.1-api-0:10.1.36-19.redhat_00018.1.el10jws.noarch",
"10Base-JWS-6.1:jws6-tomcat-lib-0:10.1.36-19.redhat_00018.1.el10jws.noarch",
"10Base-JWS-6.1:jws6-tomcat-selinux-0:10.1.36-19.redhat_00018.1.el10jws.noarch",
"10Base-JWS-6.1:jws6-tomcat-servlet-6.0-api-0:10.1.36-19.redhat_00018.1.el10jws.noarch",
"10Base-JWS-6.1:jws6-tomcat-webapps-0:10.1.36-19.redhat_00018.1.el10jws.noarch",
"8Base-JWS-6.1:jws6-tomcat-0:10.1.36-19.redhat_00018.1.el8jws.noarch",
"8Base-JWS-6.1:jws6-tomcat-0:10.1.36-19.redhat_00018.1.el8jws.src",
"8Base-JWS-6.1:jws6-tomcat-admin-webapps-0:10.1.36-19.redhat_00018.1.el8jws.noarch",
"8Base-JWS-6.1:jws6-tomcat-docs-webapp-0:10.1.36-19.redhat_00018.1.el8jws.noarch",
"8Base-JWS-6.1:jws6-tomcat-el-5.0-api-0:10.1.36-19.redhat_00018.1.el8jws.noarch",
"8Base-JWS-6.1:jws6-tomcat-javadoc-0:10.1.36-19.redhat_00018.1.el8jws.noarch",
"8Base-JWS-6.1:jws6-tomcat-jsp-3.1-api-0:10.1.36-19.redhat_00018.1.el8jws.noarch",
"8Base-JWS-6.1:jws6-tomcat-lib-0:10.1.36-19.redhat_00018.1.el8jws.noarch",
"8Base-JWS-6.1:jws6-tomcat-selinux-0:10.1.36-19.redhat_00018.1.el8jws.noarch",
"8Base-JWS-6.1:jws6-tomcat-servlet-6.0-api-0:10.1.36-19.redhat_00018.1.el8jws.noarch",
"8Base-JWS-6.1:jws6-tomcat-webapps-0:10.1.36-19.redhat_00018.1.el8jws.noarch",
"9Base-JWS-6.1:jws6-tomcat-0:10.1.36-19.redhat_00018.1.el9jws.noarch",
"9Base-JWS-6.1:jws6-tomcat-0:10.1.36-19.redhat_00018.1.el9jws.src",
"9Base-JWS-6.1:jws6-tomcat-admin-webapps-0:10.1.36-19.redhat_00018.1.el9jws.noarch",
"9Base-JWS-6.1:jws6-tomcat-docs-webapp-0:10.1.36-19.redhat_00018.1.el9jws.noarch",
"9Base-JWS-6.1:jws6-tomcat-el-5.0-api-0:10.1.36-19.redhat_00018.1.el9jws.noarch",
"9Base-JWS-6.1:jws6-tomcat-javadoc-0:10.1.36-19.redhat_00018.1.el9jws.noarch",
"9Base-JWS-6.1:jws6-tomcat-jsp-3.1-api-0:10.1.36-19.redhat_00018.1.el9jws.noarch",
"9Base-JWS-6.1:jws6-tomcat-lib-0:10.1.36-19.redhat_00018.1.el9jws.noarch",
"9Base-JWS-6.1:jws6-tomcat-selinux-0:10.1.36-19.redhat_00018.1.el9jws.noarch",
"9Base-JWS-6.1:jws6-tomcat-servlet-6.0-api-0:10.1.36-19.redhat_00018.1.el9jws.noarch",
"9Base-JWS-6.1:jws6-tomcat-webapps-0:10.1.36-19.redhat_00018.1.el9jws.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "tomcat: org.apache.tomcat/tomcat-catalina: Apache Tomcat: Directory traversal via rewrite with possible RCE"
}
]
}
rhsa-2025:19810
Vulnerability from csaf_redhat
Published
2025-11-06 16:24
Modified
2025-11-21 19:30
Summary
Red Hat Security Advisory: Red Hat JBoss Web Server 6.1.3 release and security update
Notes
Topic
Red Hat JBoss Web Server 6.1.3 zip release is now available for Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9, Red Hat Enterprise Linux 10, and Windows Server.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache Tomcat Servlet container, JBoss HTTP Connector (mod_cluster), the PicketLink Vault extension for Apache Tomcat, and the Tomcat Native library.
This release of Red Hat JBoss Web Server 6.1.3 serves as a replacement for Red Hat JBoss Web Server 6.1.2. This release includes bug fixes, enhancements and component upgrades, which are documented in the Release Notes that are linked to in the References section.
Security Fix(es):
* tomcat-catalina: Apache Tomcat: Directory traversal via rewrite with possible RCE [jws-6] (CVE-2025-55752)
* tomcat: Apache Tomcat: Bypass of rules in Rewrite Valve [jws-6] (CVE-2025-31651)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat JBoss Web Server 6.1.3 zip release is now available for Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9, Red Hat Enterprise Linux 10, and Windows Server.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache Tomcat Servlet container, JBoss HTTP Connector (mod_cluster), the PicketLink Vault extension for Apache Tomcat, and the Tomcat Native library.\n\nThis release of Red Hat JBoss Web Server 6.1.3 serves as a replacement for Red Hat JBoss Web Server 6.1.2. This release includes bug fixes, enhancements and component upgrades, which are documented in the Release Notes that are linked to in the References section.\n\nSecurity Fix(es):\n\n* tomcat-catalina: Apache Tomcat: Directory traversal via rewrite with possible RCE [jws-6] (CVE-2025-55752)\n* tomcat: Apache Tomcat: Bypass of rules in Rewrite Valve [jws-6] (CVE-2025-31651)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:19810",
"url": "https://access.redhat.com/errata/RHSA-2025:19810"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_jboss_web_server/6.1/html/red_hat_jboss_web_server_6.1_service_pack_3_release_notes/index",
"url": "https://docs.redhat.com/en/documentation/red_hat_jboss_web_server/6.1/html/red_hat_jboss_web_server_6.1_service_pack_3_release_notes/index"
},
{
"category": "external",
"summary": "2362782",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2362782"
},
{
"category": "external",
"summary": "2406591",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2406591"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_19810.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Web Server 6.1.3 release and security update",
"tracking": {
"current_release_date": "2025-11-21T19:30:27+00:00",
"generator": {
"date": "2025-11-21T19:30:27+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2025:19810",
"initial_release_date": "2025-11-06T16:24:24+00:00",
"revision_history": [
{
"date": "2025-11-06T16:24:24+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-11-06T16:24:24+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T19:30:27+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss Web Server 6.1.3",
"product": {
"name": "Red Hat JBoss Web Server 6.1.3",
"product_id": "Red Hat JBoss Web Server 6.1.3",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_web_server:6.1"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Web Server"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-31651",
"cwe": {
"id": "CWE-150",
"name": "Improper Neutralization of Escape, Meta, or Control Sequences"
},
"discovery_date": "2025-04-28T20:00:56.551028+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2362782"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache Tomcat\u0027s rewrite rule processing component. This vulnerability allows security constraints to be bypassed via specially crafted HTTP requests when specific, uncommon rewrite rule configurations are in use.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: Apache Tomcat: Bypass of rules in Rewrite Valve",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated as Low severity because it only manifests under a narrow set of conditions involving uncommon and non-default rewrite rule configurations that rely on specific patterns in the raw requestURI, including path parameters. In most deployments, rewrite rules operate on decoded and normalized URIs or are used for non-security-critical purposes like routing. Furthermore, Tomcat\u2019s internal processing already normalizes and removes path parameters (;-delimited) before applying security constraints, meaning any bypass would only be feasible if the rewrite logic directly enforced security (which is a poor practice). The flaw does not allow direct code execution, data leakage, or privilege escalation unless the rewrite rule was explicitly misused as a substitute for proper access control. \n\nIts impact is further mitigated by the fact that rewrite rules are not typically relied upon for access enforcement. As such, while the bug may lead to incorrect rule evaluation under certain edge-case configurations, it does not represent a significant security risk in practice.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Web Server 6.1.3"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-31651"
},
{
"category": "external",
"summary": "RHBZ#2362782",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2362782"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-31651",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31651"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-31651",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-31651"
},
{
"category": "external",
"summary": "https://lists.apache.org/list.html?announce@tomcat.apache.org",
"url": "https://lists.apache.org/list.html?announce@tomcat.apache.org"
}
],
"release_date": "2025-04-28T19:17:21.721000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-11-06T16:24:24+00:00",
"details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation, including all applications and configuration files.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.",
"product_ids": [
"Red Hat JBoss Web Server 6.1.3"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:19810"
},
{
"category": "workaround",
"details": "No mitigation is currently available that meets Red Hat Product Security\u2019s standards for usability, deployment, applicability, or stability.",
"product_ids": [
"Red Hat JBoss Web Server 6.1.3"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"Red Hat JBoss Web Server 6.1.3"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "tomcat: Apache Tomcat: Bypass of rules in Rewrite Valve"
},
{
"cve": "CVE-2025-55752",
"cwe": {
"id": "CWE-23",
"name": "Relative Path Traversal"
},
"discovery_date": "2025-10-27T18:01:22.818037+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2406591"
}
],
"notes": [
{
"category": "description",
"text": "A directory traversal vulnerability in Apache Tomcat caused by improper URL normalization during request rewriting. When specific rewrite rules are used, an attacker could craft a malicious request to bypass access restrictions and reach protected directories such as /WEB-INF/ or /META-INF/. If HTTP PUT requests are also enabled, this flaw could allow the upload of malicious files, potentially leading to remote code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: org.apache.tomcat/tomcat-catalina: Apache Tomcat: Directory traversal via rewrite with possible RCE",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated as Important rather than Critical because successful exploitation depends on specific, non-default configuration conditions. The flaw only becomes exploitable when both URL rewriting rules that modify the request path are in use and HTTP PUT requests are enabled \u2014 a feature typically restricted to administrative or trusted users. In standard Tomcat deployments, PUT is disabled or tightly controlled, and rewrite configurations rarely expose sensitive paths. Therefore, while the issue could theoretically lead to remote code execution, the limited attack surface and requirement for uncommon setup conditions significantly reduce its overall risk level.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Web Server 6.1.3"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-55752"
},
{
"category": "external",
"summary": "RHBZ#2406591",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2406591"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-55752",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55752"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-55752",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-55752"
},
{
"category": "external",
"summary": "https://github.com/apache/tomcat/commit/fec06c610ed7466b401e29cc567a58aee5ed826a",
"url": "https://github.com/apache/tomcat/commit/fec06c610ed7466b401e29cc567a58aee5ed826a"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/n05kjcwyj1s45ovs8ll1qrrojhfb1tog",
"url": "https://lists.apache.org/thread/n05kjcwyj1s45ovs8ll1qrrojhfb1tog"
}
],
"release_date": "2025-10-27T17:29:56.060000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-11-06T16:24:24+00:00",
"details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation, including all applications and configuration files.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.",
"product_ids": [
"Red Hat JBoss Web Server 6.1.3"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:19810"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.\n\nTo reduced the risk, by disabling or strictly limiting the use of HTTP PUT requests to trusted, authenticated users only. Additionally, administrators should review and adjust URL rewrite rules to ensure they do not manipulate request paths in ways that could expose protected directories such as /WEB-INF/ or /META-INF/. Implementing strict access controls and monitoring for unexpected rewrite or upload behavior can further minimize potential exploitation.",
"product_ids": [
"Red Hat JBoss Web Server 6.1.3"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss Web Server 6.1.3"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "tomcat: org.apache.tomcat/tomcat-catalina: Apache Tomcat: Directory traversal via rewrite with possible RCE"
}
]
}
CERTFR-2025-AVI-0967
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits VMware. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| VMware | Tanzu Platform | File Integrity Monitoring pour VMware Tanzu Platform versions antérieures à 2.1.49 | ||
| VMware | Tanzu Platform | Cloud Service Broker pour Azure pour VMware Tanzu Platform versions antérieures à 1.13.1 | ||
| VMware | Tanzu Platform | AI Services pour VMware Tanzu Platform versions antérieures à 10.3.0 | ||
| VMware | Tanzu Platform | Scheduler pour VMware Tanzu Platform versions antérieures à 2.0.21 | ||
| VMware | Tanzu Platform | Foundation Core pour VMware Tanzu Platform versions antérieures à 3.1.4 | ||
| VMware | Tanzu Platform | Elastic Application Runtime pour VMware Tanzu Platform versions antérieures à 10.2.4+LTS-T | ||
| VMware | Tanzu Platform | Isolation Segmentation pour VMware Tanzu Platform versions antérieures à 6.0.21+LTS-T | ||
| VMware | Tanzu Platform | .NET Core Buildpack versions antérieures à 2.4.64 | ||
| VMware | Tanzu Platform | VMware Tanzu Data Flow sur Tanzu Platform versions antérieures à 2.0.0 | ||
| VMware | Tanzu Platform | Isolation Segmentation pour VMware Tanzu Platform versions antérieures à 10.2.4 | ||
| VMware | Tanzu Platform | CredHub Secrets Management pour VMware Tanzu Platform versions antérieures à 1.6.7 | ||
| VMware | Tanzu Platform | Extended App Support pour Tanzu Platform versions antérieures à 1.0.8 | ||
| VMware | Tanzu Platform | Go Buildpack versions antérieures à 1.10.57 | ||
| VMware | Tanzu Platform | VMware Tanzu RabbitMQ sur Tanzu Platform versions antérieures à 10.1.0 | ||
| VMware | Tanzu Platform | NodeJS Buildpack versions antérieures à 1.8.61 | ||
| VMware | Tanzu Platform | Foundation Core pour VMware Tanzu Platform versions antérieures à 3.2.0 | ||
| VMware | Tanzu Platform | Application Services pour VMware Tanzu Platform versions antérieures à 3.3.11 | ||
| VMware | Tanzu Platform | IPsec Encryption pour VMware Tanzu Platform versions antérieures à 1.9.68 |
References
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "File Integrity Monitoring pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 2.1.49",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Cloud Service Broker pour Azure pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 1.13.1",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "AI Services pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 10.3.0",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Scheduler pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 2.0.21",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Foundation Core pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 3.1.4",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Elastic Application Runtime pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 10.2.4+LTS-T",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Isolation Segmentation pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 6.0.21+LTS-T",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": ".NET Core Buildpack versions ant\u00e9rieures \u00e0 2.4.64",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "VMware Tanzu Data Flow sur Tanzu Platform versions ant\u00e9rieures \u00e0 2.0.0",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Isolation Segmentation pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 10.2.4",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "CredHub Secrets Management pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 1.6.7",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Extended App Support pour Tanzu Platform versions ant\u00e9rieures \u00e0 1.0.8",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Go Buildpack versions ant\u00e9rieures \u00e0 1.10.57",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "VMware Tanzu RabbitMQ sur Tanzu Platform versions ant\u00e9rieures \u00e0 10.1.0",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "NodeJS Buildpack versions ant\u00e9rieures \u00e0 1.8.61",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Foundation Core pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 3.2.0",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Application Services pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 3.3.11",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "IPsec Encryption pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 1.9.68",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2022-1343",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1343"
},
{
"name": "CVE-2025-8715",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8715"
},
{
"name": "CVE-2025-30681",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30681"
},
{
"name": "CVE-2023-0216",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0216"
},
{
"name": "CVE-2024-20919",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20919"
},
{
"name": "CVE-2022-1473",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1473"
},
{
"name": "CVE-2023-21938",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21938"
},
{
"name": "CVE-2023-40217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40217"
},
{
"name": "CVE-2020-14621",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14621"
},
{
"name": "CVE-2023-0401",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0401"
},
{
"name": "CVE-2025-59830",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59830"
},
{
"name": "CVE-2023-21843",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21843"
},
{
"name": "CVE-2024-36138",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36138"
},
{
"name": "CVE-2020-2803",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2803"
},
{
"name": "CVE-2024-21235",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21235"
},
{
"name": "CVE-2025-30689",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30689"
},
{
"name": "CVE-2024-11168",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11168"
},
{
"name": "CVE-2025-9231",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9231"
},
{
"name": "CVE-2022-21426",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21426"
},
{
"name": "CVE-2024-22020",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22020"
},
{
"name": "CVE-2025-30715",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30715"
},
{
"name": "CVE-2025-30682",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30682"
},
{
"name": "CVE-2021-35586",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35586"
},
{
"name": "CVE-2025-25186",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-25186"
},
{
"name": "CVE-2025-50102",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50102"
},
{
"name": "CVE-2025-55248",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55248"
},
{
"name": "CVE-2024-21144",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21144"
},
{
"name": "CVE-2021-35550",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35550"
},
{
"name": "CVE-2025-22872",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22872"
},
{
"name": "CVE-2021-35567",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35567"
},
{
"name": "CVE-2020-14579",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14579"
},
{
"name": "CVE-2025-50100",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50100"
},
{
"name": "CVE-2023-21954",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21954"
},
{
"name": "CVE-2022-4304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4304"
},
{
"name": "CVE-2023-21939",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21939"
},
{
"name": "CVE-2024-20926",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20926"
},
{
"name": "CVE-2025-0913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0913"
},
{
"name": "CVE-2021-2163",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2163"
},
{
"name": "CVE-2024-21890",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21890"
},
{
"name": "CVE-2024-21896",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21896"
},
{
"name": "CVE-2025-47907",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47907"
},
{
"name": "CVE-2025-40026",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40026"
},
{
"name": "CVE-2022-1292",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1292"
},
{
"name": "CVE-2024-21068",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21068"
},
{
"name": "CVE-2024-7409",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7409"
},
{
"name": "CVE-2025-30703",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30703"
},
{
"name": "CVE-2023-21830",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21830"
},
{
"name": "CVE-2021-2161",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2161"
},
{
"name": "CVE-2025-6069",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6069"
},
{
"name": "CVE-2021-2341",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2341"
},
{
"name": "CVE-2024-6232",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6232"
},
{
"name": "CVE-2025-50080",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50080"
},
{
"name": "CVE-2024-6505",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6505"
},
{
"name": "CVE-2025-4330",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4330"
},
{
"name": "CVE-2020-14593",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14593"
},
{
"name": "CVE-2025-50078",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50078"
},
{
"name": "CVE-2020-14664",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14664"
},
{
"name": "CVE-2024-9287",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9287"
},
{
"name": "CVE-2025-4138",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4138"
},
{
"name": "CVE-2020-14797",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14797"
},
{
"name": "CVE-2023-0215",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0215"
},
{
"name": "CVE-2023-36632",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36632"
},
{
"name": "CVE-2020-14798",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14798"
},
{
"name": "CVE-2023-0286",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0286"
},
{
"name": "CVE-2024-43484",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43484"
},
{
"name": "CVE-2025-24293",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24293"
},
{
"name": "CVE-2025-30696",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30696"
},
{
"name": "CVE-2025-55752",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55752"
},
{
"name": "CVE-2022-21299",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21299"
},
{
"name": "CVE-2020-2773",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2773"
},
{
"name": "CVE-2024-22025",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22025"
},
{
"name": "CVE-2024-20921",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20921"
},
{
"name": "CVE-2020-14578",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14578"
},
{
"name": "CVE-2025-21584",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21584"
},
{
"name": "CVE-2020-2805",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2805"
},
{
"name": "CVE-2025-58767",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58767"
},
{
"name": "CVE-2023-4807",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4807"
},
{
"name": "CVE-2024-45341",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45341"
},
{
"name": "CVE-2020-2830",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2830"
},
{
"name": "CVE-2025-54798",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54798"
},
{
"name": "CVE-2022-21624",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21624"
},
{
"name": "CVE-2020-2781",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2781"
},
{
"name": "CVE-2022-21305",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21305"
},
{
"name": "CVE-2020-14556",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14556"
},
{
"name": "CVE-2025-50085",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50085"
},
{
"name": "CVE-2020-14792",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14792"
},
{
"name": "CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"name": "CVE-2025-41248",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41248"
},
{
"name": "CVE-2024-3447",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3447"
},
{
"name": "CVE-2022-2068",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2068"
},
{
"name": "CVE-2022-21271",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21271"
},
{
"name": "CVE-2025-61919",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61919"
},
{
"name": "CVE-2022-40897",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40897"
},
{
"name": "CVE-2025-0938",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0938"
},
{
"name": "CVE-2025-27210",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27210"
},
{
"name": "CVE-2025-61771",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61771"
},
{
"name": "CVE-2025-61770",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61770"
},
{
"name": "CVE-2023-22081",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22081"
},
{
"name": "CVE-2022-4203",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4203"
},
{
"name": "CVE-2025-50106",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50106"
},
{
"name": "CVE-2023-46809",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46809"
},
{
"name": "CVE-2024-21510",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21510"
},
{
"name": "CVE-2022-21626",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21626"
},
{
"name": "CVE-2025-58057",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58057"
},
{
"name": "CVE-2025-8291",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8291"
},
{
"name": "CVE-2020-14781",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14781"
},
{
"name": "CVE-2025-30683",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30683"
},
{
"name": "CVE-2025-30699",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30699"
},
{
"name": "CVE-2025-61921",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61921"
},
{
"name": "CVE-2025-22866",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22866"
},
{
"name": "CVE-2025-30754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30754"
},
{
"name": "CVE-2024-38229",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38229"
},
{
"name": "CVE-2025-47910",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47910"
},
{
"name": "CVE-2025-23167",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23167"
},
{
"name": "CVE-2023-27043",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27043"
},
{
"name": "CVE-2024-43483",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43483"
},
{
"name": "CVE-2025-50094",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50094"
},
{
"name": "CVE-2021-35559",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35559"
},
{
"name": "CVE-2023-0217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0217"
},
{
"name": "CVE-2024-58266",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58266"
},
{
"name": "CVE-2025-50098",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50098"
},
{
"name": "CVE-2022-21291",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21291"
},
{
"name": "CVE-2025-50086",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50086"
},
{
"name": "CVE-2022-3786",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3786"
},
{
"name": "CVE-2023-38552",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38552"
},
{
"name": "CVE-2021-35565",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35565"
},
{
"name": "CVE-2025-47906",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47906"
},
{
"name": "CVE-2025-58446",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58446"
},
{
"name": "CVE-2025-8194",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8194"
},
{
"name": "CVE-2024-3446",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3446"
},
{
"name": "CVE-2025-50082",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50082"
},
{
"name": "CVE-2025-40027",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40027"
},
{
"name": "CVE-2025-50097",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50097"
},
{
"name": "CVE-2025-50181",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50181"
},
{
"name": "CVE-2025-50084",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50084"
},
{
"name": "CVE-2025-50079",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50079"
},
{
"name": "CVE-2025-1795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1795"
},
{
"name": "CVE-2021-35603",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35603"
},
{
"name": "CVE-2023-22067",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22067"
},
{
"name": "CVE-2025-4517",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4517"
},
{
"name": "CVE-2025-55193",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55193"
},
{
"name": "CVE-2025-21574",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21574"
},
{
"name": "CVE-2024-22019",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22019"
},
{
"name": "CVE-2025-4674",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4674"
},
{
"name": "CVE-2020-2754",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2754"
},
{
"name": "CVE-2020-14796",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14796"
},
{
"name": "CVE-2025-21580",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21580"
},
{
"name": "CVE-2022-29526",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29526"
},
{
"name": "CVE-2025-55754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55754"
},
{
"name": "CVE-2025-53023",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53023"
},
{
"name": "CVE-2025-21575",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21575"
},
{
"name": "CVE-2025-4435",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4435"
},
{
"name": "CVE-2025-21577",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21577"
},
{
"name": "CVE-2022-21628",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21628"
},
{
"name": "CVE-2024-4467",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4467"
},
{
"name": "CVE-2024-21011",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21011"
},
{
"name": "CVE-2024-45336",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45336"
},
{
"name": "CVE-2021-2369",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2369"
},
{
"name": "CVE-2025-22868",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22868"
},
{
"name": "CVE-2024-12718",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12718"
},
{
"name": "CVE-2024-27983",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27983"
},
{
"name": "CVE-2025-23085",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23085"
},
{
"name": "CVE-2024-0450",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0450"
},
{
"name": "CVE-2024-5642",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5642"
},
{
"name": "CVE-2025-59425",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59425"
},
{
"name": "CVE-2024-3219",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3219"
},
{
"name": "CVE-2025-50096",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50096"
},
{
"name": "CVE-2024-47554",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47554"
},
{
"name": "CVE-2025-9232",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9232"
},
{
"name": "CVE-2025-23165",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23165"
},
{
"name": "CVE-2023-30584",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30584"
},
{
"name": "CVE-2025-61795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61795"
},
{
"name": "CVE-2025-30705",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30705"
},
{
"name": "CVE-2025-8713",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8713"
},
{
"name": "CVE-2025-21587",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21587"
},
{
"name": "CVE-2025-50088",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50088"
},
{
"name": "CVE-2024-21892",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21892"
},
{
"name": "CVE-2024-45337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45337"
},
{
"name": "CVE-2024-21147",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21147"
},
{
"name": "CVE-2024-27982",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27982"
},
{
"name": "CVE-2020-14581",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14581"
},
{
"name": "CVE-2024-37372",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37372"
},
{
"name": "CVE-2025-50077",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50077"
},
{
"name": "CVE-2025-23083",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23083"
},
{
"name": "CVE-2021-2388",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2388"
},
{
"name": "CVE-2025-50092",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50092"
},
{
"name": "CVE-2025-50099",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50099"
},
{
"name": "CVE-2021-35588",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35588"
},
{
"name": "CVE-2025-41244",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41244"
},
{
"name": "CVE-2024-21140",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21140"
},
{
"name": "CVE-2025-30684",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30684"
},
{
"name": "CVE-2024-21094",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21094"
},
{
"name": "CVE-2025-48989",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48989"
},
{
"name": "CVE-2022-21365",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21365"
},
{
"name": "CVE-2025-50093",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50093"
},
{
"name": "CVE-2025-22874",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22874"
},
{
"name": "CVE-2020-14782",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14782"
},
{
"name": "CVE-2025-50059",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50059"
},
{
"name": "CVE-2025-21579",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21579"
},
{
"name": "CVE-2023-21937",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21937"
},
{
"name": "CVE-2025-30761",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30761"
},
{
"name": "CVE-2025-50087",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50087"
},
{
"name": "CVE-2024-47535",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47535"
},
{
"name": "CVE-2022-4450",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4450"
},
{
"name": "CVE-2024-7592",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7592"
},
{
"name": "CVE-2023-2650",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2650"
},
{
"name": "CVE-2022-21434",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21434"
},
{
"name": "CVE-2025-54410",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54410"
},
{
"name": "CVE-2023-52970",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52970"
},
{
"name": "CVE-2022-3996",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3996"
},
{
"name": "CVE-2025-52434",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52434"
},
{
"name": "CVE-2022-21294",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21294"
},
{
"name": "CVE-2025-30698",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30698"
},
{
"name": "CVE-2020-2755",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2755"
},
{
"name": "CVE-2025-8714",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8714"
},
{
"name": "CVE-2024-43485",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43485"
},
{
"name": "CVE-2020-14779",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14779"
},
{
"name": "CVE-2025-4673",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4673"
},
{
"name": "CVE-2023-22045",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22045"
},
{
"name": "CVE-2025-30721",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30721"
},
{
"name": "CVE-2025-58056",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58056"
},
{
"name": "CVE-2025-22871",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22871"
},
{
"name": "CVE-2024-21138",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21138"
},
{
"name": "CVE-2025-50091",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50091"
},
{
"name": "CVE-2024-22018",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22018"
},
{
"name": "CVE-2023-22049",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22049"
},
{
"name": "CVE-2022-21341",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21341"
},
{
"name": "CVE-2025-23166",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23166"
},
{
"name": "CVE-2021-35578",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35578"
},
{
"name": "CVE-2024-0397",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0397"
},
{
"name": "CVE-2020-14583",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14583"
},
{
"name": "CVE-2022-21340",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21340"
},
{
"name": "CVE-2024-12254",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12254"
},
{
"name": "CVE-2025-4516",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4516"
},
{
"name": "CVE-2025-22869",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22869"
},
{
"name": "CVE-2022-3358",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3358"
},
{
"name": "CVE-2022-21293",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21293"
},
{
"name": "CVE-2022-2097",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2097"
},
{
"name": "CVE-2025-50104",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50104"
},
{
"name": "CVE-2020-2800",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2800"
},
{
"name": "CVE-2025-6242",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6242"
},
{
"name": "CVE-2025-61772",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61772"
},
{
"name": "CVE-2025-30722",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30722"
},
{
"name": "CVE-2024-21145",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21145"
},
{
"name": "CVE-2022-21282",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21282"
},
{
"name": "CVE-2022-21349",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21349"
},
{
"name": "CVE-2024-50602",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50602"
},
{
"name": "CVE-2024-21891",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21891"
},
{
"name": "CVE-2025-22870",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22870"
},
{
"name": "CVE-2025-30687",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30687"
},
{
"name": "CVE-2023-21968",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21968"
},
{
"name": "CVE-2025-50101",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50101"
},
{
"name": "CVE-2025-30749",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30749"
},
{
"name": "CVE-2025-61748",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61748"
},
{
"name": "CVE-2025-4207",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4207"
},
{
"name": "CVE-2025-9230",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9230"
},
{
"name": "CVE-2025-27789",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27789"
},
{
"name": "CVE-2022-21248",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21248"
},
{
"name": "CVE-2023-21930",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21930"
},
{
"name": "CVE-2024-22017",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22017"
},
{
"name": "CVE-2025-8916",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8916"
},
{
"name": "CVE-2025-8885",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8885"
},
{
"name": "CVE-2024-20918",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20918"
},
{
"name": "CVE-2025-41249",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41249"
},
{
"name": "CVE-2025-30704",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30704"
},
{
"name": "CVE-2021-35564",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35564"
},
{
"name": "CVE-2023-52969",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52969"
},
{
"name": "CVE-2025-46551",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46551"
},
{
"name": "CVE-2025-30693",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30693"
},
{
"name": "CVE-2025-21585",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21585"
},
{
"name": "CVE-2025-53506",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53506"
},
{
"name": "CVE-2025-23084",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23084"
},
{
"name": "CVE-2022-3602",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3602"
},
{
"name": "CVE-2025-1094",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1094"
},
{
"name": "CVE-2022-1434",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1434"
},
{
"name": "CVE-2020-2757",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2757"
},
{
"name": "CVE-2025-53864",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53864"
},
{
"name": "CVE-2024-4032",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4032"
},
{
"name": "CVE-2025-40025",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40025"
},
{
"name": "CVE-2025-61620",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61620"
},
{
"name": "CVE-2021-35556",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35556"
},
{
"name": "CVE-2024-8244",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8244"
},
{
"name": "CVE-2024-21085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21085"
},
{
"name": "CVE-2025-21502",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21502"
},
{
"name": "CVE-2023-39331",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39331"
},
{
"name": "CVE-2025-55315",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55315"
},
{
"name": "CVE-2021-35560",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35560"
},
{
"name": "CVE-2025-21581",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21581"
},
{
"name": "CVE-2024-20945",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20945"
},
{
"name": "CVE-2025-58754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58754"
},
{
"name": "CVE-2024-21131",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21131"
},
{
"name": "CVE-2025-41242",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41242"
},
{
"name": "CVE-2024-21210",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21210"
},
{
"name": "CVE-2025-53057",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53057"
},
{
"name": "CVE-2023-39332",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39332"
},
{
"name": "CVE-2020-2756",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2756"
},
{
"name": "CVE-2024-27980",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27980"
},
{
"name": "CVE-2023-21967",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21967"
},
{
"name": "CVE-2025-30685",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30685"
},
{
"name": "CVE-2023-39333",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39333"
},
{
"name": "CVE-2022-21619",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21619"
},
{
"name": "CVE-2025-30695",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30695"
},
{
"name": "CVE-2025-30688",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30688"
},
{
"name": "CVE-2023-5752",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5752"
},
{
"name": "CVE-2025-61780",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61780"
},
{
"name": "CVE-2021-35561",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35561"
},
{
"name": "CVE-2022-21476",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21476"
},
{
"name": "CVE-2025-53066",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53066"
},
{
"name": "CVE-2024-21217",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21217"
},
{
"name": "CVE-2023-6597",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6597"
},
{
"name": "CVE-2024-20952",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20952"
},
{
"name": "CVE-2022-21541",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21541"
},
{
"name": "CVE-2025-27221",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27221"
},
{
"name": "CVE-2022-21360",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21360"
},
{
"name": "CVE-2022-21296",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21296"
},
{
"name": "CVE-2022-21540",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21540"
},
{
"name": "CVE-2025-50083",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50083"
},
{
"name": "CVE-2024-21208",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21208"
},
{
"name": "CVE-2024-36137",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36137"
},
{
"name": "CVE-2020-14577",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14577"
},
{
"name": "CVE-2025-49014",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49014"
},
{
"name": "CVE-2024-6923",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6923"
},
{
"name": "CVE-2024-8088",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8088"
}
],
"initial_release_date": "2025-11-05T00:00:00",
"last_revision_date": "2025-11-05T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-0967",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-11-05T00:00:00.000000"
}
],
"risks": [
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits VMware. Elles permettent \u00e0 un attaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits VMware",
"vendor_advisories": [
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36323",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36323"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36343",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36343"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-99",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36326"
},
{
"published_at": "2025-11-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36305",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36305"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36345",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36345"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-53",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36329"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-81",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36316"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2024-41",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36331"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36334",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36334"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36335",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36335"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36340",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36340"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36319",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36319"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36339",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36339"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36322",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36322"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36321",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36321"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-68",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36324"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36336",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36336"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36318",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36318"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36337",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36337"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36346",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36346"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-81",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36315"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36317",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36317"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36344",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36344"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36341",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36341"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36314",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36314"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2024-41",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36330"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36332",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36332"
},
{
"published_at": "2025-11-04",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36304",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36304"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36342",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36342"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36333",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36333"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-99",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36327"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36338",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36338"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-53",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36328"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-68",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36325"
}
]
}
CERTFR-2025-AVI-0933
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans Apache Tomcat. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
References
| Title | Publication Time | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Tomcat versions 11.0.x ant\u00e9rieures \u00e0 11.0.12",
"product": {
"name": "Tomcat",
"vendor": {
"name": "Apache",
"scada": false
}
}
},
{
"description": "Tomcat versions 10.1.x ant\u00e9rieures \u00e0 10.1.47",
"product": {
"name": "Tomcat",
"vendor": {
"name": "Apache",
"scada": false
}
}
},
{
"description": "Tomcat versions 9.0.x ant\u00e9rieures \u00e0 9.0.110",
"product": {
"name": "Tomcat",
"vendor": {
"name": "Apache",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-55752",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55752"
},
{
"name": "CVE-2025-55754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55754"
},
{
"name": "CVE-2025-61795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61795"
}
],
"initial_release_date": "2025-10-28T00:00:00",
"last_revision_date": "2025-10-28T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-0933",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-10-28T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Apache Tomcat. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance et un contournement de la politique de s\u00e9curit\u00e9.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Apache Tomcat",
"vendor_advisories": [
{
"published_at": "2025-10-07",
"title": "Bulletin de s\u00e9curit\u00e9 Apache Tomcat Apache_Tomcat_11.0.12",
"url": "https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.12"
},
{
"published_at": "2025-10-06",
"title": "Bulletin de s\u00e9curit\u00e9 Apache Tomcat Apache_Tomcat_9.0.110",
"url": "https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.110"
},
{
"published_at": "2025-10-07",
"title": "Bulletin de s\u00e9curit\u00e9 Apache Tomcat Apache_Tomcat_10.1.47",
"url": "https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.47"
}
]
}
CERTFR-2025-AVI-0969
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits VMware. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| VMware | Tanzu Kubernetes Runtime | GenAI sur Tanzu Platform pour Cloud Foundry versions antérieures à 10.2.5 | ||
| VMware | Tanzu Kubernetes Runtime | Tanzu Platform pour Cloud Foundry versions antérieures à 6.0.20+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Noble) versions antérieures à 1.90.x | ||
| VMware | Tanzu Kubernetes Runtime | NodeJS Buildpack versions antérieures à 1.8.58 | ||
| VMware | Tanzu Kubernetes Runtime | Python Buildpack versions antérieures à 1.8.63 | ||
| VMware | Tanzu Kubernetes Runtime | VMware Tanzu pour MySQL sur Tanzu Platform versions antérieures à 10.1.0 | ||
| VMware | Tanzu Kubernetes Runtime | API Gateway pour VMware Tanzu Platform versions antérieures à 2.4.0 | ||
| VMware | Tanzu Kubernetes Runtime | PHP Buildpack versions antérieures à 4.6.49 | ||
| VMware | Tanzu Kubernetes Runtime | Single Sign-On pour VMware Tanzu Platform versions antérieures à 1.16.14 | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Jammy FIPS) versions antérieures à 1.915.x | ||
| VMware | Tanzu Application Service | CredHub Service Broker versions antérieures à 1.6.6 | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Jammy FIPS) versions antérieures à 1.943.x | ||
| VMware | Tanzu Kubernetes Runtime | Elastic Application Runtime Windows add-on pour VMware Tanzu Platform versions antérieures à 10.2.4+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Tanzu Platform pour Cloud Foundry Windows versions antérieures à 6.0.20+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Jammy) versions antérieures à 1.915.x | ||
| VMware | Tanzu Kubernetes Runtime | Tanzu Platform pour Cloud Foundry Windows versions antérieures à 10.2.3+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Single Sign-On pour VMware Tanzu Application Service versions antérieures à 1.16.13 | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Jammy) versions antérieures à 1.943.x | ||
| VMware | Tanzu Kubernetes Runtime | Tanzu Platform pour Cloud Foundry isolation segment versions antérieures à 6.0.20+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Noble) versions antérieures à 1.77.x | ||
| VMware | Services Suite | Platform Automation Toolkit versions antérieures à 5.3.2 | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Jammy Azure Light) versions antérieures à 1.906.x | ||
| VMware | Tanzu Kubernetes Runtime | Spring Cloud Data Flow pour VMware Tanzu versions antérieures à 1.14.9 | ||
| VMware | Tanzu Kubernetes Runtime | App Autoscaler CLI Plugin pour VMware Tanzu Platform versions antérieures à 250.5.9 | ||
| VMware | Tanzu Kubernetes Runtime | Spring Cloud Services pour VMware Tanzu versions antérieures à 3.3.10 | ||
| VMware | Tanzu Kubernetes Runtime | Tanzu Platform pour Cloud Foundry versions antérieures à 10.2.3+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Concourse pour VMware Tanzu versions antérieures à 7.14.1+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Tanzu Platform pour Cloud Foundry isolation segment versions antérieures à 10.2.3+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Platform Services pour VMware Tanzu Platform versions antérieures à 10.3.0 | ||
| VMware | Tanzu Kubernetes Runtime | Ruby Buildpack versions antérieures à 1.10.46 | ||
| VMware | Tanzu Kubernetes Runtime | Elastic Application Runtime pour VMware Tanzu Platform versions antérieures à 6.0.21+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Telemetry pour VMware Tanzu Platform versions antérieures à 2.3.0 | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Noble) versions antérieures à 1.103.x | ||
| VMware | Tanzu Kubernetes Runtime | Tanzu Hub versions antérieures à 10.3.0 | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Jammy) versions antérieures à 1.906.x |
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "GenAI sur Tanzu Platform pour Cloud Foundry versions ant\u00e9rieures \u00e0 10.2.5",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform pour Cloud Foundry versions ant\u00e9rieures \u00e0 6.0.20+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Noble) versions ant\u00e9rieures \u00e0 1.90.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "NodeJS Buildpack versions ant\u00e9rieures \u00e0 1.8.58",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Python Buildpack versions ant\u00e9rieures \u00e0 1.8.63",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "VMware Tanzu pour MySQL sur Tanzu Platform versions ant\u00e9rieures \u00e0 10.1.0",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "API Gateway pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 2.4.0",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "PHP Buildpack versions ant\u00e9rieures \u00e0 4.6.49",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Single Sign-On pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 1.16.14",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Jammy FIPS) versions ant\u00e9rieures \u00e0 1.915.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "CredHub Service Broker versions ant\u00e9rieures \u00e0 1.6.6",
"product": {
"name": "Tanzu Application Service",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Jammy FIPS) versions ant\u00e9rieures \u00e0 1.943.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Elastic Application Runtime Windows add-on pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 10.2.4+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform pour Cloud Foundry Windows versions ant\u00e9rieures \u00e0 6.0.20+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Jammy) versions ant\u00e9rieures \u00e0 1.915.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform pour Cloud Foundry Windows versions ant\u00e9rieures \u00e0 10.2.3+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Single Sign-On pour VMware Tanzu Application Service versions ant\u00e9rieures \u00e0 1.16.13",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Jammy) versions ant\u00e9rieures \u00e0 1.943.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform pour Cloud Foundry isolation segment versions ant\u00e9rieures \u00e0 6.0.20+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Noble) versions ant\u00e9rieures \u00e0 1.77.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Platform Automation Toolkit versions ant\u00e9rieures \u00e0 5.3.2",
"product": {
"name": "Services Suite",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Jammy Azure Light) versions ant\u00e9rieures \u00e0 1.906.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Spring Cloud Data Flow pour VMware Tanzu versions ant\u00e9rieures \u00e0 1.14.9",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "App Autoscaler CLI Plugin pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 250.5.9",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Spring Cloud Services pour VMware Tanzu versions ant\u00e9rieures \u00e0 3.3.10",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform pour Cloud Foundry versions ant\u00e9rieures \u00e0 10.2.3+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Concourse pour VMware Tanzu versions ant\u00e9rieures \u00e0 7.14.1+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform pour Cloud Foundry isolation segment versions ant\u00e9rieures \u00e0 10.2.3+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Platform Services pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 10.3.0",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Ruby Buildpack versions ant\u00e9rieures \u00e0 1.10.46",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Elastic Application Runtime pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 6.0.21+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Telemetry pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 2.3.0",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Noble) versions ant\u00e9rieures \u00e0 1.103.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Hub versions ant\u00e9rieures \u00e0 10.3.0",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Jammy) versions ant\u00e9rieures \u00e0 1.906.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2019-25013",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-25013"
},
{
"name": "CVE-2017-9937",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9937"
},
{
"name": "CVE-2025-6395",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6395"
},
{
"name": "CVE-2022-1343",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1343"
},
{
"name": "CVE-2013-4235",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4235"
},
{
"name": "CVE-2024-37370",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37370"
},
{
"name": "CVE-2024-24790",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24790"
},
{
"name": "CVE-2024-57981",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57981"
},
{
"name": "CVE-2025-8715",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8715"
},
{
"name": "CVE-2017-3613",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3613"
},
{
"name": "CVE-2025-30681",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30681"
},
{
"name": "CVE-2022-25308",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25308"
},
{
"name": "CVE-2021-3996",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3996"
},
{
"name": "CVE-2024-38807",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38807"
},
{
"name": "CVE-2023-0216",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0216"
},
{
"name": "CVE-2023-27102",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27102"
},
{
"name": "CVE-2022-43236",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43236"
},
{
"name": "CVE-2024-20919",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20919"
},
{
"name": "CVE-2023-7104",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-7104"
},
{
"name": "CVE-2022-35252",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-35252"
},
{
"name": "CVE-2005-0602",
"url": "https://www.cve.org/CVERecord?id=CVE-2005-0602"
},
{
"name": "CVE-2017-6834",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6834"
},
{
"name": "CVE-2025-22003",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22003"
},
{
"name": "CVE-2022-1473",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1473"
},
{
"name": "CVE-2023-21938",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21938"
},
{
"name": "CVE-2023-3428",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3428"
},
{
"name": "CVE-2021-3933",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3933"
},
{
"name": "CVE-2022-32189",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32189"
},
{
"name": "CVE-2022-43237",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43237"
},
{
"name": "CVE-2021-23215",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23215"
},
{
"name": "CVE-2022-1115",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1115"
},
{
"name": "CVE-2024-57994",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57994"
},
{
"name": "CVE-2025-21798",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21798"
},
{
"name": "CVE-2025-3264",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3264"
},
{
"name": "CVE-2015-4789",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4789"
},
{
"name": "CVE-2025-53547",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53547"
},
{
"name": "CVE-2023-40217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40217"
},
{
"name": "CVE-2020-14621",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14621"
},
{
"name": "CVE-2025-26465",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-26465"
},
{
"name": "CVE-2025-21975",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21975"
},
{
"name": "CVE-2025-21980",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21980"
},
{
"name": "CVE-2023-0401",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0401"
},
{
"name": "CVE-2025-21889",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21889"
},
{
"name": "CVE-2025-21861",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21861"
},
{
"name": "CVE-2025-38328",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38328"
},
{
"name": "CVE-2025-31115",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31115"
},
{
"name": "CVE-2021-33294",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33294"
},
{
"name": "CVE-2023-3195",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3195"
},
{
"name": "CVE-2025-59830",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59830"
},
{
"name": "CVE-2023-21843",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21843"
},
{
"name": "CVE-2021-20243",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20243"
},
{
"name": "CVE-2023-3316",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3316"
},
{
"name": "CVE-2023-1175",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1175"
},
{
"name": "CVE-2024-57948",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57948"
},
{
"name": "CVE-2025-21937",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21937"
},
{
"name": "CVE-2014-9157",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9157"
},
{
"name": "CVE-2020-2803",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2803"
},
{
"name": "CVE-2020-14803",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14803"
},
{
"name": "CVE-2024-58088",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58088"
},
{
"name": "CVE-2024-21235",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21235"
},
{
"name": "CVE-2025-53042",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53042"
},
{
"name": "CVE-2024-9681",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9681"
},
{
"name": "CVE-2021-37600",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37600"
},
{
"name": "CVE-2025-21689",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21689"
},
{
"name": "CVE-2025-21682",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21682"
},
{
"name": "CVE-2011-3374",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3374"
},
{
"name": "CVE-2025-30689",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30689"
},
{
"name": "CVE-2024-11168",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11168"
},
{
"name": "CVE-2021-26260",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26260"
},
{
"name": "CVE-2023-0922",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0922"
},
{
"name": "CVE-2025-38100",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38100"
},
{
"name": "CVE-2017-18250",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18250"
},
{
"name": "CVE-2025-9231",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9231"
},
{
"name": "CVE-2025-1372",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1372"
},
{
"name": "CVE-2025-40002",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40002"
},
{
"name": "CVE-2022-21426",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21426"
},
{
"name": "CVE-2025-8851",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8851"
},
{
"name": "CVE-2024-58010",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58010"
},
{
"name": "CVE-2025-38043",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38043"
},
{
"name": "CVE-2025-21697",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21697"
},
{
"name": "CVE-2025-30715",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30715"
},
{
"name": "CVE-2024-57973",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57973"
},
{
"name": "CVE-2022-24407",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24407"
},
{
"name": "CVE-2022-30631",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30631"
},
{
"name": "CVE-2022-46908",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46908"
},
{
"name": "CVE-2022-3626",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3626"
},
{
"name": "CVE-2024-28834",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28834"
},
{
"name": "CVE-2021-38604",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-38604"
},
{
"name": "CVE-2001-1268",
"url": "https://www.cve.org/CVERecord?id=CVE-2001-1268"
},
{
"name": "CVE-2022-2874",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2874"
},
{
"name": "CVE-2025-22017",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22017"
},
{
"name": "CVE-2025-38108",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38108"
},
{
"name": "CVE-2025-21783",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21783"
},
{
"name": "CVE-2025-38229",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38229"
},
{
"name": "CVE-2023-46218",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46218"
},
{
"name": "CVE-2021-3733",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3733"
},
{
"name": "CVE-2025-9714",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9714"
},
{
"name": "CVE-2025-21786",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21786"
},
{
"name": "CVE-2024-11187",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11187"
},
{
"name": "CVE-2020-27769",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27769"
},
{
"name": "CVE-2025-30682",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30682"
},
{
"name": "CVE-2021-35586",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35586"
},
{
"name": "CVE-2014-9748",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9748"
},
{
"name": "CVE-2025-25186",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-25186"
},
{
"name": "CVE-2014-8141",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-8141"
},
{
"name": "CVE-2022-1623",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1623"
},
{
"name": "CVE-2025-21881",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21881"
},
{
"name": "CVE-2025-21951",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21951"
},
{
"name": "CVE-2024-38829",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38829"
},
{
"name": "CVE-2025-10148",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-10148"
},
{
"name": "CVE-2017-6831",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6831"
},
{
"name": "CVE-2024-58034",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58034"
},
{
"name": "CVE-2025-25724",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-25724"
},
{
"name": "CVE-2025-27818",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27818"
},
{
"name": "CVE-2021-3997",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3997"
},
{
"name": "CVE-2025-50102",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50102"
},
{
"name": "CVE-2023-38471",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38471"
},
{
"name": "CVE-2022-0158",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0158"
},
{
"name": "CVE-2020-27776",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27776"
},
{
"name": "CVE-2025-5222",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5222"
},
{
"name": "CVE-2025-21743",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21743"
},
{
"name": "CVE-2025-38147",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38147"
},
{
"name": "CVE-2023-6780",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6780"
},
{
"name": "CVE-2023-34475",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34475"
},
{
"name": "CVE-2024-26896",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26896"
},
{
"name": "CVE-2025-38286",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38286"
},
{
"name": "CVE-2025-55248",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55248"
},
{
"name": "CVE-2024-24762",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24762"
},
{
"name": "CVE-2025-53643",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53643"
},
{
"name": "CVE-2022-0696",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0696"
},
{
"name": "CVE-2025-27516",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27516"
},
{
"name": "CVE-2024-21144",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21144"
},
{
"name": "CVE-2024-3220",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3220"
},
{
"name": "CVE-2022-3599",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3599"
},
{
"name": "CVE-2021-39537",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39537"
},
{
"name": "CVE-2025-12380",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12380"
},
{
"name": "CVE-2022-42010",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42010"
},
{
"name": "CVE-2015-4787",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4787"
},
{
"name": "CVE-2021-35550",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35550"
},
{
"name": "CVE-2022-27781",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27781"
},
{
"name": "CVE-2025-21847",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21847"
},
{
"name": "CVE-2022-2929",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2929"
},
{
"name": "CVE-2018-15120",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-15120"
},
{
"name": "CVE-2024-58069",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58069"
},
{
"name": "CVE-2025-8556",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8556"
},
{
"name": "CVE-2023-0796",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0796"
},
{
"name": "CVE-2025-21853",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21853"
},
{
"name": "CVE-2025-21871",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21871"
},
{
"name": "CVE-2023-51385",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51385"
},
{
"name": "CVE-2016-0682",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0682"
},
{
"name": "CVE-2025-4287",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4287"
},
{
"name": "CVE-2024-43788",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43788"
},
{
"name": "CVE-2025-21731",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21731"
},
{
"name": "CVE-2023-48237",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48237"
},
{
"name": "CVE-2023-48706",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48706"
},
{
"name": "CVE-2021-3605",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3605"
},
{
"name": "CVE-2025-38515",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38515"
},
{
"name": "CVE-2025-22872",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22872"
},
{
"name": "CVE-2024-25126",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25126"
},
{
"name": "CVE-2025-21941",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21941"
},
{
"name": "CVE-2025-8277",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8277"
},
{
"name": "CVE-2025-8941",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8941"
},
{
"name": "CVE-2017-10928",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10928"
},
{
"name": "CVE-2023-52425",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52425"
},
{
"name": "CVE-2025-38163",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38163"
},
{
"name": "CVE-2021-35567",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35567"
},
{
"name": "CVE-2017-12429",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12429"
},
{
"name": "CVE-2025-38444",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38444"
},
{
"name": "CVE-2023-38546",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38546"
},
{
"name": "CVE-2019-8322",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8322"
},
{
"name": "CVE-2024-52615",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52615"
},
{
"name": "CVE-2020-14579",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14579"
},
{
"name": "CVE-2023-2157",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2157"
},
{
"name": "CVE-2025-32386",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32386"
},
{
"name": "CVE-2025-21823",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21823"
},
{
"name": "CVE-2025-11731",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11731"
},
{
"name": "CVE-2019-1010238",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-1010238"
},
{
"name": "CVE-2024-26700",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26700"
},
{
"name": "CVE-2024-58082",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58082"
},
{
"name": "CVE-2024-35176",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35176"
},
{
"name": "CVE-2024-33602",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33602"
},
{
"name": "CVE-2025-55551",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55551"
},
{
"name": "CVE-2025-50100",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50100"
},
{
"name": "CVE-2023-29404",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29404"
},
{
"name": "CVE-2025-21763",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21763"
},
{
"name": "CVE-2023-21954",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21954"
},
{
"name": "CVE-2025-40780",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40780"
},
{
"name": "CVE-2023-48368",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48368"
},
{
"name": "CVE-2014-4715",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-4715"
},
{
"name": "CVE-2022-4304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4304"
},
{
"name": "CVE-2023-21939",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21939"
},
{
"name": "CVE-2022-48554",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48554"
},
{
"name": "CVE-2022-0563",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0563"
},
{
"name": "CVE-2025-38157",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38157"
},
{
"name": "CVE-2023-24757",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24757"
},
{
"name": "CVE-2024-20926",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20926"
},
{
"name": "CVE-2025-21678",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21678"
},
{
"name": "CVE-2025-4056",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4056"
},
{
"name": "CVE-2024-28757",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28757"
},
{
"name": "CVE-2020-29562",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-29562"
},
{
"name": "CVE-2022-31683",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-31683"
},
{
"name": "CVE-2020-22218",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-22218"
},
{
"name": "CVE-2025-0913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0913"
},
{
"name": "CVE-2025-53062",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53062"
},
{
"name": "CVE-2015-4776",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4776"
},
{
"name": "CVE-2025-21872",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21872"
},
{
"name": "CVE-2017-3616",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3616"
},
{
"name": "CVE-2021-2163",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2163"
},
{
"name": "CVE-2025-21922",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21922"
},
{
"name": "CVE-2025-27817",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27817"
},
{
"name": "CVE-2023-30086",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30086"
},
{
"name": "CVE-2017-6832",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6832"
},
{
"name": "CVE-2022-2208",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2208"
},
{
"name": "CVE-2024-45720",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45720"
},
{
"name": "CVE-2022-1056",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1056"
},
{
"name": "CVE-2018-10805",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10805"
},
{
"name": "CVE-2019-19906",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19906"
},
{
"name": "CVE-2025-38219",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38219"
},
{
"name": "CVE-2015-4785",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4785"
},
{
"name": "CVE-2025-38466",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38466"
},
{
"name": "CVE-2022-24921",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24921"
},
{
"name": "CVE-2022-32208",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32208"
},
{
"name": "CVE-2020-15095",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15095"
},
{
"name": "CVE-2018-16328",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-16328"
},
{
"name": "CVE-2024-38949",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38949"
},
{
"name": "CVE-2022-28327",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28327"
},
{
"name": "CVE-2025-5745",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5745"
},
{
"name": "CVE-2025-47907",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47907"
},
{
"name": "CVE-2022-43239",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43239"
},
{
"name": "CVE-2022-41409",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41409"
},
{
"name": "CVE-2022-32546",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32546"
},
{
"name": "CVE-2025-0838",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0838"
},
{
"name": "CVE-2024-57980",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57980"
},
{
"name": "CVE-2023-5441",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5441"
},
{
"name": "CVE-2025-55553",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55553"
},
{
"name": "CVE-2024-12797",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12797"
},
{
"name": "CVE-2024-58011",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58011"
},
{
"name": "CVE-2025-21796",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21796"
},
{
"name": "CVE-2024-12086",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12086"
},
{
"name": "CVE-2025-27219",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27219"
},
{
"name": "CVE-2025-21691",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21691"
},
{
"name": "CVE-2021-4219",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4219"
},
{
"name": "CVE-2018-15798",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-15798"
},
{
"name": "CVE-2025-55154",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55154"
},
{
"name": "CVE-2025-49146",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49146"
},
{
"name": "CVE-2025-40026",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40026"
},
{
"name": "CVE-2022-1292",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1292"
},
{
"name": "CVE-2022-3153",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3153"
},
{
"name": "CVE-2022-2057",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2057"
},
{
"name": "CVE-2025-5197",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5197"
},
{
"name": "CVE-2023-45283",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45283"
},
{
"name": "CVE-2023-39328",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39328"
},
{
"name": "CVE-2023-45853",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45853"
},
{
"name": "CVE-2024-47611",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47611"
},
{
"name": "CVE-2017-11447",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-11447"
},
{
"name": "CVE-2019-8323",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8323"
},
{
"name": "CVE-2023-39593",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39593"
},
{
"name": "CVE-2025-45582",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-45582"
},
{
"name": "CVE-2025-46569",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46569"
},
{
"name": "CVE-2024-21068",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21068"
},
{
"name": "CVE-2018-14434",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14434"
},
{
"name": "CVE-2019-6293",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6293"
},
{
"name": "CVE-2025-30703",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30703"
},
{
"name": "CVE-2025-21738",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21738"
},
{
"name": "CVE-2022-48522",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48522"
},
{
"name": "CVE-2025-21684",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21684"
},
{
"name": "CVE-2023-50868",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50868"
},
{
"name": "CVE-2023-45288",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45288"
},
{
"name": "CVE-2023-21830",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21830"
},
{
"name": "CVE-2023-26965",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26965"
},
{
"name": "CVE-2023-2602",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2602"
},
{
"name": "CVE-2021-2161",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2161"
},
{
"name": "CVE-2025-6069",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6069"
},
{
"name": "CVE-2023-3817",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3817"
},
{
"name": "CVE-2017-10140",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10140"
},
{
"name": "CVE-2021-2341",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2341"
},
{
"name": "CVE-2021-3468",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3468"
},
{
"name": "CVE-2024-6232",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6232"
},
{
"name": "CVE-2024-58061",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58061"
},
{
"name": "CVE-2025-46148",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46148"
},
{
"name": "CVE-2024-58058",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58058"
},
{
"name": "CVE-2025-21768",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21768"
},
{
"name": "CVE-2025-21864",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21864"
},
{
"name": "CVE-2025-2149",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2149"
},
{
"name": "CVE-2021-3502",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3502"
},
{
"name": "CVE-2025-6052",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6052"
},
{
"name": "CVE-2018-16329",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-16329"
},
{
"name": "CVE-2022-41725",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41725"
},
{
"name": "CVE-2025-24813",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24813"
},
{
"name": "CVE-2024-58056",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58056"
},
{
"name": "CVE-2023-52426",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52426"
},
{
"name": "CVE-2025-50080",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50080"
},
{
"name": "CVE-2025-21725",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21725"
},
{
"name": "CVE-2024-43790",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43790"
},
{
"name": "CVE-2025-38313",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38313"
},
{
"name": "CVE-2025-38336",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38336"
},
{
"name": "CVE-2022-2058",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2058"
},
{
"name": "CVE-2025-22009",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22009"
},
{
"name": "CVE-2025-38061",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38061"
},
{
"name": "CVE-2022-45061",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45061"
},
{
"name": "CVE-2025-21727",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21727"
},
{
"name": "CVE-2024-45492",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45492"
},
{
"name": "CVE-2015-4764",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4764"
},
{
"name": "CVE-2025-22228",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22228"
},
{
"name": "CVE-2022-43240",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43240"
},
{
"name": "CVE-2020-1752",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1752"
},
{
"name": "CVE-2025-5987",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5987"
},
{
"name": "CVE-2023-4091",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4091"
},
{
"name": "CVE-2022-30635",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30635"
},
{
"name": "CVE-2025-38375",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38375"
},
{
"name": "CVE-2015-4779",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4779"
},
{
"name": "CVE-2021-20312",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20312"
},
{
"name": "CVE-2025-4330",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4330"
},
{
"name": "CVE-2025-2953",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2953"
},
{
"name": "CVE-2020-14593",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14593"
},
{
"name": "CVE-2025-21904",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21904"
},
{
"name": "CVE-2019-20838",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20838"
},
{
"name": "CVE-2025-37798",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37798"
},
{
"name": "CVE-2022-41715",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41715"
},
{
"name": "CVE-2025-50078",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50078"
},
{
"name": "CVE-2022-28739",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28739"
},
{
"name": "CVE-2024-26726",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26726"
},
{
"name": "CVE-2023-52593",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52593"
},
{
"name": "CVE-2025-3933",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3933"
},
{
"name": "CVE-2023-26785",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26785"
},
{
"name": "CVE-2025-49794",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49794"
},
{
"name": "CVE-2020-14664",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14664"
},
{
"name": "CVE-2023-48235",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48235"
},
{
"name": "CVE-2024-57970",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57970"
},
{
"name": "CVE-2024-9287",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9287"
},
{
"name": "CVE-2025-21668",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21668"
},
{
"name": "CVE-2025-22004",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22004"
},
{
"name": "CVE-2022-32207",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32207"
},
{
"name": "CVE-2024-44939",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44939"
},
{
"name": "CVE-2024-43374",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43374"
},
{
"name": "CVE-2023-50782",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50782"
},
{
"name": "CVE-2025-21929",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21929"
},
{
"name": "CVE-2025-4138",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4138"
},
{
"name": "CVE-2022-41722",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41722"
},
{
"name": "CVE-2022-3627",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3627"
},
{
"name": "CVE-2020-14797",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14797"
},
{
"name": "CVE-2025-21735",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21735"
},
{
"name": "CVE-2024-3596",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3596"
},
{
"name": "CVE-2023-0215",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0215"
},
{
"name": "CVE-2024-27280",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27280"
},
{
"name": "CVE-2025-3000",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3000"
},
{
"name": "CVE-2022-3213",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3213"
},
{
"name": "CVE-2022-2867",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2867"
},
{
"name": "CVE-2023-36632",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36632"
},
{
"name": "CVE-2021-23177",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23177"
},
{
"name": "CVE-2020-14798",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14798"
},
{
"name": "CVE-2007-4559",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-4559"
},
{
"name": "CVE-2025-21839",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21839"
},
{
"name": "CVE-2025-38112",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38112"
},
{
"name": "CVE-2025-5878",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5878"
},
{
"name": "CVE-2023-0286",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0286"
},
{
"name": "CVE-2022-3715",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3715"
},
{
"name": "CVE-2023-4016",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4016"
},
{
"name": "CVE-2024-58063",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58063"
},
{
"name": "CVE-2015-4780",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4780"
},
{
"name": "CVE-2024-41957",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41957"
},
{
"name": "CVE-2025-38500",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38500"
},
{
"name": "CVE-2024-56171",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56171"
},
{
"name": "CVE-2025-24293",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24293"
},
{
"name": "CVE-2025-8961",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8961"
},
{
"name": "CVE-2025-21977",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21977"
},
{
"name": "CVE-2022-25147",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25147"
},
{
"name": "CVE-2025-21779",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21779"
},
{
"name": "CVE-2024-58005",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58005"
},
{
"name": "CVE-2025-21674",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21674"
},
{
"name": "CVE-2022-3598",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3598"
},
{
"name": "CVE-2025-30696",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30696"
},
{
"name": "CVE-2023-0798",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0798"
},
{
"name": "CVE-2025-21918",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21918"
},
{
"name": "CVE-2025-38203",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38203"
},
{
"name": "CVE-2023-45285",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45285"
},
{
"name": "CVE-2022-0909",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0909"
},
{
"name": "CVE-2025-8176",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8176"
},
{
"name": "CVE-2023-28154",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28154"
},
{
"name": "CVE-2023-48231",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48231"
},
{
"name": "CVE-2025-55752",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55752"
},
{
"name": "CVE-2023-38633",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38633"
},
{
"name": "CVE-2025-21948",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21948"
},
{
"name": "CVE-2023-2609",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2609"
},
{
"name": "CVE-2025-53905",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53905"
},
{
"name": "CVE-2025-24970",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24970"
},
{
"name": "CVE-2021-46312",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46312"
},
{
"name": "CVE-2018-14628",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14628"
},
{
"name": "CVE-2022-21299",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21299"
},
{
"name": "CVE-2022-38476",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38476"
},
{
"name": "CVE-2019-6461",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6461"
},
{
"name": "CVE-2022-3515",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3515"
},
{
"name": "CVE-2025-38004",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38004"
},
{
"name": "CVE-2020-2773",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2773"
},
{
"name": "CVE-2015-5262",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-5262"
},
{
"name": "CVE-2022-43244",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43244"
},
{
"name": "CVE-2024-24783",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24783"
},
{
"name": "CVE-2025-21753",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21753"
},
{
"name": "CVE-2017-6004",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6004"
},
{
"name": "CVE-2023-45284",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45284"
},
{
"name": "CVE-2015-7696",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7696"
},
{
"name": "CVE-2023-29403",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29403"
},
{
"name": "CVE-2025-38387",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38387"
},
{
"name": "CVE-2023-45922",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45922"
},
{
"name": "CVE-2015-4754",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4754"
},
{
"name": "CVE-2025-21699",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21699"
},
{
"name": "CVE-2025-38362",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38362"
},
{
"name": "CVE-2022-27776",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27776"
},
{
"name": "CVE-2023-45322",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45322"
},
{
"name": "CVE-2024-24791",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24791"
},
{
"name": "CVE-2024-20921",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20921"
},
{
"name": "CVE-2022-39046",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-39046"
},
{
"name": "CVE-2020-14578",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14578"
},
{
"name": "CVE-2025-21584",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21584"
},
{
"name": "CVE-2022-42916",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42916"
},
{
"name": "CVE-2025-40004",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40004"
},
{
"name": "CVE-2017-7619",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7619"
},
{
"name": "CVE-2024-8176",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8176"
},
{
"name": "CVE-2020-2805",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2805"
},
{
"name": "CVE-2025-21712",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21712"
},
{
"name": "CVE-2025-38371",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38371"
},
{
"name": "CVE-2023-2731",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2731"
},
{
"name": "CVE-2025-58767",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58767"
},
{
"name": "CVE-2021-35939",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35939"
},
{
"name": "CVE-2024-57982",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57982"
},
{
"name": "CVE-2025-38445",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38445"
},
{
"name": "CVE-2024-38819",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38819"
},
{
"name": "CVE-2023-0803",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0803"
},
{
"name": "CVE-2023-4807",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4807"
},
{
"name": "CVE-2025-21746",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21746"
},
{
"name": "CVE-2022-0391",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0391"
},
{
"name": "CVE-2023-1170",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1170"
},
{
"name": "CVE-2022-24070",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24070"
},
{
"name": "CVE-2025-38461",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38461"
},
{
"name": "CVE-2019-17547",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17547"
},
{
"name": "CVE-2024-45341",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45341"
},
{
"name": "CVE-2021-36411",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36411"
},
{
"name": "CVE-2023-30774",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30774"
},
{
"name": "CVE-2018-10919",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10919"
},
{
"name": "CVE-2024-13176",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-13176"
},
{
"name": "CVE-2020-2830",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2830"
},
{
"name": "CVE-2025-53014",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53014"
},
{
"name": "CVE-2025-7962",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7962"
},
{
"name": "CVE-2022-21624",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21624"
},
{
"name": "CVE-2020-2781",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2781"
},
{
"name": "CVE-2023-28322",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28322"
},
{
"name": "CVE-2018-10804",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10804"
},
{
"name": "CVE-2025-38159",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38159"
},
{
"name": "CVE-2022-0907",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0907"
},
{
"name": "CVE-2021-3421",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3421"
},
{
"name": "CVE-2022-21305",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21305"
},
{
"name": "CVE-2025-38066",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38066"
},
{
"name": "CVE-2023-29405",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29405"
},
{
"name": "CVE-2021-3670",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3670"
},
{
"name": "CVE-2021-38297",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-38297"
},
{
"name": "CVE-2025-4373",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4373"
},
{
"name": "CVE-2015-4790",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4790"
},
{
"name": "CVE-2025-4598",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4598"
},
{
"name": "CVE-2025-27144",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27144"
},
{
"name": "CVE-2025-21836",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21836"
},
{
"name": "CVE-2025-21715",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21715"
},
{
"name": "CVE-2024-6174",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6174"
},
{
"name": "CVE-2022-30629",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30629"
},
{
"name": "CVE-2020-10735",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10735"
},
{
"name": "CVE-2025-38305",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38305"
},
{
"name": "CVE-2020-14556",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14556"
},
{
"name": "CVE-2025-38067",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38067"
},
{
"name": "CVE-2025-50085",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50085"
},
{
"name": "CVE-2025-21781",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21781"
},
{
"name": "CVE-2024-58054",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58054"
},
{
"name": "CVE-2024-43398",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43398"
},
{
"name": "CVE-2020-14792",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14792"
},
{
"name": "CVE-2019-16776",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16776"
},
{
"name": "CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"name": "CVE-2024-29857",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29857"
},
{
"name": "CVE-2023-6779",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6779"
},
{
"name": "CVE-2022-28738",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28738"
},
{
"name": "CVE-2023-5363",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5363"
},
{
"name": "CVE-2024-8508",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8508"
},
{
"name": "CVE-2023-45289",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45289"
},
{
"name": "CVE-2025-41248",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41248"
},
{
"name": "CVE-2022-49043",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49043"
},
{
"name": "CVE-2015-2624",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2624"
},
{
"name": "CVE-2022-2068",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2068"
},
{
"name": "CVE-2025-40364",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40364"
},
{
"name": "CVE-2023-29491",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29491"
},
{
"name": "CVE-2025-38068",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38068"
},
{
"name": "CVE-2025-61985",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61985"
},
{
"name": "CVE-2013-2064",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-2064"
},
{
"name": "CVE-2025-38401",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38401"
},
{
"name": "CVE-2025-21772",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21772"
},
{
"name": "CVE-2021-20266",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20266"
},
{
"name": "CVE-2022-21271",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21271"
},
{
"name": "CVE-2024-58070",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58070"
},
{
"name": "CVE-2025-61919",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61919"
},
{
"name": "CVE-2023-25193",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25193"
},
{
"name": "CVE-2024-34447",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34447"
},
{
"name": "CVE-2020-25663",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25663"
},
{
"name": "CVE-2022-0156",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0156"
},
{
"name": "CVE-2025-21914",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21914"
},
{
"name": "CVE-2024-58057",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58057"
},
{
"name": "CVE-2025-0306",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0306"
},
{
"name": "CVE-2025-1371",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1371"
},
{
"name": "CVE-2024-12798",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12798"
},
{
"name": "CVE-2022-40897",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40897"
},
{
"name": "CVE-2024-58007",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58007"
},
{
"name": "CVE-2023-1355",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1355"
},
{
"name": "CVE-2025-21995",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21995"
},
{
"name": "CVE-2023-0466",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0466"
},
{
"name": "CVE-2025-21868",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21868"
},
{
"name": "CVE-2025-0938",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0938"
},
{
"name": "CVE-2025-5372",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5372"
},
{
"name": "CVE-2022-27782",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27782"
},
{
"name": "CVE-2022-37967",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37967"
},
{
"name": "CVE-2022-22844",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22844"
},
{
"name": "CVE-2025-21915",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21915"
},
{
"name": "CVE-2019-13232",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-13232"
},
{
"name": "CVE-2025-27210",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27210"
},
{
"name": "CVE-2025-38102",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38102"
},
{
"name": "CVE-2024-33600",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33600"
},
{
"name": "CVE-2025-21792",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21792"
},
{
"name": "CVE-2015-2654",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2654"
},
{
"name": "CVE-2025-55560",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55560"
},
{
"name": "CVE-2025-21728",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21728"
},
{
"name": "CVE-2024-58018",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58018"
},
{
"name": "CVE-2023-42669",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-42669"
},
{
"name": "CVE-2022-1210",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1210"
},
{
"name": "CVE-2025-61771",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61771"
},
{
"name": "CVE-2023-0465",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0465"
},
{
"name": "CVE-2025-61770",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61770"
},
{
"name": "CVE-2022-32148",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32148"
},
{
"name": "CVE-2023-22081",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22081"
},
{
"name": "CVE-2015-4778",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4778"
},
{
"name": "CVE-2023-42670",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-42670"
},
{
"name": "CVE-2022-4203",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4203"
},
{
"name": "CVE-2024-58090",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58090"
},
{
"name": "CVE-2025-59842",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59842"
},
{
"name": "CVE-2025-49125",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49125"
},
{
"name": "CVE-2025-50106",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50106"
},
{
"name": "CVE-2024-27766",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27766"
},
{
"name": "CVE-2025-37958",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37958"
},
{
"name": "CVE-2025-21714",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21714"
},
{
"name": "CVE-2024-58078",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58078"
},
{
"name": "CVE-2023-32636",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32636"
},
{
"name": "CVE-2023-6277",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6277"
},
{
"name": "CVE-2025-48060",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48060"
},
{
"name": "CVE-2025-21855",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21855"
},
{
"name": "CVE-2025-38399",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38399"
},
{
"name": "CVE-2025-21972",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21972"
},
{
"name": "CVE-2025-38065",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38065"
},
{
"name": "CVE-2025-38459",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38459"
},
{
"name": "CVE-2024-21510",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21510"
},
{
"name": "CVE-2023-34153",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34153"
},
{
"name": "CVE-2023-3618",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3618"
},
{
"name": "CVE-2020-14153",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14153"
},
{
"name": "CVE-2022-1114",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1114"
},
{
"name": "CVE-2023-48233",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48233"
},
{
"name": "CVE-2025-38412",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38412"
},
{
"name": "CVE-2025-38031",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38031"
},
{
"name": "CVE-2023-4813",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4813"
},
{
"name": "CVE-2022-21626",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21626"
},
{
"name": "CVE-2011-2207",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2207"
},
{
"name": "CVE-2025-54874",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54874"
},
{
"name": "CVE-2017-3617",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3617"
},
{
"name": "CVE-2024-53124",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53124"
},
{
"name": "CVE-2025-38293",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38293"
},
{
"name": "CVE-2025-58057",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58057"
},
{
"name": "CVE-2025-21830",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21830"
},
{
"name": "CVE-2018-12600",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12600"
},
{
"name": "CVE-2025-4877",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4877"
},
{
"name": "CVE-2021-41771",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41771"
},
{
"name": "CVE-2025-8291",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8291"
},
{
"name": "CVE-2020-14781",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14781"
},
{
"name": "CVE-2016-3189",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3189"
},
{
"name": "CVE-2023-4154",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4154"
},
{
"name": "CVE-2025-38184",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38184"
},
{
"name": "CVE-2017-3615",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3615"
},
{
"name": "CVE-2022-0714",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0714"
},
{
"name": "CVE-2023-45290",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45290"
},
{
"name": "CVE-2023-28320",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28320"
},
{
"name": "CVE-2025-9340",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9340"
},
{
"name": "CVE-2023-24758",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24758"
},
{
"name": "CVE-2025-55552",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55552"
},
{
"name": "CVE-2025-30683",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30683"
},
{
"name": "CVE-2025-30699",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30699"
},
{
"name": "CVE-2025-61921",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61921"
},
{
"name": "CVE-2024-4030",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4030"
},
{
"name": "CVE-2025-27587",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27587"
},
{
"name": "CVE-2016-7531",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7531"
},
{
"name": "CVE-2006-3082",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-3082"
},
{
"name": "CVE-2023-5341",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5341"
},
{
"name": "CVE-2025-8534",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8534"
},
{
"name": "CVE-2025-21767",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21767"
},
{
"name": "CVE-2025-3262",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3262"
},
{
"name": "CVE-2025-21986",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21986"
},
{
"name": "CVE-2025-22866",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22866"
},
{
"name": "CVE-2025-1390",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1390"
},
{
"name": "CVE-2024-33599",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33599"
},
{
"name": "CVE-2023-34968",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34968"
},
{
"name": "CVE-2024-0743",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0743"
},
{
"name": "CVE-2025-21961",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21961"
},
{
"name": "CVE-2025-38458",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38458"
},
{
"name": "CVE-2025-6297",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6297"
},
{
"name": "CVE-2016-10062",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10062"
},
{
"name": "CVE-2025-21764",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21764"
},
{
"name": "CVE-2024-57974",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57974"
},
{
"name": "CVE-2024-58093",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58093"
},
{
"name": "CVE-2023-34152",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34152"
},
{
"name": "CVE-2022-43249",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43249"
},
{
"name": "CVE-2025-38034",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38034"
},
{
"name": "CVE-2024-58085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58085"
},
{
"name": "CVE-2024-34158",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34158"
},
{
"name": "CVE-2017-3608",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3608"
},
{
"name": "CVE-2025-47268",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47268"
},
{
"name": "CVE-2025-21690",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21690"
},
{
"name": "CVE-2025-30754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30754"
},
{
"name": "CVE-2024-57996",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57996"
},
{
"name": "CVE-2025-38135",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38135"
},
{
"name": "CVE-2023-28484",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28484"
},
{
"name": "CVE-2022-43242",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43242"
},
{
"name": "CVE-2019-2708",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2708"
},
{
"name": "CVE-2025-38312",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38312"
},
{
"name": "CVE-2016-0692",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0692"
},
{
"name": "CVE-2019-14844",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14844"
},
{
"name": "CVE-2022-21366",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21366"
},
{
"name": "CVE-2022-30630",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30630"
},
{
"name": "CVE-2025-22233",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22233"
},
{
"name": "CVE-2025-38464",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38464"
},
{
"name": "CVE-2025-21946",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21946"
},
{
"name": "CVE-2025-21838",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21838"
},
{
"name": "CVE-2025-21982",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21982"
},
{
"name": "CVE-2025-21867",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21867"
},
{
"name": "CVE-2025-21666",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21666"
},
{
"name": "CVE-2023-0802",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0802"
},
{
"name": "CVE-2025-53859",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53859"
},
{
"name": "CVE-2023-46219",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46219"
},
{
"name": "CVE-2025-47910",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47910"
},
{
"name": "CVE-2025-21828",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21828"
},
{
"name": "CVE-2023-47038",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47038"
},
{
"name": "CVE-2025-23167",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23167"
},
{
"name": "CVE-2025-38363",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38363"
},
{
"name": "CVE-2025-21704",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21704"
},
{
"name": "CVE-2025-21936",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21936"
},
{
"name": "CVE-2022-0865",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0865"
},
{
"name": "CVE-2023-5981",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5981"
},
{
"name": "CVE-2025-38319",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38319"
},
{
"name": "CVE-2025-43859",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43859"
},
{
"name": "CVE-2024-58013",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58013"
},
{
"name": "CVE-2022-0529",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0529"
},
{
"name": "CVE-2023-27043",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27043"
},
{
"name": "CVE-2016-7514",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7514"
},
{
"name": "CVE-2015-4782",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4782"
},
{
"name": "CVE-2025-21909",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21909"
},
{
"name": "CVE-2022-2056",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2056"
},
{
"name": "CVE-2025-9092",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9092"
},
{
"name": "CVE-2025-21766",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21766"
},
{
"name": "CVE-2025-38457",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38457"
},
{
"name": "CVE-2024-54677",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-54677"
},
{
"name": "CVE-2021-3598",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3598"
},
{
"name": "CVE-2025-21880",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21880"
},
{
"name": "CVE-2025-50094",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50094"
},
{
"name": "CVE-2021-35559",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35559"
},
{
"name": "CVE-2025-21959",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21959"
},
{
"name": "CVE-2024-38809",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38809"
},
{
"name": "CVE-2025-38212",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38212"
},
{
"name": "CVE-2017-3610",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3610"
},
{
"name": "CVE-2023-1264",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1264"
},
{
"name": "CVE-2023-0217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0217"
},
{
"name": "CVE-2024-58266",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58266"
},
{
"name": "CVE-2025-38298",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38298"
},
{
"name": "CVE-2024-30172",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-30172"
},
{
"name": "CVE-2025-50098",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50098"
},
{
"name": "CVE-2022-43552",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43552"
},
{
"name": "CVE-2018-1000076",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000076"
},
{
"name": "CVE-2022-4293",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4293"
},
{
"name": "CVE-2025-37974",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37974"
},
{
"name": "CVE-2025-5915",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5915"
},
{
"name": "CVE-2024-57834",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57834"
},
{
"name": "CVE-2025-55197",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55197"
},
{
"name": "CVE-2022-32743",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32743"
},
{
"name": "CVE-2025-55558",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55558"
},
{
"name": "CVE-2022-21291",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21291"
},
{
"name": "CVE-2024-58017",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58017"
},
{
"name": "CVE-2025-5917",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5917"
},
{
"name": "CVE-2025-26603",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-26603"
},
{
"name": "CVE-2023-35116",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35116"
},
{
"name": "CVE-2025-38078",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38078"
},
{
"name": "CVE-2025-21809",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21809"
},
{
"name": "CVE-2025-38419",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38419"
},
{
"name": "CVE-2024-45490",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45490"
},
{
"name": "CVE-2021-32490",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32490"
},
{
"name": "CVE-2020-27768",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27768"
},
{
"name": "CVE-2024-38820",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38820"
},
{
"name": "CVE-2025-50086",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50086"
},
{
"name": "CVE-2016-5118",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5118"
},
{
"name": "CVE-2022-3786",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3786"
},
{
"name": "CVE-2023-46045",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46045"
},
{
"name": "CVE-2025-37889",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37889"
},
{
"name": "CVE-2021-3995",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3995"
},
{
"name": "CVE-2015-4788",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4788"
},
{
"name": "CVE-2025-55557",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55557"
},
{
"name": "CVE-2024-12085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12085"
},
{
"name": "CVE-2022-24599",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24599"
},
{
"name": "CVE-2025-21981",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21981"
},
{
"name": "CVE-2025-38211",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38211"
},
{
"name": "CVE-2025-2999",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2999"
},
{
"name": "CVE-2023-48795",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48795"
},
{
"name": "CVE-2025-21910",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21910"
},
{
"name": "CVE-2021-35452",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35452"
},
{
"name": "CVE-2025-6965",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6965"
},
{
"name": "CVE-2023-28319",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28319"
},
{
"name": "CVE-2021-35565",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35565"
},
{
"name": "CVE-2020-10251",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10251"
},
{
"name": "CVE-2024-11584",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11584"
},
{
"name": "CVE-2024-45491",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45491"
},
{
"name": "CVE-2025-50182",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50182"
},
{
"name": "CVE-2025-47906",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47906"
},
{
"name": "CVE-2020-2981",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2981"
},
{
"name": "CVE-2025-21745",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21745"
},
{
"name": "CVE-2025-21791",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21791"
},
{
"name": "CVE-2020-18781",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-18781"
},
{
"name": "CVE-2025-7709",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7709"
},
{
"name": "CVE-2024-52559",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52559"
},
{
"name": "CVE-2025-38077",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38077"
},
{
"name": "CVE-2025-38251",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38251"
},
{
"name": "CVE-2022-22576",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22576"
},
{
"name": "CVE-2025-38120",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38120"
},
{
"name": "CVE-2017-7186",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7186"
},
{
"name": "CVE-2025-38285",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38285"
},
{
"name": "CVE-2025-59375",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59375"
},
{
"name": "CVE-2025-37750",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37750"
},
{
"name": "CVE-2021-39293",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39293"
},
{
"name": "CVE-2025-21795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21795"
},
{
"name": "CVE-2025-8194",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8194"
},
{
"name": "CVE-2025-22014",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22014"
},
{
"name": "CVE-2025-38161",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38161"
},
{
"name": "CVE-2025-9640",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9640"
},
{
"name": "CVE-2022-1897",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1897"
},
{
"name": "CVE-2022-43248",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43248"
},
{
"name": "CVE-2016-3418",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3418"
},
{
"name": "CVE-2022-29824",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29824"
},
{
"name": "CVE-2024-58081",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58081"
},
{
"name": "CVE-2022-1705",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1705"
},
{
"name": "CVE-2024-11053",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11053"
},
{
"name": "CVE-2024-7264",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7264"
},
{
"name": "CVE-2025-21814",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21814"
},
{
"name": "CVE-2025-50082",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50082"
},
{
"name": "CVE-2017-6829",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6829"
},
{
"name": "CVE-2025-32462",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32462"
},
{
"name": "CVE-2025-40027",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40027"
},
{
"name": "CVE-2025-50097",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50097"
},
{
"name": "CVE-2021-4214",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4214"
},
{
"name": "CVE-2025-21911",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21911"
},
{
"name": "CVE-2023-24752",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24752"
},
{
"name": "CVE-2025-50181",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50181"
},
{
"name": "CVE-2024-21742",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21742"
},
{
"name": "CVE-2022-43245",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43245"
},
{
"name": "CVE-2015-2656",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2656"
},
{
"name": "CVE-2025-50084",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50084"
},
{
"name": "CVE-2018-9133",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9133"
},
{
"name": "CVE-2025-50079",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50079"
},
{
"name": "CVE-2025-38115",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38115"
},
{
"name": "CVE-2025-21758",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21758"
},
{
"name": "CVE-2023-0767",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0767"
},
{
"name": "CVE-2025-21816",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21816"
},
{
"name": "CVE-2025-1795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1795"
},
{
"name": "CVE-2021-35603",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35603"
},
{
"name": "CVE-2025-21996",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21996"
},
{
"name": "CVE-2021-36410",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36410"
},
{
"name": "CVE-2025-21780",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21780"
},
{
"name": "CVE-2017-3612",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3612"
},
{
"name": "CVE-2024-12705",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12705"
},
{
"name": "CVE-2025-38153",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38153"
},
{
"name": "CVE-2025-21787",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21787"
},
{
"name": "CVE-2023-28487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28487"
},
{
"name": "CVE-2023-22067",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22067"
},
{
"name": "CVE-2023-31439",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31439"
},
{
"name": "CVE-2023-51074",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51074"
},
{
"name": "CVE-2023-23915",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23915"
},
{
"name": "CVE-2025-4517",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4517"
},
{
"name": "CVE-2018-1000074",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000074"
},
{
"name": "CVE-2025-37785",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37785"
},
{
"name": "CVE-2025-21776",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21776"
},
{
"name": "CVE-2024-58003",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58003"
},
{
"name": "CVE-2025-21917",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21917"
},
{
"name": "CVE-2025-21706",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21706"
},
{
"name": "CVE-2025-48964",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48964"
},
{
"name": "CVE-2025-55193",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55193"
},
{
"name": "CVE-2025-38395",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38395"
},
{
"name": "CVE-2023-29499",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29499"
},
{
"name": "CVE-2025-21574",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21574"
},
{
"name": "CVE-2022-42011",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42011"
},
{
"name": "CVE-2023-39318",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39318"
},
{
"name": "CVE-2025-38337",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38337"
},
{
"name": "CVE-2025-21957",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21957"
},
{
"name": "CVE-2025-38727",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38727"
},
{
"name": "CVE-2022-41720",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41720"
},
{
"name": "CVE-2024-1013",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-1013"
},
{
"name": "CVE-2022-0319",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0319"
},
{
"name": "CVE-2025-4674",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4674"
},
{
"name": "CVE-2025-30258",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30258"
},
{
"name": "CVE-2025-21999",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21999"
},
{
"name": "CVE-2025-4565",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4565"
},
{
"name": "CVE-2022-41716",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41716"
},
{
"name": "CVE-2025-38465",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38465"
},
{
"name": "CVE-2024-56406",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56406"
},
{
"name": "CVE-2025-38513",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38513"
},
{
"name": "CVE-2025-21736",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21736"
},
{
"name": "CVE-2025-21997",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21997"
},
{
"name": "CVE-2025-21741",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21741"
},
{
"name": "CVE-2020-18032",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-18032"
},
{
"name": "CVE-2017-6833",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6833"
},
{
"name": "CVE-2025-21808",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21808"
},
{
"name": "CVE-2019-8324",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8324"
},
{
"name": "CVE-2020-2754",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2754"
},
{
"name": "CVE-2025-38086",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38086"
},
{
"name": "CVE-2024-24788",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24788"
},
{
"name": "CVE-2024-58076",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58076"
},
{
"name": "CVE-2023-24751",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24751"
},
{
"name": "CVE-2025-21708",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21708"
},
{
"name": "CVE-2015-4784",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4784"
},
{
"name": "CVE-2021-4048",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4048"
},
{
"name": "CVE-2023-4527",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4527"
},
{
"name": "CVE-2022-2980",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2980"
},
{
"name": "CVE-2025-5278",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5278"
},
{
"name": "CVE-2025-21992",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21992"
},
{
"name": "CVE-2025-21720",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21720"
},
{
"name": "CVE-2025-32463",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32463"
},
{
"name": "CVE-2015-7747",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7747"
},
{
"name": "CVE-2025-52999",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52999"
},
{
"name": "CVE-2023-34055",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34055"
},
{
"name": "CVE-2024-41965",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41965"
},
{
"name": "CVE-2020-14796",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14796"
},
{
"name": "CVE-2024-56433",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56433"
},
{
"name": "CVE-2023-0464",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0464"
},
{
"name": "CVE-2025-55004",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55004"
},
{
"name": "CVE-2014-8139",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-8139"
},
{
"name": "CVE-2025-21580",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21580"
},
{
"name": "CVE-2022-29526",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29526"
},
{
"name": "CVE-2025-5318",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5318"
},
{
"name": "CVE-2025-38003",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38003"
},
{
"name": "CVE-2025-38441",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38441"
},
{
"name": "CVE-2023-51767",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51767"
},
{
"name": "CVE-2025-7783",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7783"
},
{
"name": "CVE-2023-6918",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6918"
},
{
"name": "CVE-2023-38037",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38037"
},
{
"name": "CVE-2012-5783",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-5783"
},
{
"name": "CVE-2022-2519",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2519"
},
{
"name": "CVE-2025-55754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55754"
},
{
"name": "CVE-2025-53023",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53023"
},
{
"name": "CVE-2025-21711",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21711"
},
{
"name": "CVE-2025-2998",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2998"
},
{
"name": "CVE-2023-51792",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51792"
},
{
"name": "CVE-2021-20313",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20313"
},
{
"name": "CVE-2022-30633",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30633"
},
{
"name": "CVE-2023-23931",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23931"
},
{
"name": "CVE-2025-21575",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21575"
},
{
"name": "CVE-2025-21978",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21978"
},
{
"name": "CVE-2019-16777",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16777"
},
{
"name": "CVE-2025-21760",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21760"
},
{
"name": "CVE-2023-45913",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45913"
},
{
"name": "CVE-2018-13153",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-13153"
},
{
"name": "CVE-2022-0530",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0530"
},
{
"name": "CVE-2023-48236",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48236"
},
{
"name": "CVE-2025-21947",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21947"
},
{
"name": "CVE-2025-21913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21913"
},
{
"name": "CVE-2023-34474",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34474"
},
{
"name": "CVE-2025-21665",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21665"
},
{
"name": "CVE-2025-38227",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38227"
},
{
"name": "CVE-2018-1000079",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000079"
},
{
"name": "CVE-2025-4435",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4435"
},
{
"name": "CVE-2024-58079",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58079"
},
{
"name": "CVE-2025-21966",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21966"
},
{
"name": "CVE-2025-21577",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21577"
},
{
"name": "CVE-2021-45931",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45931"
},
{
"name": "CVE-2025-38079",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38079"
},
{
"name": "CVE-2021-28544",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-28544"
},
{
"name": "CVE-2021-46828",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46828"
},
{
"name": "CVE-2025-21734",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21734"
},
{
"name": "CVE-2025-32728",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32728"
},
{
"name": "CVE-2023-2804",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2804"
},
{
"name": "CVE-2025-21970",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21970"
},
{
"name": "CVE-2021-44964",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44964"
},
{
"name": "CVE-2025-6141",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6141"
},
{
"name": "CVE-2022-42012",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42012"
},
{
"name": "CVE-2018-14437",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14437"
},
{
"name": "CVE-2024-13978",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-13978"
},
{
"name": "CVE-2025-21890",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21890"
},
{
"name": "CVE-2025-61984",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61984"
},
{
"name": "CVE-2021-3596",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3596"
},
{
"name": "CVE-2025-21916",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21916"
},
{
"name": "CVE-2025-21925",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21925"
},
{
"name": "CVE-2024-57883",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57883"
},
{
"name": "CVE-2022-21628",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21628"
},
{
"name": "CVE-2017-6830",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6830"
},
{
"name": "CVE-2025-21927",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21927"
},
{
"name": "CVE-2021-3520",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3520"
},
{
"name": "CVE-2024-47814",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47814"
},
{
"name": "CVE-2022-2923",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2923"
},
{
"name": "CVE-2025-21799",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21799"
},
{
"name": "CVE-2024-21011",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21011"
},
{
"name": "CVE-2025-6020",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6020"
},
{
"name": "CVE-2015-2626",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2626"
},
{
"name": "CVE-2024-45336",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45336"
},
{
"name": "CVE-2025-21748",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21748"
},
{
"name": "CVE-2025-21785",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21785"
},
{
"name": "CVE-2020-10029",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10029"
},
{
"name": "CVE-2025-7425",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7425"
},
{
"name": "CVE-2023-3978",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3978"
},
{
"name": "CVE-2021-46310",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46310"
},
{
"name": "CVE-2022-36227",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36227"
},
{
"name": "CVE-2021-2369",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2369"
},
{
"name": "CVE-2025-21883",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21883"
},
{
"name": "CVE-2023-29469",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29469"
},
{
"name": "CVE-2024-5535",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5535"
},
{
"name": "CVE-2025-38074",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38074"
},
{
"name": "CVE-2024-58086",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58086"
},
{
"name": "CVE-2025-38119",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38119"
},
{
"name": "CVE-2025-38245",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38245"
},
{
"name": "CVE-2022-37454",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37454"
},
{
"name": "CVE-2021-36770",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36770"
},
{
"name": "CVE-2025-21898",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21898"
},
{
"name": "CVE-2020-14152",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14152"
},
{
"name": "CVE-2025-38324",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38324"
},
{
"name": "CVE-2025-22868",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22868"
},
{
"name": "CVE-2021-36976",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36976"
},
{
"name": "CVE-2024-58051",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58051"
},
{
"name": "CVE-2023-3164",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3164"
},
{
"name": "CVE-2022-3597",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3597"
},
{
"name": "CVE-2023-27535",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27535"
},
{
"name": "CVE-2022-27775",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27775"
},
{
"name": "CVE-2024-56337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56337"
},
{
"name": "CVE-2024-12718",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12718"
},
{
"name": "CVE-2018-25032",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-25032"
},
{
"name": "CVE-2025-9390",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9390"
},
{
"name": "CVE-2025-62813",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62813"
},
{
"name": "CVE-2025-21857",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21857"
},
{
"name": "CVE-2019-9904",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9904"
},
{
"name": "CVE-2025-23085",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23085"
},
{
"name": "CVE-2022-42919",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42919"
},
{
"name": "CVE-2024-0450",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0450"
},
{
"name": "CVE-2025-9165",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9165"
},
{
"name": "CVE-2023-1981",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1981"
},
{
"name": "CVE-2023-30571",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30571"
},
{
"name": "CVE-2022-2231",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2231"
},
{
"name": "CVE-2025-46150",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46150"
},
{
"name": "CVE-2024-12801",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12801"
},
{
"name": "CVE-2024-5642",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5642"
},
{
"name": "CVE-2024-3219",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3219"
},
{
"name": "CVE-2025-21812",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21812"
},
{
"name": "CVE-2015-4781",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4781"
},
{
"name": "CVE-2023-23914",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23914"
},
{
"name": "CVE-2025-38542",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38542"
},
{
"name": "CVE-2025-38344",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38344"
},
{
"name": "CVE-2023-28120",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28120"
},
{
"name": "CVE-2025-37797",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37797"
},
{
"name": "CVE-2025-21848",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21848"
},
{
"name": "CVE-2021-3999",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3999"
},
{
"name": "CVE-2012-6153",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-6153"
},
{
"name": "CVE-2025-38088",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38088"
},
{
"name": "CVE-2025-50096",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50096"
},
{
"name": "CVE-2022-30632",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30632"
},
{
"name": "CVE-2024-47554",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47554"
},
{
"name": "CVE-2022-27774",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27774"
},
{
"name": "CVE-2025-21683",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21683"
},
{
"name": "CVE-2025-38332",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38332"
},
{
"name": "CVE-2020-35492",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35492"
},
{
"name": "CVE-2025-21908",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21908"
},
{
"name": "CVE-2023-1289",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1289"
},
{
"name": "CVE-2025-38386",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38386"
},
{
"name": "CVE-2023-6349",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6349"
},
{
"name": "CVE-2024-2004",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2004"
},
{
"name": "CVE-2017-3605",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3605"
},
{
"name": "CVE-2025-9232",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9232"
},
{
"name": "CVE-2025-23165",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23165"
},
{
"name": "CVE-2022-40303",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40303"
},
{
"name": "CVE-2023-0801",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0801"
},
{
"name": "CVE-2025-9341",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9341"
},
{
"name": "CVE-2023-29406",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29406"
},
{
"name": "CVE-2017-7244",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7244"
},
{
"name": "CVE-2023-39319",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39319"
},
{
"name": "CVE-2025-21895",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21895"
},
{
"name": "CVE-2025-61795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61795"
},
{
"name": "CVE-2025-1377",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1377"
},
{
"name": "CVE-2025-30705",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30705"
},
{
"name": "CVE-2018-16412",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-16412"
},
{
"name": "CVE-2025-22005",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22005"
},
{
"name": "CVE-2019-6462",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6462"
},
{
"name": "CVE-2025-21935",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21935"
},
{
"name": "CVE-2022-4645",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4645"
},
{
"name": "CVE-2021-32493",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32493"
},
{
"name": "CVE-2023-24754",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24754"
},
{
"name": "CVE-2020-29509",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-29509"
},
{
"name": "CVE-2023-5568",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5568"
},
{
"name": "CVE-2023-38470",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38470"
},
{
"name": "CVE-2025-21675",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21675"
},
{
"name": "CVE-2023-34967",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34967"
},
{
"name": "CVE-2025-38237",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38237"
},
{
"name": "CVE-2025-38174",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38174"
},
{
"name": "CVE-2025-8713",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8713"
},
{
"name": "CVE-2025-21587",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21587"
},
{
"name": "CVE-2022-2869",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2869"
},
{
"name": "CVE-2021-4189",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4189"
},
{
"name": "CVE-2025-50088",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50088"
},
{
"name": "CVE-2024-24785",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24785"
},
{
"name": "CVE-2023-35945",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35945"
},
{
"name": "CVE-2024-45993",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45993"
},
{
"name": "CVE-2025-6170",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6170"
},
{
"name": "CVE-2021-35937",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35937"
},
{
"name": "CVE-2024-58019",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58019"
},
{
"name": "CVE-2025-9900",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9900"
},
{
"name": "CVE-2024-26146",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26146"
},
{
"name": "CVE-2025-21888",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21888"
},
{
"name": "CVE-2025-21866",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21866"
},
{
"name": "CVE-2023-40745",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40745"
},
{
"name": "CVE-2022-1962",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1962"
},
{
"name": "CVE-2024-45337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45337"
},
{
"name": "CVE-2025-3730",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3730"
},
{
"name": "CVE-2025-22010",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22010"
},
{
"name": "CVE-2024-25260",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25260"
},
{
"name": "CVE-2024-21147",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21147"
},
{
"name": "CVE-2025-38037",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38037"
},
{
"name": "CVE-2017-3609",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3609"
},
{
"name": "CVE-2024-57990",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57990"
},
{
"name": "CVE-2021-29921",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29921"
},
{
"name": "CVE-2022-41717",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41717"
},
{
"name": "CVE-2014-9636",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9636"
},
{
"name": "CVE-2025-5351",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5351"
},
{
"name": "CVE-2025-52520",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52520"
},
{
"name": "CVE-2022-1622",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1622"
},
{
"name": "CVE-2017-3611",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3611"
},
{
"name": "CVE-2024-53427",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53427"
},
{
"name": "CVE-2022-2521",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2521"
},
{
"name": "CVE-2023-49582",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-49582"
},
{
"name": "CVE-2025-43857",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43857"
},
{
"name": "CVE-2025-31344",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31344"
},
{
"name": "CVE-2025-21976",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21976"
},
{
"name": "CVE-2023-28321",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28321"
},
{
"name": "CVE-2024-57975",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57975"
},
{
"name": "CVE-2020-14581",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14581"
},
{
"name": "CVE-2024-7254",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7254"
},
{
"name": "CVE-2021-32491",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32491"
},
{
"name": "CVE-2025-50077",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50077"
},
{
"name": "CVE-2022-2309",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2309"
},
{
"name": "CVE-2024-52533",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52533"
},
{
"name": "CVE-2023-24536",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24536"
},
{
"name": "CVE-2023-22025",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22025"
},
{
"name": "CVE-2021-43527",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43527"
},
{
"name": "CVE-2022-0924",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0924"
},
{
"name": "CVE-2025-24014",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24014"
},
{
"name": "CVE-2022-33068",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-33068"
},
{
"name": "CVE-2025-38342",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38342"
},
{
"name": "CVE-2025-54988",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54988"
},
{
"name": "CVE-2024-58068",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58068"
},
{
"name": "CVE-2025-23083",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23083"
},
{
"name": "CVE-2015-4777",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4777"
},
{
"name": "CVE-2025-7039",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7039"
},
{
"name": "CVE-2025-38167",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38167"
},
{
"name": "CVE-2022-42915",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42915"
},
{
"name": "CVE-2023-0687",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0687"
},
{
"name": "CVE-2024-57998",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57998"
},
{
"name": "CVE-2021-3426",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3426"
},
{
"name": "CVE-2022-32221",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32221"
},
{
"name": "CVE-2022-1304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1304"
},
{
"name": "CVE-2021-2388",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2388"
},
{
"name": "CVE-2022-37434",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37434"
},
{
"name": "CVE-2025-38257",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38257"
},
{
"name": "CVE-2022-29458",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29458"
},
{
"name": "CVE-2025-38206",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38206"
},
{
"name": "CVE-2019-12900",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12900"
},
{
"name": "CVE-2023-5156",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5156"
},
{
"name": "CVE-2024-39908",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39908"
},
{
"name": "CVE-2025-27220",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27220"
},
{
"name": "CVE-2021-32256",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32256"
},
{
"name": "CVE-2022-22942",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22942"
},
{
"name": "CVE-2024-38950",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38950"
},
{
"name": "CVE-2025-55163",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55163"
},
{
"name": "CVE-2025-21862",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21862"
},
{
"name": "CVE-2023-47282",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47282"
},
{
"name": "CVE-2016-20012",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-20012"
},
{
"name": "CVE-2025-38111",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38111"
},
{
"name": "CVE-2024-0553",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0553"
},
{
"name": "CVE-2022-44638",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-44638"
},
{
"name": "CVE-2019-8325",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8325"
},
{
"name": "CVE-2025-21950",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21950"
},
{
"name": "CVE-2025-5918",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5918"
},
{
"name": "CVE-2019-3792",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3792"
},
{
"name": "CVE-2022-43235",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43235"
},
{
"name": "CVE-2025-50092",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50092"
},
{
"name": "CVE-2025-50099",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50099"
},
{
"name": "CVE-2017-3614",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3614"
},
{
"name": "CVE-2022-0562",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0562"
},
{
"name": "CVE-2022-28131",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28131"
},
{
"name": "CVE-2025-22001",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22001"
},
{
"name": "CVE-2024-10524",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10524"
},
{
"name": "CVE-2025-40017",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40017"
},
{
"name": "CVE-2023-45919",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45919"
},
{
"name": "CVE-2025-38326",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38326"
},
{
"name": "CVE-2025-3263",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3263"
},
{
"name": "CVE-2025-4878",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4878"
},
{
"name": "CVE-2018-15607",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-15607"
},
{
"name": "CVE-2025-21899",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21899"
},
{
"name": "CVE-2025-32990",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32990"
},
{
"name": "CVE-2025-38384",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38384"
},
{
"name": "CVE-2025-40778",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40778"
},
{
"name": "CVE-2025-21719",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21719"
},
{
"name": "CVE-2025-38424",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38424"
},
{
"name": "CVE-2025-38430",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38430"
},
{
"name": "CVE-2025-21718",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21718"
},
{
"name": "CVE-2025-3001",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3001"
},
{
"name": "CVE-2025-9288",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9288"
},
{
"name": "CVE-2021-35588",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35588"
},
{
"name": "CVE-2022-32545",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32545"
},
{
"name": "CVE-2025-21694",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21694"
},
{
"name": "CVE-2025-41244",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41244"
},
{
"name": "CVE-2022-24675",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24675"
},
{
"name": "CVE-2023-2603",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2603"
},
{
"name": "CVE-2025-21820",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21820"
},
{
"name": "CVE-2017-6838",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6838"
},
{
"name": "CVE-2024-41946",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41946"
},
{
"name": "CVE-2025-4802",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4802"
},
{
"name": "CVE-2024-21140",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21140"
},
{
"name": "CVE-2024-41817",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41817"
},
{
"name": "CVE-2024-57979",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57979"
},
{
"name": "CVE-2024-58071",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58071"
},
{
"name": "CVE-2025-21994",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21994"
},
{
"name": "CVE-2025-30684",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30684"
},
{
"name": "CVE-2017-6835",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6835"
},
{
"name": "CVE-2024-21094",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21094"
},
{
"name": "CVE-2025-48989",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48989"
},
{
"name": "CVE-2024-9143",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9143"
},
{
"name": "CVE-2023-0799",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0799"
},
{
"name": "CVE-2024-12087",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12087"
},
{
"name": "CVE-2025-38420",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38420"
},
{
"name": "CVE-2021-3521",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3521"
},
{
"name": "CVE-2022-23806",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23806"
},
{
"name": "CVE-2022-21365",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21365"
},
{
"name": "CVE-2025-21943",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21943"
},
{
"name": "CVE-2019-16775",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16775"
},
{
"name": "CVE-2024-57997",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57997"
},
{
"name": "CVE-2025-38160",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38160"
},
{
"name": "CVE-2024-33601",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33601"
},
{
"name": "CVE-2025-32989",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32989"
},
{
"name": "CVE-2025-6051",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6051"
},
{
"name": "CVE-2022-21283",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21283"
},
{
"name": "CVE-2022-31782",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-31782"
},
{
"name": "CVE-2025-50093",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50093"
},
{
"name": "CVE-2025-38107",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38107"
},
{
"name": "CVE-2025-32434",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32434"
},
{
"name": "CVE-2025-22874",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22874"
},
{
"name": "CVE-2025-53069",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53069"
},
{
"name": "CVE-2025-38085",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38085"
},
{
"name": "CVE-2025-21806",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21806"
},
{
"name": "CVE-2025-38222",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38222"
},
{
"name": "CVE-2025-38197",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38197"
},
{
"name": "CVE-2022-1271",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1271"
},
{
"name": "CVE-2024-28085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28085"
},
{
"name": "CVE-2022-43253",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43253"
},
{
"name": "CVE-2021-36221",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36221"
},
{
"name": "CVE-2024-57977",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57977"
},
{
"name": "CVE-2018-1000075",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000075"
},
{
"name": "CVE-2025-53019",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53019"
},
{
"name": "CVE-2020-14782",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14782"
},
{
"name": "CVE-2025-50059",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50059"
},
{
"name": "CVE-2024-5569",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5569"
},
{
"name": "CVE-2024-57952",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57952"
},
{
"name": "CVE-2025-53367",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53367"
},
{
"name": "CVE-2025-21579",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21579"
},
{
"name": "CVE-2021-45942",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45942"
},
{
"name": "CVE-2022-1615",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1615"
},
{
"name": "CVE-2025-21928",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21928"
},
{
"name": "CVE-2021-20246",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20246"
},
{
"name": "CVE-2025-21707",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21707"
},
{
"name": "CVE-2023-24755",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24755"
},
{
"name": "CVE-2024-34156",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34156"
},
{
"name": "CVE-2022-2880",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2880"
},
{
"name": "CVE-2025-5025",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5025"
},
{
"name": "CVE-2023-21937",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21937"
},
{
"name": "CVE-2022-23773",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23773"
},
{
"name": "CVE-2025-22007",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22007"
},
{
"name": "CVE-2023-24539",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24539"
},
{
"name": "CVE-2024-27281",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27281"
},
{
"name": "CVE-2025-38467",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38467"
},
{
"name": "CVE-2024-34459",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34459"
},
{
"name": "CVE-2025-21804",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21804"
},
{
"name": "CVE-2021-34558",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-34558"
},
{
"name": "CVE-2021-3737",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3737"
},
{
"name": "CVE-2025-49795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49795"
},
{
"name": "CVE-2017-6837",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6837"
},
{
"name": "CVE-2014-9913",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9913"
},
{
"name": "CVE-2025-21934",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21934"
},
{
"name": "CVE-2025-38072",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38072"
},
{
"name": "CVE-2025-53044",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53044"
},
{
"name": "CVE-2023-6237",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6237"
},
{
"name": "CVE-2024-37407",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37407"
},
{
"name": "CVE-2015-4775",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4775"
},
{
"name": "CVE-2025-22011",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22011"
},
{
"name": "CVE-2022-1725",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1725"
},
{
"name": "CVE-2022-43252",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43252"
},
{
"name": "CVE-2023-0614",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0614"
},
{
"name": "CVE-2016-0694",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0694"
},
{
"name": "CVE-2023-6228",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6228"
},
{
"name": "CVE-2021-46848",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46848"
},
{
"name": "CVE-2024-5197",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5197"
},
{
"name": "CVE-2020-21606",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-21606"
},
{
"name": "CVE-2025-38075",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38075"
},
{
"name": "CVE-2025-38000",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38000"
},
{
"name": "CVE-2022-40674",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40674"
},
{
"name": "CVE-2025-1376",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1376"
},
{
"name": "CVE-2025-30761",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30761"
},
{
"name": "CVE-2001-1269",
"url": "https://www.cve.org/CVERecord?id=CVE-2001-1269"
},
{
"name": "CVE-2025-50087",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50087"
},
{
"name": "CVE-2024-22365",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22365"
},
{
"name": "CVE-2025-38058",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38058"
},
{
"name": "CVE-2023-20873",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-20873"
},
{
"name": "CVE-2024-47535",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47535"
},
{
"name": "CVE-2022-4450",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4450"
},
{
"name": "CVE-2025-38617",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38617"
},
{
"name": "CVE-2025-21762",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21762"
},
{
"name": "CVE-2023-47169",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47169"
},
{
"name": "CVE-2025-38122",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38122"
},
{
"name": "CVE-2025-21801",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21801"
},
{
"name": "CVE-2024-7592",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7592"
},
{
"name": "CVE-2025-48988",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48988"
},
{
"name": "CVE-2025-38083",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38083"
},
{
"name": "CVE-2023-2650",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2650"
},
{
"name": "CVE-2023-0795",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0795"
},
{
"name": "CVE-2015-2583",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2583"
},
{
"name": "CVE-2025-21692",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21692"
},
{
"name": "CVE-2025-38173",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38173"
},
{
"name": "CVE-2022-21434",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21434"
},
{
"name": "CVE-2025-2148",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2148"
},
{
"name": "CVE-2024-2236",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2236"
},
{
"name": "CVE-2025-38143",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38143"
},
{
"name": "CVE-2023-4039",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4039"
},
{
"name": "CVE-2025-45768",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-45768"
},
{
"name": "CVE-2023-38469",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38469"
},
{
"name": "CVE-2024-38428",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38428"
},
{
"name": "CVE-2022-3821",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3821"
},
{
"name": "CVE-2014-3577",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-3577"
},
{
"name": "CVE-2025-21869",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21869"
},
{
"name": "CVE-2025-1365",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1365"
},
{
"name": "CVE-2023-32570",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32570"
},
{
"name": "CVE-2025-54410",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54410"
},
{
"name": "CVE-2023-52970",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52970"
},
{
"name": "CVE-2022-3996",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3996"
},
{
"name": "CVE-2024-25062",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25062"
},
{
"name": "CVE-2016-5841",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5841"
},
{
"name": "CVE-2022-2879",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2879"
},
{
"name": "CVE-2025-53101",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53101"
},
{
"name": "CVE-2022-32205",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32205"
},
{
"name": "CVE-2023-27534",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27534"
},
{
"name": "CVE-2024-2398",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2398"
},
{
"name": "CVE-2023-24532",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24532"
},
{
"name": "CVE-2023-27536",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27536"
},
{
"name": "CVE-2025-52434",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52434"
},
{
"name": "CVE-2024-54458",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-54458"
},
{
"name": "CVE-2022-44267",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-44267"
},
{
"name": "CVE-2024-26141",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26141"
},
{
"name": "CVE-2015-4783",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4783"
},
{
"name": "CVE-2019-8321",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8321"
},
{
"name": "CVE-2025-21826",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21826"
},
{
"name": "CVE-2025-29768",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-29768"
},
{
"name": "CVE-2015-4774",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4774"
},
{
"name": "CVE-2023-50495",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50495"
},
{
"name": "CVE-2022-23772",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23772"
},
{
"name": "CVE-2022-21294",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21294"
},
{
"name": "CVE-2025-21750",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21750"
},
{
"name": "CVE-2017-11164",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-11164"
},
{
"name": "CVE-2024-57924",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57924"
},
{
"name": "CVE-2025-21912",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21912"
},
{
"name": "CVE-2018-13440",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-13440"
},
{
"name": "CVE-2022-42898",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42898"
},
{
"name": "CVE-2025-46393",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46393"
},
{
"name": "CVE-2022-43551",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43551"
},
{
"name": "CVE-2021-0561",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0561"
},
{
"name": "CVE-2018-12599",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12599"
},
{
"name": "CVE-2025-21859",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21859"
},
{
"name": "CVE-2025-38416",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38416"
},
{
"name": "CVE-2022-1587",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1587"
},
{
"name": "CVE-2025-21825",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21825"
},
{
"name": "CVE-2025-30698",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30698"
},
{
"name": "CVE-2017-7246",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7246"
},
{
"name": "CVE-2020-2755",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2755"
},
{
"name": "CVE-2025-8714",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8714"
},
{
"name": "CVE-2023-27533",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27533"
},
{
"name": "CVE-2022-0284",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0284"
},
{
"name": "CVE-2017-7500",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7500"
},
{
"name": "CVE-2025-9086",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9086"
},
{
"name": "CVE-2025-49124",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49124"
},
{
"name": "CVE-2023-6481",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6481"
},
{
"name": "CVE-2024-58016",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58016"
},
{
"name": "CVE-2020-14779",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14779"
},
{
"name": "CVE-2025-21903",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21903"
},
{
"name": "CVE-2021-41772",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41772"
},
{
"name": "CVE-2021-32292",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32292"
},
{
"name": "CVE-2025-38194",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38194"
},
{
"name": "CVE-2024-0727",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0727"
},
{
"name": "CVE-2023-6378",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6378"
},
{
"name": "CVE-2024-10041",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10041"
},
{
"name": "CVE-2023-6129",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6129"
},
{
"name": "CVE-2022-34903",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34903"
},
{
"name": "CVE-2023-1667",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1667"
},
{
"name": "CVE-2022-2953",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2953"
},
{
"name": "CVE-2022-43238",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43238"
},
{
"name": "CVE-2025-3121",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3121"
},
{
"name": "CVE-2022-4899",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4899"
},
{
"name": "CVE-2022-43680",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43680"
},
{
"name": "CVE-2025-21956",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21956"
},
{
"name": "CVE-2024-20696",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20696"
},
{
"name": "CVE-2025-21761",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21761"
},
{
"name": "CVE-2025-46149",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46149"
},
{
"name": "CVE-2021-26945",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26945"
},
{
"name": "CVE-2025-37932",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37932"
},
{
"name": "CVE-2022-3219",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3219"
},
{
"name": "CVE-2025-46152",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46152"
},
{
"name": "CVE-2025-37890",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37890"
},
{
"name": "CVE-2024-57951",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57951"
},
{
"name": "CVE-2025-4673",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4673"
},
{
"name": "CVE-2022-34169",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34169"
},
{
"name": "CVE-2025-38348",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38348"
},
{
"name": "CVE-2023-34969",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34969"
},
{
"name": "CVE-2025-21844",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21844"
},
{
"name": "CVE-2025-21885",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21885"
},
{
"name": "CVE-2020-22916",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-22916"
},
{
"name": "CVE-2025-21784",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21784"
},
{
"name": "CVE-2025-31672",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31672"
},
{
"name": "CVE-2025-21681",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21681"
},
{
"name": "CVE-2023-22045",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22045"
},
{
"name": "CVE-2025-38540",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38540"
},
{
"name": "CVE-2025-5916",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5916"
},
{
"name": "CVE-2025-21676",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21676"
},
{
"name": "CVE-2025-30721",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30721"
},
{
"name": "CVE-2025-38403",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38403"
},
{
"name": "CVE-2022-28463",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28463"
},
{
"name": "CVE-2022-23308",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23308"
},
{
"name": "CVE-2025-21726",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21726"
},
{
"name": "CVE-2023-29400",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29400"
},
{
"name": "CVE-2025-58056",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58056"
},
{
"name": "CVE-2025-22871",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22871"
},
{
"name": "CVE-2018-3779",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3779"
},
{
"name": "CVE-2024-21138",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21138"
},
{
"name": "CVE-2020-28196",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28196"
},
{
"name": "CVE-2024-27407",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27407"
},
{
"name": "CVE-2025-41232",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41232"
},
{
"name": "CVE-2024-58020",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58020"
},
{
"name": "CVE-2025-50091",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50091"
},
{
"name": "CVE-2025-10911",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-10911"
},
{
"name": "CVE-2025-32988",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32988"
},
{
"name": "CVE-2021-31566",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-31566"
},
{
"name": "CVE-2024-10963",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10963"
},
{
"name": "CVE-2022-28805",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28805"
},
{
"name": "CVE-2024-26461",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26461"
},
{
"name": "CVE-2024-34750",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34750"
},
{
"name": "CVE-2021-29923",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29923"
},
{
"name": "CVE-2017-3604",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3604"
},
{
"name": "CVE-2025-21723",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21723"
},
{
"name": "CVE-2023-0804",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0804"
},
{
"name": "CVE-2023-22049",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22049"
},
{
"name": "CVE-2024-24787",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24787"
},
{
"name": "CVE-2025-21802",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21802"
},
{
"name": "CVE-2022-21341",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21341"
},
{
"name": "CVE-2025-38146",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38146"
},
{
"name": "CVE-2025-21705",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21705"
},
{
"name": "CVE-2024-38828",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38828"
},
{
"name": "CVE-2023-27538",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27538"
},
{
"name": "CVE-2022-1355",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1355"
},
{
"name": "CVE-2025-47291",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47291"
},
{
"name": "CVE-2023-4641",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4641"
},
{
"name": "CVE-2025-27113",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27113"
},
{
"name": "CVE-2024-47081",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47081"
},
{
"name": "CVE-2023-36054",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36054"
},
{
"name": "CVE-2024-26458",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26458"
},
{
"name": "CVE-2025-38418",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38418"
},
{
"name": "CVE-2025-38090",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38090"
},
{
"name": "CVE-2025-21721",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21721"
},
{
"name": "CVE-2025-21810",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21810"
},
{
"name": "CVE-2022-1420",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1420"
},
{
"name": "CVE-2022-23218",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23218"
},
{
"name": "CVE-2021-24031",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-24031"
},
{
"name": "CVE-2025-23166",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23166"
},
{
"name": "CVE-2022-41724",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41724"
},
{
"name": "CVE-2025-46153",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46153"
},
{
"name": "CVE-2025-21877",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21877"
},
{
"name": "CVE-2023-0797",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0797"
},
{
"name": "CVE-2025-5994",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5994"
},
{
"name": "CVE-2021-38115",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-38115"
},
{
"name": "CVE-2025-38415",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38415"
},
{
"name": "CVE-2021-31879",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-31879"
},
{
"name": "CVE-2024-55549",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-55549"
},
{
"name": "CVE-2020-8908",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8908"
},
{
"name": "CVE-2024-49887",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49887"
},
{
"name": "CVE-2025-22134",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22134"
},
{
"name": "CVE-2021-35578",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35578"
},
{
"name": "CVE-2025-1215",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1215"
},
{
"name": "CVE-2024-6119",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6119"
},
{
"name": "CVE-2023-1916",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1916"
},
{
"name": "CVE-2021-20309",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20309"
},
{
"name": "CVE-2022-29217",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29217"
},
{
"name": "CVE-2024-0397",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0397"
},
{
"name": "CVE-2022-30634",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30634"
},
{
"name": "CVE-2023-38472",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38472"
},
{
"name": "CVE-2024-56826",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56826"
},
{
"name": "CVE-2017-12643",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12643"
},
{
"name": "CVE-2024-57953",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57953"
},
{
"name": "CVE-2020-14583",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14583"
},
{
"name": "CVE-2025-24294",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24294"
},
{
"name": "CVE-2023-48232",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48232"
},
{
"name": "CVE-2021-26720",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26720"
},
{
"name": "CVE-2025-54801",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54801"
},
{
"name": "CVE-2025-40909",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40909"
},
{
"name": "CVE-2025-53054",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53054"
},
{
"name": "CVE-2025-21878",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21878"
},
{
"name": "CVE-2023-24756",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24756"
},
{
"name": "CVE-2017-3607",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3607"
},
{
"name": "CVE-2021-44716",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44716"
},
{
"name": "CVE-2022-2520",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2520"
},
{
"name": "CVE-2022-21340",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21340"
},
{
"name": "CVE-2024-47874",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47874"
},
{
"name": "CVE-2025-21670",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21670"
},
{
"name": "CVE-2025-9403",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9403"
},
{
"name": "CVE-2023-1255",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1255"
},
{
"name": "CVE-2025-21739",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21739"
},
{
"name": "CVE-2016-4074",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4074"
},
{
"name": "CVE-2024-0746",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0746"
},
{
"name": "CVE-2025-21775",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21775"
},
{
"name": "CVE-2024-12254",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12254"
},
{
"name": "CVE-2025-21846",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21846"
},
{
"name": "CVE-2022-33099",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-33099"
},
{
"name": "CVE-2023-45931",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45931"
},
{
"name": "CVE-2025-8114",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8114"
},
{
"name": "CVE-2025-38400",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38400"
},
{
"name": "CVE-2023-6004",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6004"
},
{
"name": "CVE-2025-32387",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32387"
},
{
"name": "CVE-2024-26775",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26775"
},
{
"name": "CVE-2022-25309",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25309"
},
{
"name": "CVE-2025-4516",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4516"
},
{
"name": "CVE-2025-38136",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38136"
},
{
"name": "CVE-2024-38808",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38808"
},
{
"name": "CVE-2025-22869",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22869"
},
{
"name": "CVE-2024-12747",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12747"
},
{
"name": "CVE-2022-3358",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3358"
},
{
"name": "CVE-2023-41175",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-41175"
},
{
"name": "CVE-2023-48234",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48234"
},
{
"name": "CVE-2025-55212",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55212"
},
{
"name": "CVE-2022-36087",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36087"
},
{
"name": "CVE-2022-32547",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32547"
},
{
"name": "CVE-2025-6021",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6021"
},
{
"name": "CVE-2022-0351",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0351"
},
{
"name": "CVE-2022-35737",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-35737"
},
{
"name": "CVE-2022-21293",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21293"
},
{
"name": "CVE-2022-2097",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2097"
},
{
"name": "CVE-2022-26280",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26280"
},
{
"name": "CVE-2025-37752",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37752"
},
{
"name": "CVE-2025-55668",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55668"
},
{
"name": "CVE-2023-7008",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-7008"
},
{
"name": "CVE-2022-1354",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1354"
},
{
"name": "CVE-2023-24540",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24540"
},
{
"name": "CVE-2025-21873",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21873"
},
{
"name": "CVE-2024-4603",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4603"
},
{
"name": "CVE-2025-38048",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38048"
},
{
"name": "CVE-2019-13147",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-13147"
},
{
"name": "CVE-2025-50104",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50104"
},
{
"name": "CVE-2025-25193",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-25193"
},
{
"name": "CVE-2020-2800",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2800"
},
{
"name": "CVE-2024-8096",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8096"
},
{
"name": "CVE-2018-11655",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11655"
},
{
"name": "CVE-2022-4415",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4415"
},
{
"name": "CVE-2022-2928",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2928"
},
{
"name": "CVE-2025-21765",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21765"
},
{
"name": "CVE-2023-3576",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3576"
},
{
"name": "CVE-2025-38477",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38477"
},
{
"name": "CVE-2023-4806",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4806"
},
{
"name": "CVE-2025-61772",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61772"
},
{
"name": "CVE-2025-57803",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-57803"
},
{
"name": "CVE-2023-46246",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46246"
},
{
"name": "CVE-2025-21782",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21782"
},
{
"name": "CVE-2023-31437",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31437"
},
{
"name": "CVE-2023-47039",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47039"
},
{
"name": "CVE-2025-30722",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30722"
},
{
"name": "CVE-2024-43802",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43802"
},
{
"name": "CVE-2025-38177",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38177"
},
{
"name": "CVE-2016-2781",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2781"
},
{
"name": "CVE-2023-31484",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31484"
},
{
"name": "CVE-2024-56827",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56827"
},
{
"name": "CVE-2023-29383",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29383"
},
{
"name": "CVE-2024-21145",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21145"
},
{
"name": "CVE-2022-32206",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32206"
},
{
"name": "CVE-2023-37769",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-37769"
},
{
"name": "CVE-2025-21926",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21926"
},
{
"name": "CVE-2022-21282",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21282"
},
{
"name": "CVE-2022-21349",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21349"
},
{
"name": "CVE-2020-29511",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-29511"
},
{
"name": "CVE-2024-50602",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50602"
},
{
"name": "CVE-2015-7697",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7697"
},
{
"name": "CVE-2025-22870",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22870"
},
{
"name": "CVE-2025-21742",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21742"
},
{
"name": "CVE-2025-30687",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30687"
},
{
"name": "CVE-2023-21968",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21968"
},
{
"name": "CVE-2022-43243",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43243"
},
{
"name": "CVE-2024-58002",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58002"
},
{
"name": "CVE-2017-16231",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-16231"
},
{
"name": "CVE-2025-38406",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38406"
},
{
"name": "CVE-2025-50101",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50101"
},
{
"name": "CVE-2025-21930",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21930"
},
{
"name": "CVE-2021-35942",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35942"
},
{
"name": "CVE-2025-46701",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46701"
},
{
"name": "CVE-2025-38001",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38001"
},
{
"name": "CVE-2025-32415",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32415"
},
{
"name": "CVE-2025-24855",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24855"
},
{
"name": "CVE-2025-5702",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5702"
},
{
"name": "CVE-2025-21870",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21870"
},
{
"name": "CVE-2017-9409",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9409"
},
{
"name": "CVE-2023-24537",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24537"
},
{
"name": "CVE-2018-1000077",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000077"
},
{
"name": "CVE-2025-21892",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21892"
},
{
"name": "CVE-2024-58052",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58052"
},
{
"name": "CVE-2025-21944",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21944"
},
{
"name": "CVE-2025-21905",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21905"
},
{
"name": "CVE-2024-30171",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-30171"
},
{
"name": "CVE-2024-23337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23337"
},
{
"name": "CVE-2016-0689",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0689"
},
{
"name": "CVE-2025-38352",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38352"
},
{
"name": "CVE-2025-30749",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30749"
},
{
"name": "CVE-2024-54456",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-54456"
},
{
"name": "CVE-2025-61748",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61748"
},
{
"name": "CVE-2025-21920",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21920"
},
{
"name": "CVE-2025-55554",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55554"
},
{
"name": "CVE-2024-43168",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43168"
},
{
"name": "CVE-2014-8140",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-8140"
},
{
"name": "CVE-2025-22235",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22235"
},
{
"name": "CVE-2025-22016",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22016"
},
{
"name": "CVE-2025-4207",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4207"
},
{
"name": "CVE-2021-45346",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45346"
},
{
"name": "CVE-2025-37756",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37756"
},
{
"name": "CVE-2022-0908",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0908"
},
{
"name": "CVE-2025-38263",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38263"
},
{
"name": "CVE-2025-21667",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21667"
},
{
"name": "CVE-2025-9230",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9230"
},
{
"name": "CVE-2024-46901",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46901"
},
{
"name": "CVE-2023-49083",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-49083"
},
{
"name": "CVE-2025-21955",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21955"
},
{
"name": "CVE-2025-8677",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8677"
},
{
"name": "CVE-2025-21773",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21773"
},
{
"name": "CVE-2025-53040",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53040"
},
{
"name": "CVE-2025-38218",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38218"
},
{
"name": "CVE-2023-45287",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45287"
},
{
"name": "CVE-2025-53906",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53906"
},
{
"name": "CVE-2025-27789",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27789"
},
{
"name": "CVE-2025-1352",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1352"
},
{
"name": "CVE-2024-43167",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43167"
},
{
"name": "CVE-2021-28861",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-28861"
},
{
"name": "CVE-2024-4741",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4741"
},
{
"name": "CVE-2022-21248",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21248"
},
{
"name": "CVE-2021-33574",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33574"
},
{
"name": "CVE-2018-1000035",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000035"
},
{
"name": "CVE-2021-40211",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-40211"
},
{
"name": "CVE-2025-48924",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48924"
},
{
"name": "CVE-2024-58001",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58001"
},
{
"name": "CVE-2025-38393",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38393"
},
{
"name": "CVE-2024-26256",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26256"
},
{
"name": "CVE-2023-21930",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21930"
},
{
"name": "CVE-2019-18276",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-18276"
},
{
"name": "CVE-2025-38618",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38618"
},
{
"name": "CVE-2021-3326",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3326"
},
{
"name": "CVE-2023-2283",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2283"
},
{
"name": "CVE-2020-0499",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0499"
},
{
"name": "CVE-2025-8916",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8916"
},
{
"name": "CVE-2025-21724",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21724"
},
{
"name": "CVE-2025-32414",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32414"
},
{
"name": "CVE-2025-8885",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8885"
},
{
"name": "CVE-2025-3136",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3136"
},
{
"name": "CVE-2025-55160",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55160"
},
{
"name": "CVE-2025-21891",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21891"
},
{
"name": "CVE-2025-38249",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38249"
},
{
"name": "CVE-2023-40403",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40403"
},
{
"name": "CVE-2025-22013",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22013"
},
{
"name": "CVE-2024-50157",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50157"
},
{
"name": "CVE-2022-48703",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48703"
},
{
"name": "CVE-2025-38154",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38154"
},
{
"name": "CVE-2022-1674",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1674"
},
{
"name": "CVE-2024-20918",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20918"
},
{
"name": "CVE-2025-21858",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21858"
},
{
"name": "CVE-2025-41249",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41249"
},
{
"name": "CVE-2022-30699",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30699"
},
{
"name": "CVE-2025-21672",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21672"
},
{
"name": "CVE-2025-38389",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38389"
},
{
"name": "CVE-2025-38448",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38448"
},
{
"name": "CVE-2022-48281",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48281"
},
{
"name": "CVE-2023-2426",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2426"
},
{
"name": "CVE-2021-35938",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35938"
},
{
"name": "CVE-2025-30704",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30704"
},
{
"name": "CVE-2021-35564",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35564"
},
{
"name": "CVE-2024-57949",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57949"
},
{
"name": "CVE-2025-1632",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1632"
},
{
"name": "CVE-2021-20176",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20176"
},
{
"name": "CVE-2025-21979",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21979"
},
{
"name": "CVE-2022-3278",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3278"
},
{
"name": "CVE-2022-30580",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30580"
},
{
"name": "CVE-2025-21821",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21821"
},
{
"name": "CVE-2022-28321",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28321"
},
{
"name": "CVE-2025-55298",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55298"
},
{
"name": "CVE-2022-43241",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43241"
},
{
"name": "CVE-2017-3606",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3606"
},
{
"name": "CVE-2023-52969",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52969"
},
{
"name": "CVE-2018-1000073",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000073"
},
{
"name": "CVE-2025-38052",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38052"
},
{
"name": "CVE-2025-38377",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38377"
},
{
"name": "CVE-2023-20883",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-20883"
},
{
"name": "CVE-2025-21733",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21733"
},
{
"name": "CVE-2023-22656",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22656"
},
{
"name": "CVE-2025-46551",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46551"
},
{
"name": "CVE-2025-43965",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43965"
},
{
"name": "CVE-2022-40090",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40090"
},
{
"name": "CVE-2021-36408",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36408"
},
{
"name": "CVE-2023-24329",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24329"
},
{
"name": "CVE-2025-21963",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21963"
},
{
"name": "CVE-2025-53045",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53045"
},
{
"name": "CVE-2023-39327",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39327"
},
{
"name": "CVE-2017-18253",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18253"
},
{
"name": "CVE-2024-12243",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12243"
},
{
"name": "CVE-2024-26462",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26462"
},
{
"name": "CVE-2024-58053",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58053"
},
{
"name": "CVE-2025-38516",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38516"
},
{
"name": "CVE-2025-30693",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30693"
},
{
"name": "CVE-2025-38462",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38462"
},
{
"name": "CVE-2025-38350",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38350"
},
{
"name": "CVE-2025-38428",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38428"
},
{
"name": "CVE-2025-27363",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27363"
},
{
"name": "CVE-2018-13410",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-13410"
},
{
"name": "CVE-2025-2099",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2099"
},
{
"name": "CVE-2025-38262",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38262"
},
{
"name": "CVE-2025-6638",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6638"
},
{
"name": "CVE-2025-21585",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21585"
},
{
"name": "CVE-2023-24531",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24531"
},
{
"name": "CVE-2025-38138",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38138"
},
{
"name": "CVE-2021-3610",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3610"
},
{
"name": "CVE-2024-58077",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58077"
},
{
"name": "CVE-2025-5283",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5283"
},
{
"name": "CVE-2025-21754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21754"
},
{
"name": "CVE-2024-12088",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12088"
},
{
"name": "CVE-2023-24538",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24538"
},
{
"name": "CVE-2025-38035",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38035"
},
{
"name": "CVE-2023-2975",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2975"
},
{
"name": "CVE-2025-37997",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37997"
},
{
"name": "CVE-2025-24928",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24928"
},
{
"name": "CVE-2021-44717",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44717"
},
{
"name": "CVE-2025-2312",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2312"
},
{
"name": "CVE-2025-0395",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0395"
},
{
"name": "CVE-2025-53506",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53506"
},
{
"name": "CVE-2025-21960",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21960"
},
{
"name": "CVE-2025-38310",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38310"
},
{
"name": "CVE-2025-23084",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23084"
},
{
"name": "CVE-2015-4786",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4786"
},
{
"name": "CVE-2020-14155",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14155"
},
{
"name": "CVE-2022-3602",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3602"
},
{
"name": "CVE-2025-37963",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37963"
},
{
"name": "CVE-2022-43250",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43250"
},
{
"name": "CVE-2022-40304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40304"
},
{
"name": "CVE-2025-38226",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38226"
},
{
"name": "CVE-2025-4947",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4947"
},
{
"name": "CVE-2023-4911",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4911"
},
{
"name": "CVE-2022-29804",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29804"
},
{
"name": "CVE-2023-38473",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38473"
},
{
"name": "CVE-2025-38443",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38443"
},
{
"name": "CVE-2025-0725",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0725"
},
{
"name": "CVE-2023-2976",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2976"
},
{
"name": "CVE-2025-52099",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52099"
},
{
"name": "CVE-2023-43887",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-43887"
},
{
"name": "CVE-2025-21967",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21967"
},
{
"name": "CVE-2025-7424",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7424"
},
{
"name": "CVE-2025-1094",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1094"
},
{
"name": "CVE-2021-24032",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-24032"
},
{
"name": "CVE-2025-38439",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38439"
},
{
"name": "CVE-2022-1434",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1434"
},
{
"name": "CVE-2025-41254",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41254"
},
{
"name": "CVE-2022-21496",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21496"
},
{
"name": "CVE-2022-41723",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41723"
},
{
"name": "CVE-2020-2757",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2757"
},
{
"name": "CVE-2025-53864",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53864"
},
{
"name": "CVE-2025-38145",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38145"
},
{
"name": "CVE-2022-2598",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2598"
},
{
"name": "CVE-2020-27829",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27829"
},
{
"name": "CVE-2024-4032",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4032"
},
{
"name": "CVE-2025-37948",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37948"
},
{
"name": "CVE-2021-27645",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-27645"
},
{
"name": "CVE-2025-21863",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21863"
},
{
"name": "CVE-2025-21856",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21856"
},
{
"name": "CVE-2025-53053",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53053"
},
{
"name": "CVE-2022-2509",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2509"
},
{
"name": "CVE-2024-28835",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28835"
},
{
"name": "CVE-2025-54388",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54388"
},
{
"name": "CVE-2025-21749",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21749"
},
{
"name": "CVE-2017-6839",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6839"
},
{
"name": "CVE-2023-1906",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1906"
},
{
"name": "CVE-2025-40025",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40025"
},
{
"name": "CVE-2025-38051",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38051"
},
{
"name": "CVE-2021-35556",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35556"
},
{
"name": "CVE-2025-49796",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49796"
},
{
"name": "CVE-2022-34526",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34526"
},
{
"name": "CVE-2025-8058",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8058"
},
{
"name": "CVE-2023-47471",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47471"
},
{
"name": "CVE-2022-2868",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2868"
},
{
"name": "CVE-2022-1771",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1771"
},
{
"name": "CVE-2025-21945",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21945"
},
{
"name": "CVE-2021-32492",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32492"
},
{
"name": "CVE-2023-39323",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39323"
},
{
"name": "CVE-2023-29402",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29402"
},
{
"name": "CVE-2025-55005",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55005"
},
{
"name": "CVE-2025-32955",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32955"
},
{
"name": "CVE-2025-8732",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8732"
},
{
"name": "CVE-2025-38044",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38044"
},
{
"name": "CVE-2022-1586",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1586"
},
{
"name": "CVE-2023-39326",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39326"
},
{
"name": "CVE-2024-52616",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52616"
},
{
"name": "CVE-2025-38498",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38498"
},
{
"name": "CVE-2025-40015",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40015"
},
{
"name": "CVE-2024-21085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21085"
},
{
"name": "CVE-2025-21673",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21673"
},
{
"name": "CVE-2025-21829",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21829"
},
{
"name": "CVE-2025-21502",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21502"
},
{
"name": "CVE-2024-57999",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57999"
},
{
"name": "CVE-2018-16645",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-16645"
},
{
"name": "CVE-2025-22008",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22008"
},
{
"name": "CVE-2023-38039",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38039"
},
{
"name": "CVE-2023-29409",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29409"
},
{
"name": "CVE-2022-21443",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21443"
},
{
"name": "CVE-2025-21969",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21969"
},
{
"name": "CVE-2025-38200",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38200"
},
{
"name": "CVE-2025-40007",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40007"
},
{
"name": "CVE-2024-58072",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58072"
},
{
"name": "CVE-2025-38273",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38273"
},
{
"name": "CVE-2025-38346",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38346"
},
{
"name": "CVE-2025-55315",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55315"
},
{
"name": "CVE-2018-11813",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11813"
},
{
"name": "CVE-2025-21722",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21722"
},
{
"name": "CVE-2024-50379",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50379"
},
{
"name": "CVE-2021-35560",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35560"
},
{
"name": "CVE-2023-39325",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39325"
},
{
"name": "CVE-2025-21793",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21793"
},
{
"name": "CVE-2022-2719",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2719"
},
{
"name": "CVE-2025-21581",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21581"
},
{
"name": "CVE-2022-45873",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45873"
},
{
"name": "CVE-2023-34151",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34151"
},
{
"name": "CVE-2023-51384",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51384"
},
{
"name": "CVE-2021-43809",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43809"
},
{
"name": "CVE-2025-5914",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5914"
},
{
"name": "CVE-2015-1606",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1606"
},
{
"name": "CVE-2025-21894",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21894"
},
{
"name": "CVE-2025-21919",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21919"
},
{
"name": "CVE-2023-3896",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3896"
},
{
"name": "CVE-2023-2908",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2908"
},
{
"name": "CVE-2024-20945",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20945"
},
{
"name": "CVE-2025-58754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58754"
},
{
"name": "CVE-2023-39615",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39615"
},
{
"name": "CVE-2023-24534",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24534"
},
{
"name": "CVE-2025-21854",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21854"
},
{
"name": "CVE-2017-7501",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7501"
},
{
"name": "CVE-2024-21131",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21131"
},
{
"name": "CVE-2023-31486",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31486"
},
{
"name": "CVE-2020-21599",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-21599"
},
{
"name": "CVE-2025-41242",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41242"
},
{
"name": "CVE-2024-21210",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21210"
},
{
"name": "CVE-2013-0340",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-0340"
},
{
"name": "CVE-2023-3446",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3446"
},
{
"name": "CVE-2025-21759",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21759"
},
{
"name": "CVE-2023-32611",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32611"
},
{
"name": "CVE-2024-38816",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38816"
},
{
"name": "CVE-2024-2511",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2511"
},
{
"name": "CVE-2015-20107",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-20107"
},
{
"name": "CVE-2023-39978",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39978"
},
{
"name": "CVE-2024-34397",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34397"
},
{
"name": "CVE-2025-38320",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38320"
},
{
"name": "CVE-2025-53057",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53057"
},
{
"name": "CVE-2024-24786",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24786"
},
{
"name": "CVE-2025-8177",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8177"
},
{
"name": "CVE-2025-21968",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21968"
},
{
"name": "CVE-2024-58083",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58083"
},
{
"name": "CVE-2021-20311",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20311"
},
{
"name": "CVE-2024-58055",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58055"
},
{
"name": "CVE-2025-21991",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21991"
},
{
"name": "CVE-2023-28486",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28486"
},
{
"name": "CVE-2020-27618",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27618"
},
{
"name": "CVE-2024-57993",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57993"
},
{
"name": "CVE-2025-21887",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21887"
},
{
"name": "CVE-2023-6246",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6246"
},
{
"name": "CVE-2021-20241",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20241"
},
{
"name": "CVE-2017-12674",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12674"
},
{
"name": "CVE-2023-0800",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0800"
},
{
"name": "CVE-2025-62171",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62171"
},
{
"name": "CVE-2025-38280",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38280"
},
{
"name": "CVE-2023-5388",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5388"
},
{
"name": "CVE-2018-1000078",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000078"
},
{
"name": "CVE-2020-2756",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2756"
},
{
"name": "CVE-2025-50950",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50950"
},
{
"name": "CVE-2020-21605",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-21605"
},
{
"name": "CVE-2024-54534",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-54534"
},
{
"name": "CVE-2023-21967",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21967"
},
{
"name": "CVE-2025-38084",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38084"
},
{
"name": "CVE-2024-34155",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34155"
},
{
"name": "CVE-2022-23219",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23219"
},
{
"name": "CVE-2017-1000476",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000476"
},
{
"name": "CVE-2015-2640",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2640"
},
{
"name": "CVE-2025-30685",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30685"
},
{
"name": "CVE-2024-41123",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41123"
},
{
"name": "CVE-2025-6921",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6921"
},
{
"name": "CVE-2015-8863",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8863"
},
{
"name": "CVE-2022-21619",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21619"
},
{
"name": "CVE-2025-30695",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30695"
},
{
"name": "CVE-2025-30688",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30688"
},
{
"name": "CVE-2023-5752",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5752"
},
{
"name": "CVE-2018-11656",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11656"
},
{
"name": "CVE-2025-38103",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38103"
},
{
"name": "CVE-2022-2127",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2127"
},
{
"name": "CVE-2021-25217",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-25217"
},
{
"name": "CVE-2025-38514",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38514"
},
{
"name": "CVE-2018-19876",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19876"
},
{
"name": "CVE-2025-61780",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61780"
},
{
"name": "CVE-2021-20310",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20310"
},
{
"name": "CVE-2021-20245",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20245"
},
{
"name": "CVE-2021-35561",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35561"
},
{
"name": "CVE-2025-21732",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21732"
},
{
"name": "CVE-2025-38569",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38569"
},
{
"name": "CVE-2022-21476",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21476"
},
{
"name": "CVE-2023-22796",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22796"
},
{
"name": "CVE-2025-21875",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21875"
},
{
"name": "CVE-2023-0361",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0361"
},
{
"name": "CVE-2025-38204",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38204"
},
{
"name": "CVE-2021-40812",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-40812"
},
{
"name": "CVE-2021-4217",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4217"
},
{
"name": "CVE-2023-32643",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32643"
},
{
"name": "CVE-2023-27537",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27537"
},
{
"name": "CVE-2025-22015",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22015"
},
{
"name": "CVE-2025-53066",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53066"
},
{
"name": "CVE-2023-5678",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5678"
},
{
"name": "CVE-2024-2961",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2961"
},
{
"name": "CVE-2025-21962",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21962"
},
{
"name": "CVE-2025-29786",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-29786"
},
{
"name": "CVE-2025-21832",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21832"
},
{
"name": "CVE-2024-12133",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12133"
},
{
"name": "CVE-2024-24784",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24784"
},
{
"name": "CVE-2022-27780",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27780"
},
{
"name": "CVE-2018-9135",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9135"
},
{
"name": "CVE-2025-38410",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38410"
},
{
"name": "CVE-2025-21790",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21790"
},
{
"name": "CVE-2024-52316",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52316"
},
{
"name": "CVE-2024-21217",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21217"
},
{
"name": "CVE-2021-39212",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39212"
},
{
"name": "CVE-2024-28182",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28182"
},
{
"name": "CVE-2024-58014",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58014"
},
{
"name": "CVE-2025-21680",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21680"
},
{
"name": "CVE-2025-0167",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0167"
},
{
"name": "CVE-2017-12433",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12433"
},
{
"name": "CVE-2025-21924",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21924"
},
{
"name": "CVE-2021-3574",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3574"
},
{
"name": "CVE-2023-6597",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6597"
},
{
"name": "CVE-2024-20952",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20952"
},
{
"name": "CVE-2022-21541",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21541"
},
{
"name": "CVE-2025-22227",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22227"
},
{
"name": "CVE-2025-47273",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47273"
},
{
"name": "CVE-2025-27221",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27221"
},
{
"name": "CVE-2024-24789",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24789"
},
{
"name": "CVE-2024-58006",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58006"
},
{
"name": "CVE-2025-21710",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21710"
},
{
"name": "CVE-2022-21360",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21360"
},
{
"name": "CVE-2025-22088",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22088"
},
{
"name": "CVE-2025-38460",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38460"
},
{
"name": "CVE-2022-27664",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27664"
},
{
"name": "CVE-2022-25858",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25858"
},
{
"name": "CVE-2022-21296",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21296"
},
{
"name": "CVE-2022-48303",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48303"
},
{
"name": "CVE-2025-38345",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38345"
},
{
"name": "CVE-2022-21540",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21540"
},
{
"name": "CVE-2025-21815",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21815"
},
{
"name": "CVE-2025-50083",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50083"
},
{
"name": "CVE-2024-37371",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37371"
},
{
"name": "CVE-2017-6836",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6836"
},
{
"name": "CVE-2021-3500",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3500"
},
{
"name": "CVE-2022-25310",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25310"
},
{
"name": "CVE-2023-38545",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38545"
},
{
"name": "CVE-2021-43618",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43618"
},
{
"name": "CVE-2021-20251",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20251"
},
{
"name": "CVE-2025-21669",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21669"
},
{
"name": "CVE-2016-1000027",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1000027"
},
{
"name": "CVE-2021-33621",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33621"
},
{
"name": "CVE-2025-57807",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-57807"
},
{
"name": "CVE-2025-38231",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38231"
},
{
"name": "CVE-2022-26488",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26488"
},
{
"name": "CVE-2025-21716",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21716"
},
{
"name": "CVE-2024-49761",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49761"
},
{
"name": "CVE-2024-6345",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6345"
},
{
"name": "CVE-2025-3777",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3777"
},
{
"name": "CVE-2025-21964",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21964"
},
{
"name": "CVE-2024-0567",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0567"
},
{
"name": "CVE-2018-18384",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-18384"
},
{
"name": "CVE-2024-58080",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58080"
},
{
"name": "CVE-2025-21744",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21744"
},
{
"name": "CVE-2024-21208",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21208"
},
{
"name": "CVE-2023-32665",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32665"
},
{
"name": "CVE-2025-31498",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31498"
},
{
"name": "CVE-2022-30698",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30698"
},
{
"name": "CVE-2023-31438",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31438"
},
{
"name": "CVE-2024-57986",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57986"
},
{
"name": "CVE-2021-37750",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37750"
},
{
"name": "CVE-2025-3576",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3576"
},
{
"name": "CVE-2023-23916",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23916"
},
{
"name": "CVE-2021-20244",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20244"
},
{
"name": "CVE-2025-38181",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38181"
},
{
"name": "CVE-2025-21835",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21835"
},
{
"name": "CVE-2025-38391",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38391"
},
{
"name": "CVE-2025-11411",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11411"
},
{
"name": "CVE-2020-14577",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14577"
},
{
"name": "CVE-2022-3570",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3570"
},
{
"name": "CVE-2016-9844",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9844"
},
{
"name": "CVE-2019-13136",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-13136"
},
{
"name": "CVE-2025-49014",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49014"
},
{
"name": "CVE-2021-36222",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36222"
},
{
"name": "CVE-2021-3941",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3941"
},
{
"name": "CVE-2022-0561",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0561"
},
{
"name": "CVE-2024-6923",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6923"
},
{
"name": "CVE-2025-21811",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21811"
},
{
"name": "CVE-2024-8088",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8088"
},
{
"name": "CVE-2025-48734",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48734"
},
{
"name": "CVE-2025-11226",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11226"
}
],
"initial_release_date": "2025-11-06T00:00:00",
"last_revision_date": "2025-11-06T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-0969",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-11-06T00:00:00.000000"
}
],
"risks": [
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits VMware. Elles permettent \u00e0 un attaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits VMware",
"vendor_advisories": [
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36320",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36320"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36423",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36423"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2022-19",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36364"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-53",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36351"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36424",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36424"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36412",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36412"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36388",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36388"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36426",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36426"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36411",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36411"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36357",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36357"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36408",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36408"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36349",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36349"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36414",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36414"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36397",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36397"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36389",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36389"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36398",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36398"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36380",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36380"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-41",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36407"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36362",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36362"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36413",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36413"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36384",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36384"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36379",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36379"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36400",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36400"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36377",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36377"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36368",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36368"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36418",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36418"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36420",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36420"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36391",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36391"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36392",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36392"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36353",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36353"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-14",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36356"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36422",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36422"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36381",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36381"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36421",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36421"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36416",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36416"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-86",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36415"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36403",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36403"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36347",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36347"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36383",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36383"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36410",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36410"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36352",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36352"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36394",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36394"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36354",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36354"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36399",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36399"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-53",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36350"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36419",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36419"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-85",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36401"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2022-19",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36365"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36405",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36405"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2018-27",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36367"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36395",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36395"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36387",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36387"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36363",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36363"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36385",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36385"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36409",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36409"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-53",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36359"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36348",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36348"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36386",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36386"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36417",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36417"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36425",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36425"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2018-27",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36366"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2024-44",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36360"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36355",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36355"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-53",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36358"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36396",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36396"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36378",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36378"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36382",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36382"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36404",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36404"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2024-44",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36361"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36402",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36402"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36393",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36393"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36406",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36406"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36390",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36390"
}
]
}
CERTFR-2025-AVI-1013
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et un déni de service à distance.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| IBM | AIX | AIX versions 7.2.5 sans le correctif de sécurité IJ55968 SP11 | ||
| IBM | Sterling | Sterling Transformation Extender versions 11.0.2.0 sans le correctif de sécurité PH68819 | ||
| IBM | QRadar | QRadar Network Packet Capture versions 7.5.x antérieures à QRadar Network Packet Capture 7.5.0 Update Package 14 | ||
| IBM | AIX | AIX versions 7.3.2 sans le correctif de sécurité IJ56113 | ||
| IBM | Sterling | Sterling Transformation Extender versions 11.0.1.1 sans le correctif de sécurité PH68819 | ||
| IBM | Sterling | Sterling Transformation Extender versions 11.0.0.0 sans le correctif de sécurité PH68266 | ||
| IBM | WebSphere | WebSphere Application Server versions 9.0.x sans le correctif de sécurité 9.0.5.27 | ||
| IBM | Sterling | Sterling Transformation Extender versions 10.1.1.1 sans le correctif de sécurité PH68266 | ||
| IBM | Db2 | Db2 versions 11.5.x sans le dernier correctif de sécurité | ||
| IBM | Tivoli | Tivoli Application Dependency Discovery Manager versions 7.3.x à 7.3.0.12 sans le correctif de sécurité efix_CVE-2025-48976_FP12250331.zip | ||
| IBM | N/A | QRadar DNS Analyzer App versions antérieures à 2.0.4 | ||
| IBM | Db2 | Db2 versions 12.1.x antérieures à 12.1.3 sans le dernier correctif de sécurité | ||
| IBM | WebSphere | WebSphere Application Server Liberty versions 17.0.0.3 à 25.0.0.11 sans le correctif de sécurité 25.0.0.12 | ||
| IBM | WebSphere | WebSphere Application Server versions 8.5.x sans le correctif de sécurité 8.5.5.29 | ||
| IBM | AIX | AIX versions 7.3.1 sans le correctif de sécurité IJ56230 | ||
| IBM | Cognos Analytics | Cognos Analytics Certified Containers versions 1.2.1.x antérieures à 12.1.1 | ||
| IBM | Sterling | Sterling Transformation Extender versions 10.1.2.1 sans le correctif de sécurité PH68266 | ||
| IBM | Db2 | Db2 versions 11.1.x sans le dernier correctif de sécurité | ||
| IBM | Sterling | Sterling Transformation Extender versions 10.1.0.2 sans le correctif de sécurité PH68266 | ||
| IBM | AIX | AIX versions 7.3.3 sans le correctif de sécurité IJ55897 SP2 | ||
| IBM | Storage Protect | Storage Protect Operations Center versions 8.1.x antérieures à 8.1.27.100 | ||
| IBM | QRadar SIEM | QRadar SIEM versions 7.5 à 7.5.0 IP14 sans les correctif de sécurité QRadar 7.5.0 UP14 IF01 et 7.5.0 QRadar Protocol MicrosoftAzureEventHubs |
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "AIX versions 7.2.5 sans le correctif de s\u00e9curit\u00e9 IJ55968 SP11",
"product": {
"name": "AIX",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Transformation Extender versions 11.0.2.0 sans le correctif de s\u00e9curit\u00e9 PH68819",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "QRadar Network Packet Capture versions 7.5.x ant\u00e9rieures \u00e0 QRadar Network Packet Capture 7.5.0 Update Package 14",
"product": {
"name": "QRadar",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "AIX versions 7.3.2 sans le correctif de s\u00e9curit\u00e9 IJ56113",
"product": {
"name": "AIX",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Transformation Extender versions 11.0.1.1 sans le correctif de s\u00e9curit\u00e9 PH68819",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Transformation Extender versions 11.0.0.0 sans le correctif de s\u00e9curit\u00e9 PH68266",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "WebSphere Application Server versions 9.0.x sans le correctif de s\u00e9curit\u00e9 9.0.5.27",
"product": {
"name": "WebSphere",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Transformation Extender versions 10.1.1.1 sans le correctif de s\u00e9curit\u00e9 PH68266",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Db2 versions 11.5.x sans le dernier correctif de s\u00e9curit\u00e9 ",
"product": {
"name": "Db2",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Tivoli Application Dependency Discovery Manager versions 7.3.x \u00e0 7.3.0.12 sans le correctif de s\u00e9curit\u00e9 efix_CVE-2025-48976_FP12250331.zip",
"product": {
"name": "Tivoli",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "QRadar DNS Analyzer App versions ant\u00e9rieures \u00e0 2.0.4",
"product": {
"name": "N/A",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Db2 versions 12.1.x ant\u00e9rieures \u00e0 12.1.3 sans le dernier correctif de s\u00e9curit\u00e9 ",
"product": {
"name": "Db2",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "WebSphere Application Server Liberty versions 17.0.0.3 \u00e0 25.0.0.11 sans le correctif de s\u00e9curit\u00e9 25.0.0.12",
"product": {
"name": "WebSphere",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "WebSphere Application Server versions 8.5.x sans le correctif de s\u00e9curit\u00e9 8.5.5.29",
"product": {
"name": "WebSphere",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "AIX versions 7.3.1 sans le correctif de s\u00e9curit\u00e9 IJ56230",
"product": {
"name": "AIX",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Cognos Analytics Certified Containers versions 1.2.1.x ant\u00e9rieures \u00e0 12.1.1",
"product": {
"name": "Cognos Analytics",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Transformation Extender versions 10.1.2.1 sans le correctif de s\u00e9curit\u00e9 PH68266",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Db2 versions 11.1.x sans le dernier correctif de s\u00e9curit\u00e9 ",
"product": {
"name": "Db2",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Transformation Extender versions 10.1.0.2 sans le correctif de s\u00e9curit\u00e9 PH68266",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "AIX versions 7.3.3 sans le correctif de s\u00e9curit\u00e9 IJ55897 SP2",
"product": {
"name": "AIX",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Storage Protect Operations Center versions 8.1.x ant\u00e9rieures \u00e0 8.1.27.100",
"product": {
"name": "Storage Protect",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "QRadar SIEM versions 7.5 \u00e0 7.5.0 IP14 sans les correctif de s\u00e9curit\u00e9 QRadar 7.5.0 UP14 IF01 et 7.5.0 QRadar Protocol MicrosoftAzureEventHubs ",
"product": {
"name": "QRadar SIEM",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-6395",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6395"
},
{
"name": "CVE-2025-22026",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22026"
},
{
"name": "CVE-2024-1597",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-1597"
},
{
"name": "CVE-2023-1370",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1370"
},
{
"name": "CVE-2025-36236",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-36236"
},
{
"name": "CVE-2025-49812",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49812"
},
{
"name": "CVE-2025-39757",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39757"
},
{
"name": "CVE-2023-46308",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46308"
},
{
"name": "CVE-2024-49350",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49350"
},
{
"name": "CVE-2025-36251",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-36251"
},
{
"name": "CVE-2025-49146",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49146"
},
{
"name": "CVE-2025-55752",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55752"
},
{
"name": "CVE-2025-38461",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38461"
},
{
"name": "CVE-2025-7962",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7962"
},
{
"name": "CVE-2025-36250",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-36250"
},
{
"name": "CVE-2024-35255",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35255"
},
{
"name": "CVE-2025-50106",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50106"
},
{
"name": "CVE-2025-38527",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38527"
},
{
"name": "CVE-2025-38449",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38449"
},
{
"name": "CVE-2022-41946",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41946"
},
{
"name": "CVE-2025-39730",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39730"
},
{
"name": "CVE-2025-1992",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1992"
},
{
"name": "CVE-2025-30754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30754"
},
{
"name": "CVE-2025-36097",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-36097"
},
{
"name": "CVE-2020-16971",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-16971"
},
{
"name": "CVE-2022-3510",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3510"
},
{
"name": "CVE-2022-3509",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3509"
},
{
"name": "CVE-2025-4565",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4565"
},
{
"name": "CVE-2025-5318",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5318"
},
{
"name": "CVE-2025-36186",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-36186"
},
{
"name": "CVE-2024-56347",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56347"
},
{
"name": "CVE-2025-37797",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37797"
},
{
"name": "CVE-2025-61795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61795"
},
{
"name": "CVE-2024-7254",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7254"
},
{
"name": "CVE-2024-52533",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52533"
},
{
"name": "CVE-2023-53125",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53125"
},
{
"name": "CVE-2025-32990",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32990"
},
{
"name": "CVE-2025-2518",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2518"
},
{
"name": "CVE-2025-41244",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41244"
},
{
"name": "CVE-2022-49985",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49985"
},
{
"name": "CVE-2025-50059",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50059"
},
{
"name": "CVE-2025-1493",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1493"
},
{
"name": "CVE-2025-38556",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38556"
},
{
"name": "CVE-2023-26133",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26133"
},
{
"name": "CVE-2024-47252",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47252"
},
{
"name": "CVE-2025-30761",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30761"
},
{
"name": "CVE-2025-36096",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-36096"
},
{
"name": "CVE-2025-3050",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3050"
},
{
"name": "CVE-2025-38718",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38718"
},
{
"name": "CVE-2025-38392",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38392"
},
{
"name": "CVE-2023-53373",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53373"
},
{
"name": "CVE-2025-32988",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32988"
},
{
"name": "CVE-2025-0915",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0915"
},
{
"name": "CVE-2024-52903",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52903"
},
{
"name": "CVE-2025-38352",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38352"
},
{
"name": "CVE-2025-30749",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30749"
},
{
"name": "CVE-2023-45287",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45287"
},
{
"name": "CVE-2024-56346",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56346"
},
{
"name": "CVE-2025-38350",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38350"
},
{
"name": "CVE-2025-1000",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1000"
},
{
"name": "CVE-2022-31197",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-31197"
},
{
"name": "CVE-2025-40928",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40928"
},
{
"name": "CVE-2022-50087",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50087"
},
{
"name": "CVE-2025-38498",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38498"
},
{
"name": "CVE-2025-53057",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53057"
},
{
"name": "CVE-2022-3171",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3171"
},
{
"name": "CVE-2025-49630",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49630"
},
{
"name": "CVE-2025-53066",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53066"
},
{
"name": "CVE-2025-33150",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-33150"
},
{
"name": "CVE-2025-47273",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47273"
},
{
"name": "CVE-2024-6345",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6345"
},
{
"name": "CVE-2024-57699",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57699"
},
{
"name": "CVE-2024-47619",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47619"
}
],
"initial_release_date": "2025-11-14T00:00:00",
"last_revision_date": "2025-11-14T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-1013",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-11-14T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Injection SQL (SQLi)"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits IBM. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service \u00e0 distance.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
"vendor_advisories": [
{
"published_at": "2025-11-12",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7250959",
"url": "https://www.ibm.com/support/pages/node/7250959"
},
{
"published_at": "2025-11-12",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7249983",
"url": "https://www.ibm.com/support/pages/node/7249983"
},
{
"published_at": "2025-11-11",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7250785",
"url": "https://www.ibm.com/support/pages/node/7250785"
},
{
"published_at": "2025-11-12",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7249992",
"url": "https://www.ibm.com/support/pages/node/7249992"
},
{
"published_at": "2025-11-12",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7249994",
"url": "https://www.ibm.com/support/pages/node/7249994"
},
{
"published_at": "2025-11-12",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7250921",
"url": "https://www.ibm.com/support/pages/node/7250921"
},
{
"published_at": "2025-11-07",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7250486",
"url": "https://www.ibm.com/support/pages/node/7250486"
},
{
"published_at": "2025-11-12",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7250907",
"url": "https://www.ibm.com/support/pages/node/7250907"
},
{
"published_at": "2025-11-07",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7250395",
"url": "https://www.ibm.com/support/pages/node/7250395"
},
{
"published_at": "2025-11-12",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7250956",
"url": "https://www.ibm.com/support/pages/node/7250956"
},
{
"published_at": "2025-11-10",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7250763",
"url": "https://www.ibm.com/support/pages/node/7250763"
},
{
"published_at": "2025-11-07",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7250474",
"url": "https://www.ibm.com/support/pages/node/7250474"
},
{
"published_at": "2025-11-12",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7250971",
"url": "https://www.ibm.com/support/pages/node/7250971"
},
{
"published_at": "2025-11-12",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7250926",
"url": "https://www.ibm.com/support/pages/node/7250926"
},
{
"published_at": "2025-11-13",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7251173",
"url": "https://www.ibm.com/support/pages/node/7251173"
}
]
}
fkie_cve-2025-55752
Vulnerability from fkie_nvd
Published
2025-10-27 18:15
Modified
2025-11-14 17:44
Severity ?
Summary
Relative Path Traversal vulnerability in Apache Tomcat.
The fix for bug 60013 introduced a regression where the rewritten URL was normalized before it was decoded. This introduced the possibility that, for rewrite rules that rewrite query parameters to the URL, an attacker could manipulate the request URI to bypass security constraints including the protection for /WEB-INF/ and /META-INF/. If PUT requests were also enabled then malicious files could be uploaded leading to remote code execution. PUT requests are normally limited to trusted users and it is considered unlikely that PUT requests would be enabled in conjunction with a rewrite that manipulated the URI.
This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.10, from 10.1.0-M1 through 10.1.44, from 9.0.0.M11 through 9.0.108.
The following versions were EOL at the time the CVE was created but are
known to be affected: 8.5.6 though 8.5.100. Other, older, EOL versions may also be affected.
Users are recommended to upgrade to version 11.0.11 or later, 10.1.45 or later or 9.0.109 or later, which fix the issue.
References
| URL | Tags | ||
|---|---|---|---|
| security@apache.org | https://lists.apache.org/thread/n05kjcwyj1s45ovs8ll1qrrojhfb1tog | Issue Tracking, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2025/10/27/4 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.vicarius.io/vsociety/posts/cve-2025-55752-detect-apache-tomcat-vulnerability | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.vicarius.io/vsociety/posts/cve-2025-55752-mitigate-apache-tomcat-vulnerability | Mitigation, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apache | tomcat | * | |
| apache | tomcat | * | |
| apache | tomcat | * | |
| apache | tomcat | * | |
| apache | tomcat | * | |
| apache | tomcat | 9.0.0 | |
| apache | tomcat | 9.0.0 | |
| apache | tomcat | 9.0.0 | |
| apache | tomcat | 9.0.0 | |
| apache | tomcat | 9.0.0 | |
| apache | tomcat | 9.0.0 | |
| apache | tomcat | 9.0.0 | |
| apache | tomcat | 9.0.0 | |
| apache | tomcat | 9.0.0 | |
| apache | tomcat | 9.0.0 | |
| apache | tomcat | 9.0.0 | |
| apache | tomcat | 9.0.0 | |
| apache | tomcat | 9.0.0 | |
| apache | tomcat | 9.0.0 | |
| apache | tomcat | 9.0.0 | |
| apache | tomcat | 9.0.0 | |
| apache | tomcat | 9.0.0 | |
| apache | tomcat | 9.0.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FE87467F-4329-41D6-B68F-EBF2881F7B70",
"versionEndIncluding": "8.5.100",
"versionStartIncluding": "8.5.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5A5E503E-C3EC-4094-98E8-2CD3256D027E",
"versionEndExcluding": "9.0.109",
"versionStartIncluding": "9.0.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B30CA0D9-834D-4044-B03B-7E6E60A4B0E6",
"versionEndExcluding": "10.0.27",
"versionStartIncluding": "10.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "27F4F718-AE8D-417A-BEE4-780FD77625D2",
"versionEndExcluding": "10.1.45",
"versionStartIncluding": "10.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2A3FE1-BC50-419D-AEFA-097C58A3F243",
"versionEndExcluding": "11.0.11",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:9.0.0:-:*:*:*:*:*:*",
"matchCriteriaId": "67BBBD83-E232-4198-9748-C512D9E0EEDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:9.0.0:milestone11:*:*:*:*:*:*",
"matchCriteriaId": "8B6787B6-54A8-475E-BA1C-AB99334B2535",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:9.0.0:milestone12:*:*:*:*:*:*",
"matchCriteriaId": "EABB6FBC-7486-44D5-A6AD-FFF1D3F677E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:9.0.0:milestone13:*:*:*:*:*:*",
"matchCriteriaId": "E10C03BC-EE6B-45B2-83AE-9E8DFB58D7DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:9.0.0:milestone14:*:*:*:*:*:*",
"matchCriteriaId": "8A6DA0BE-908C-4DA8-A191-A0113235E99A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:9.0.0:milestone15:*:*:*:*:*:*",
"matchCriteriaId": "39029C72-28B4-46A4-BFF5-EC822CFB2A4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:9.0.0:milestone16:*:*:*:*:*:*",
"matchCriteriaId": "1A2E05A3-014F-4C4D-81E5-88E725FBD6AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:9.0.0:milestone17:*:*:*:*:*:*",
"matchCriteriaId": "166C533C-0833-41D5-99B6-17A4FAB3CAF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:9.0.0:milestone18:*:*:*:*:*:*",
"matchCriteriaId": "D3768C60-21FA-4B92-B98C-C3A2602D1BC4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:9.0.0:milestone19:*:*:*:*:*:*",
"matchCriteriaId": "DDD510FA-A2E4-4BAF-A0DE-F4E5777E9325",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:9.0.0:milestone20:*:*:*:*:*:*",
"matchCriteriaId": "C2409CC7-6A85-4A66-A457-0D62B9895DC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:9.0.0:milestone21:*:*:*:*:*:*",
"matchCriteriaId": "B392A7E5-4455-4B1C-8FAC-AE6DDC70689E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:9.0.0:milestone22:*:*:*:*:*:*",
"matchCriteriaId": "EF411DDA-2601-449A-9046-D250419A0E1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:9.0.0:milestone23:*:*:*:*:*:*",
"matchCriteriaId": "D7D8F2F4-AFE2-47EA-A3FD-79B54324DE02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:9.0.0:milestone24:*:*:*:*:*:*",
"matchCriteriaId": "1B4FBF97-DE16-4E5E-BE19-471E01818D40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:9.0.0:milestone25:*:*:*:*:*:*",
"matchCriteriaId": "3B266B1E-24B5-47EE-A421-E0E3CC0C7471",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:9.0.0:milestone26:*:*:*:*:*:*",
"matchCriteriaId": "29614C3A-6FB3-41C7-B56E-9CC3F45B04F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:tomcat:9.0.0:milestone27:*:*:*:*:*:*",
"matchCriteriaId": "C6AB156C-8FF6-4727-AF75-590D0DCB3F9D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Relative Path Traversal vulnerability in Apache Tomcat.\n\nThe fix for bug 60013 introduced a regression where the rewritten URL was normalized before it was decoded. This introduced the possibility that, for rewrite rules that rewrite query parameters to the URL, an attacker could manipulate the request URI to bypass security constraints including the protection for /WEB-INF/ and /META-INF/. If PUT requests were also enabled then malicious files could be uploaded leading to remote code execution. PUT requests are normally limited to trusted users and it is considered unlikely that PUT requests would be enabled in conjunction with a rewrite that manipulated the URI.\n\n\n\nThis issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.10, from 10.1.0-M1 through 10.1.44, from 9.0.0.M11 through 9.0.108.\n\nThe following versions were EOL at the time the CVE was created but are \nknown to be affected: 8.5.6 though 8.5.100. Other, older, EOL versions may also be affected.\nUsers are recommended to upgrade to version 11.0.11 or later, 10.1.45 or later or 9.0.109 or later, which fix the issue."
}
],
"id": "CVE-2025-55752",
"lastModified": "2025-11-14T17:44:41.047",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.6,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2025-10-27T18:15:42.283",
"references": [
{
"source": "security@apache.org",
"tags": [
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://lists.apache.org/thread/n05kjcwyj1s45ovs8ll1qrrojhfb1tog"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2025/10/27/4"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://www.vicarius.io/vsociety/posts/cve-2025-55752-detect-apache-tomcat-vulnerability"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Third Party Advisory"
],
"url": "https://www.vicarius.io/vsociety/posts/cve-2025-55752-mitigate-apache-tomcat-vulnerability"
}
],
"sourceIdentifier": "security@apache.org",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-23"
}
],
"source": "security@apache.org",
"type": "Secondary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…