suse-su-2025:02261-1
Vulnerability from csaf_suse
Published
2025-07-09 17:40
Modified
2025-07-09 17:40
Summary
Security update for tomcat10

Notes

Title of the patch
Security update for tomcat10
Description of the patch
This update for tomcat10 fixes the following issues: - Fixed refactor CGI servlet to access resources via WebResources (bsc#1243815). - Fixed limits the total number of parts in a multi-part request and limits the size of the headers provided with each part (bsc#1244656). - Fixed expand checks for webAppMount (bsc#1244649). - Hardening permissions (bsc#1242722) Update to Tomcat 10.1.42: * Fixed CVEs: + CVE-2025-46701: refactor CGI servlet to access resources via WebResources (bsc#1243815) + CVE-2025-48988: limits the total number of parts in a multi-part request and limits the size of the headers provided with each part (bsc#1244656) + CVE-2025-49125: Expand checks for webAppMount (bsc#1244649) * Catalina: + Add: Support for the java:module namespace which mirrors the java:comp namespace. + Add: Support parsing of multiple path parameters separated by ; in a single URL segment. Based on pull request #860 by Chenjp. + Add: Support for limiting the number of parameters in HTTP requests through the new ParameterLimitValve. The valve allows configurable URL-specific limits on the number of parameters. + Fix: 69699: Encode redirect URL used by the rewrite valve with the session id if appropriate, and handle cross context with different session configuration when using rewrite. + Add: #863: Support for comments at the end of lines in text rewrite map files to align behaviour with Apache httpd. Pull request provided by Chenjp. + Fix: 69706: Saved request serialization issue in FORM introduced when allowing infinite session timeouts. + Fix: Expand the path checks for Pre-Resources and Post-Resources mounted at a path within the web application. + Fix: Use of SSS in SimpleDateFormat pattern for AccessLogValve. + Fix: Process possible path parameters rewrite production in the rewrite valve. + Fix: 69588: Enable allowLinking to be set on PreResources, JarResources and PostResources. If not set explicitly, the setting will be inherited from the Resources. + Add: 69633: Support for Filters using context root mappings. + Fix: 69643: Optimize directory listing for large amount of files. Patch submitted by Loic de l'Eprevier. + Fix: #843: Off by one validation logic for partial PUT ranges and associated test case. Submitted by Chenjp. + Refactor: Replace the unused buffer in org.apache.catalina.connector.InputBuffer with a static, zero length buffer. + Refactor: GCI servlet to access resources via the WebResource API. + Fix: 69662: Report name in exception message when a naming lookup failure occurs. Based on code submitted by Donald Smith. + Fix: Ensure that the FORM authentication attribute authenticationSessionTimeout works correctly when sessions have an infinite timeout when authentication starts. + Add: Provide a content type based on file extension when web application resources are accessed via a URL. * Coyote + Refactor: #861: TaskQueue to use the new interface RetryableQueue which enables better integration of custom Executors which provide their own BlockingQueue implementation. Pull request provided by Paulo Almeida. + Add: Finer grained control of multi-part request processing via two new attributes on the Connector element. maxPartCount limits the total number of parts in a multi-part request and maxPartHeaderSize limits the size of the headers provided with each part. Add support for these new attributes to the ParameterLimitValve. + Refactor: The SavedRequestInputFilter so the buffered data is used directly rather than copied. * Jasper: + Fix: 69696: Mark the JSP wrapper for reload after a failed compilation. + Fix: 69635: Add support to jakarta.el.ImportHandler for resolving inner classes. + Add: #842: Support for optimized execution of c:set and c:remove tags, when activated via JSP servlet param useNonstandardTagOptimizations. + Fix: An edge case compilation bug for JSP and tag files on case insensitive file systems that was exposed by the test case for 69635. * Web applications: + Fix: 69694: Improve error reporting of deployment tasks done using the manager webapp when a copy operation fails. + Add: 68876: Documentation. Update the UML diagrams for server start-up, request processing and authentication using PlantUML and include the source files for each diagram. * Other: + Add: Thread name to webappClassLoader.stackTraceRequestThread message. Patch provided by Felix Zhang. + Update: Tomcat Native to 2.0.9. + Update: The internal fork of Apache Commons FileUpload to 1.6.0-RC1 (2025-06-05). + Update: EasyMock to 5.6.0. + Update: Checkstyle to 10.25.0. + Fix: Use the full path when the installer for Windows sets calls icacls.exe to set file permissions. + Update: Improvements to Japanese translations provided by tak7iji. + Fix: Set sun.io.useCanonCaches in service.bat Based on pull request #841 by Paul Lodge. + Update: Jacoco to 0.8.13. + Code: Explicitly set the locale to be used for Javadoc. For official releases, this locale will be English (US) to support reproducible builds. + Update: Byte Buddy to 1.17.5. + Update: Checkstyle to 10.23.1. + Update: File extension to media type mappings to align with the current list used by the Apache Web Server (httpd). + Update: Improvements to French translations. + Update: Improvements to Japanese translations provided by tak7iji.
Patchnames
SUSE-2025-2261,SUSE-SLE-Module-Web-Scripting-15-SP6-2025-2261,SUSE-SLE-Module-Web-Scripting-15-SP7-2025-2261,SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-2261,SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-2261,SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-2261,SUSE-SLE-Product-SLES_SAP-15-SP5-2025-2261,openSUSE-SLE-15.6-2025-2261
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).



{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for tomcat10",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "This update for tomcat10 fixes the following issues:\n\n- Fixed refactor CGI servlet to access resources via WebResources (bsc#1243815).\n- Fixed limits the total number of parts in a multi-part request and \n  limits the size of the headers provided with each part (bsc#1244656).\n- Fixed expand checks for webAppMount (bsc#1244649).\n- Hardening permissions (bsc#1242722)\n\nUpdate to Tomcat 10.1.42:\n\n  * Fixed CVEs:\n\n    + CVE-2025-46701: refactor CGI servlet to access resources via\n      WebResources (bsc#1243815)\n    + CVE-2025-48988: limits the total number of parts in a\n      multi-part request and limits the size of\n      the headers provided with each part (bsc#1244656)\n    + CVE-2025-49125: Expand checks for webAppMount (bsc#1244649)\n\n  * Catalina:\n\n    + Add: Support for the java:module namespace which mirrors the\n      java:comp namespace.\n    + Add: Support parsing of multiple path parameters separated by ; in a\n      single URL segment. Based on pull request #860 by Chenjp.\n    + Add: Support for limiting the number of parameters in HTTP requests\n      through the new ParameterLimitValve. The valve allows configurable\n      URL-specific limits on the number of parameters.\n    + Fix: 69699: Encode redirect URL used by the rewrite valve with the\n      session id if appropriate, and handle cross context with different\n      session configuration when using rewrite.\n    + Add: #863: Support for comments at the end of lines in text rewrite\n      map files to align behaviour with Apache httpd. Pull request\n      provided by Chenjp.\n    + Fix: 69706: Saved request serialization issue in FORM introduced\n      when allowing infinite session timeouts.\n    + Fix: Expand the path checks for Pre-Resources and Post-Resources\n      mounted at a path within the web application.\n    + Fix: Use of SSS in SimpleDateFormat pattern for AccessLogValve.\n    + Fix: Process possible path parameters rewrite production in the\n      rewrite valve.\n    + Fix: 69588: Enable allowLinking to be set on PreResources,\n      JarResources and PostResources. If not set explicitly, the setting\n      will be inherited from the Resources.\n    + Add: 69633: Support for Filters using context root mappings.\n    + Fix: 69643: Optimize directory listing for large amount of files.\n      Patch submitted by Loic de l\u0027Eprevier.\n    + Fix: #843: Off by one validation logic for partial PUT ranges and\n      associated test case. Submitted by Chenjp.\n    + Refactor: Replace the unused buffer in\n      org.apache.catalina.connector.InputBuffer with a static, zero\n      length buffer.\n    + Refactor: GCI servlet to access resources via the WebResource API.\n    + Fix: 69662: Report name in exception message when a naming lookup\n      failure occurs. Based on code submitted by Donald Smith.\n    + Fix: Ensure that the FORM authentication attribute\n      authenticationSessionTimeout works correctly when sessions have an\n      infinite timeout when authentication starts.\n    + Add: Provide a content type based on file extension when web\n      application resources are accessed via a URL.\n  * Coyote\n    + Refactor: #861: TaskQueue to use the new interface RetryableQueue\n      which enables better integration of custom Executors which provide\n      their own BlockingQueue implementation. Pull request provided by\n      Paulo Almeida.\n    + Add: Finer grained control of multi-part request processing via two\n      new attributes on the Connector element. maxPartCount limits the\n      total number of parts in a multi-part request and maxPartHeaderSize\n      limits the size of the headers provided with each part. Add support\n      for these new attributes to the ParameterLimitValve.\n    + Refactor: The SavedRequestInputFilter so the buffered data is used\n      directly rather than copied.\n\n  * Jasper:\n\n    + Fix: 69696: Mark the JSP wrapper for reload after a failed\n      compilation.\n    + Fix: 69635: Add support to jakarta.el.ImportHandler for resolving\n      inner classes.\n    + Add: #842: Support for optimized execution of c:set and c:remove\n      tags, when activated via JSP servlet param\n      useNonstandardTagOptimizations.\n    + Fix: An edge case compilation bug for JSP and tag files on case\n      insensitive file systems that was exposed by the test case for\n      69635.\n\n  * Web applications:\n\n    + Fix: 69694: Improve error reporting of deployment tasks done using\n      the manager webapp when a copy operation fails.\n    + Add: 68876: Documentation. Update the UML diagrams for server\n      start-up, request processing and authentication using PlantUML and\n      include the source files for each diagram.\n\n  * Other:\n\n    + Add: Thread name to webappClassLoader.stackTraceRequestThread\n      message. Patch provided by Felix Zhang.\n    + Update: Tomcat Native to 2.0.9.\n    + Update: The internal fork of Apache Commons FileUpload to 1.6.0-RC1\n      (2025-06-05).\n    + Update: EasyMock to 5.6.0.\n    + Update: Checkstyle to 10.25.0.\n    + Fix: Use the full path when the installer for Windows sets calls\n      icacls.exe to set file permissions.\n    + Update: Improvements to Japanese translations provided by tak7iji.\n    + Fix: Set sun.io.useCanonCaches in service.bat Based on pull request\n      #841 by Paul Lodge.\n    + Update: Jacoco to 0.8.13.\n    + Code: Explicitly set the locale to be used for Javadoc. For\n      official releases, this locale will be English (US) to support\n      reproducible builds.\n    + Update: Byte Buddy to 1.17.5.\n    + Update: Checkstyle to 10.23.1.\n    + Update: File extension to media type mappings to align with the\n      current list used by the Apache Web Server (httpd).\n    + Update: Improvements to French translations.\n    + Update: Improvements to Japanese translations provided by tak7iji. \n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "SUSE-2025-2261,SUSE-SLE-Module-Web-Scripting-15-SP6-2025-2261,SUSE-SLE-Module-Web-Scripting-15-SP7-2025-2261,SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-2261,SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-2261,SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-2261,SUSE-SLE-Product-SLES_SAP-15-SP5-2025-2261,openSUSE-SLE-15.6-2025-2261",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_02261-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2025:02261-1",
        "url": "https://www.suse.com/support/update/announcement/2025/suse-su-202502261-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2025:02261-1",
        "url": "https://lists.suse.com/pipermail/sle-updates/2025-July/040657.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1242722",
        "url": "https://bugzilla.suse.com/1242722"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1243815",
        "url": "https://bugzilla.suse.com/1243815"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1244649",
        "url": "https://bugzilla.suse.com/1244649"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1244656",
        "url": "https://bugzilla.suse.com/1244656"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-46701 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-46701/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-48988 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-48988/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-49125 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-49125/"
      }
    ],
    "title": "Security update for tomcat10",
    "tracking": {
      "current_release_date": "2025-07-09T17:40:32Z",
      "generator": {
        "date": "2025-07-09T17:40:32Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2025:02261-1",
      "initial_release_date": "2025-07-09T17:40:32Z",
      "revision_history": [
        {
          "date": "2025-07-09T17:40:32Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "tomcat10-10.1.42-150200.5.45.1.noarch",
                "product": {
                  "name": "tomcat10-10.1.42-150200.5.45.1.noarch",
                  "product_id": "tomcat10-10.1.42-150200.5.45.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat10-admin-webapps-10.1.42-150200.5.45.1.noarch",
                "product": {
                  "name": "tomcat10-admin-webapps-10.1.42-150200.5.45.1.noarch",
                  "product_id": "tomcat10-admin-webapps-10.1.42-150200.5.45.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat10-doc-10.1.42-150200.5.45.1.noarch",
                "product": {
                  "name": "tomcat10-doc-10.1.42-150200.5.45.1.noarch",
                  "product_id": "tomcat10-doc-10.1.42-150200.5.45.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat10-docs-webapp-10.1.42-150200.5.45.1.noarch",
                "product": {
                  "name": "tomcat10-docs-webapp-10.1.42-150200.5.45.1.noarch",
                  "product_id": "tomcat10-docs-webapp-10.1.42-150200.5.45.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat10-el-5_0-api-10.1.42-150200.5.45.1.noarch",
                "product": {
                  "name": "tomcat10-el-5_0-api-10.1.42-150200.5.45.1.noarch",
                  "product_id": "tomcat10-el-5_0-api-10.1.42-150200.5.45.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat10-embed-10.1.42-150200.5.45.1.noarch",
                "product": {
                  "name": "tomcat10-embed-10.1.42-150200.5.45.1.noarch",
                  "product_id": "tomcat10-embed-10.1.42-150200.5.45.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat10-jsp-3_1-api-10.1.42-150200.5.45.1.noarch",
                "product": {
                  "name": "tomcat10-jsp-3_1-api-10.1.42-150200.5.45.1.noarch",
                  "product_id": "tomcat10-jsp-3_1-api-10.1.42-150200.5.45.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat10-jsvc-10.1.42-150200.5.45.1.noarch",
                "product": {
                  "name": "tomcat10-jsvc-10.1.42-150200.5.45.1.noarch",
                  "product_id": "tomcat10-jsvc-10.1.42-150200.5.45.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat10-lib-10.1.42-150200.5.45.1.noarch",
                "product": {
                  "name": "tomcat10-lib-10.1.42-150200.5.45.1.noarch",
                  "product_id": "tomcat10-lib-10.1.42-150200.5.45.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat10-servlet-6_0-api-10.1.42-150200.5.45.1.noarch",
                "product": {
                  "name": "tomcat10-servlet-6_0-api-10.1.42-150200.5.45.1.noarch",
                  "product_id": "tomcat10-servlet-6_0-api-10.1.42-150200.5.45.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat10-webapps-10.1.42-150200.5.45.1.noarch",
                "product": {
                  "name": "tomcat10-webapps-10.1.42-150200.5.45.1.noarch",
                  "product_id": "tomcat10-webapps-10.1.42-150200.5.45.1.noarch"
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Module for Web and Scripting 15 SP6",
                "product": {
                  "name": "SUSE Linux Enterprise Module for Web and Scripting 15 SP6",
                  "product_id": "SUSE Linux Enterprise Module for Web and Scripting 15 SP6",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle-module-web-scripting:15:sp6"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Module for Web and Scripting 15 SP7",
                "product": {
                  "name": "SUSE Linux Enterprise Module for Web and Scripting 15 SP7",
                  "product_id": "SUSE Linux Enterprise Module for Web and Scripting 15 SP7",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle-module-web-scripting:15:sp7"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
                "product": {
                  "name": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
                  "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle_hpc-espos:15:sp5"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
                "product": {
                  "name": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
                  "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp5"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Server 15 SP5-LTSS",
                "product": {
                  "name": "SUSE Linux Enterprise Server 15 SP5-LTSS",
                  "product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sles-ltss:15:sp5"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
                "product": {
                  "name": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
                  "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sles_sap:15:sp5"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "openSUSE Leap 15.6",
                "product": {
                  "name": "openSUSE Leap 15.6",
                  "product_id": "openSUSE Leap 15.6",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:opensuse:leap:15.6"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat10-10.1.42-150200.5.45.1.noarch as component of SUSE Linux Enterprise Module for Web and Scripting 15 SP6",
          "product_id": "SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-10.1.42-150200.5.45.1.noarch"
        },
        "product_reference": "tomcat10-10.1.42-150200.5.45.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 15 SP6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat10-admin-webapps-10.1.42-150200.5.45.1.noarch as component of SUSE Linux Enterprise Module for Web and Scripting 15 SP6",
          "product_id": "SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-admin-webapps-10.1.42-150200.5.45.1.noarch"
        },
        "product_reference": "tomcat10-admin-webapps-10.1.42-150200.5.45.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 15 SP6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat10-el-5_0-api-10.1.42-150200.5.45.1.noarch as component of SUSE Linux Enterprise Module for Web and Scripting 15 SP6",
          "product_id": "SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-el-5_0-api-10.1.42-150200.5.45.1.noarch"
        },
        "product_reference": "tomcat10-el-5_0-api-10.1.42-150200.5.45.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 15 SP6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat10-jsp-3_1-api-10.1.42-150200.5.45.1.noarch as component of SUSE Linux Enterprise Module for Web and Scripting 15 SP6",
          "product_id": "SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-jsp-3_1-api-10.1.42-150200.5.45.1.noarch"
        },
        "product_reference": "tomcat10-jsp-3_1-api-10.1.42-150200.5.45.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 15 SP6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat10-lib-10.1.42-150200.5.45.1.noarch as component of SUSE Linux Enterprise Module for Web and Scripting 15 SP6",
          "product_id": "SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-lib-10.1.42-150200.5.45.1.noarch"
        },
        "product_reference": "tomcat10-lib-10.1.42-150200.5.45.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 15 SP6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat10-servlet-6_0-api-10.1.42-150200.5.45.1.noarch as component of SUSE Linux Enterprise Module for Web and Scripting 15 SP6",
          "product_id": "SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-servlet-6_0-api-10.1.42-150200.5.45.1.noarch"
        },
        "product_reference": "tomcat10-servlet-6_0-api-10.1.42-150200.5.45.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 15 SP6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat10-webapps-10.1.42-150200.5.45.1.noarch as component of SUSE Linux Enterprise Module for Web and Scripting 15 SP6",
          "product_id": "SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-webapps-10.1.42-150200.5.45.1.noarch"
        },
        "product_reference": "tomcat10-webapps-10.1.42-150200.5.45.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 15 SP6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat10-10.1.42-150200.5.45.1.noarch as component of SUSE Linux Enterprise Module for Web and Scripting 15 SP7",
          "product_id": "SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-10.1.42-150200.5.45.1.noarch"
        },
        "product_reference": "tomcat10-10.1.42-150200.5.45.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 15 SP7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat10-admin-webapps-10.1.42-150200.5.45.1.noarch as component of SUSE Linux Enterprise Module for Web and Scripting 15 SP7",
          "product_id": "SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-admin-webapps-10.1.42-150200.5.45.1.noarch"
        },
        "product_reference": "tomcat10-admin-webapps-10.1.42-150200.5.45.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 15 SP7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat10-el-5_0-api-10.1.42-150200.5.45.1.noarch as component of SUSE Linux Enterprise Module for Web and Scripting 15 SP7",
          "product_id": "SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-el-5_0-api-10.1.42-150200.5.45.1.noarch"
        },
        "product_reference": "tomcat10-el-5_0-api-10.1.42-150200.5.45.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 15 SP7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat10-jsp-3_1-api-10.1.42-150200.5.45.1.noarch as component of SUSE Linux Enterprise Module for Web and Scripting 15 SP7",
          "product_id": "SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-jsp-3_1-api-10.1.42-150200.5.45.1.noarch"
        },
        "product_reference": "tomcat10-jsp-3_1-api-10.1.42-150200.5.45.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 15 SP7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat10-lib-10.1.42-150200.5.45.1.noarch as component of SUSE Linux Enterprise Module for Web and Scripting 15 SP7",
          "product_id": "SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-lib-10.1.42-150200.5.45.1.noarch"
        },
        "product_reference": "tomcat10-lib-10.1.42-150200.5.45.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 15 SP7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat10-servlet-6_0-api-10.1.42-150200.5.45.1.noarch as component of SUSE Linux Enterprise Module for Web and Scripting 15 SP7",
          "product_id": "SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-servlet-6_0-api-10.1.42-150200.5.45.1.noarch"
        },
        "product_reference": "tomcat10-servlet-6_0-api-10.1.42-150200.5.45.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 15 SP7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat10-webapps-10.1.42-150200.5.45.1.noarch as component of SUSE Linux Enterprise Module for Web and Scripting 15 SP7",
          "product_id": "SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-webapps-10.1.42-150200.5.45.1.noarch"
        },
        "product_reference": "tomcat10-webapps-10.1.42-150200.5.45.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 15 SP7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat10-10.1.42-150200.5.45.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-10.1.42-150200.5.45.1.noarch"
        },
        "product_reference": "tomcat10-10.1.42-150200.5.45.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat10-admin-webapps-10.1.42-150200.5.45.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-admin-webapps-10.1.42-150200.5.45.1.noarch"
        },
        "product_reference": "tomcat10-admin-webapps-10.1.42-150200.5.45.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat10-el-5_0-api-10.1.42-150200.5.45.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-el-5_0-api-10.1.42-150200.5.45.1.noarch"
        },
        "product_reference": "tomcat10-el-5_0-api-10.1.42-150200.5.45.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat10-jsp-3_1-api-10.1.42-150200.5.45.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-jsp-3_1-api-10.1.42-150200.5.45.1.noarch"
        },
        "product_reference": "tomcat10-jsp-3_1-api-10.1.42-150200.5.45.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat10-lib-10.1.42-150200.5.45.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-lib-10.1.42-150200.5.45.1.noarch"
        },
        "product_reference": "tomcat10-lib-10.1.42-150200.5.45.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat10-servlet-6_0-api-10.1.42-150200.5.45.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-servlet-6_0-api-10.1.42-150200.5.45.1.noarch"
        },
        "product_reference": "tomcat10-servlet-6_0-api-10.1.42-150200.5.45.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat10-webapps-10.1.42-150200.5.45.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-webapps-10.1.42-150200.5.45.1.noarch"
        },
        "product_reference": "tomcat10-webapps-10.1.42-150200.5.45.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat10-10.1.42-150200.5.45.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-10.1.42-150200.5.45.1.noarch"
        },
        "product_reference": "tomcat10-10.1.42-150200.5.45.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat10-admin-webapps-10.1.42-150200.5.45.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-admin-webapps-10.1.42-150200.5.45.1.noarch"
        },
        "product_reference": "tomcat10-admin-webapps-10.1.42-150200.5.45.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat10-el-5_0-api-10.1.42-150200.5.45.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-el-5_0-api-10.1.42-150200.5.45.1.noarch"
        },
        "product_reference": "tomcat10-el-5_0-api-10.1.42-150200.5.45.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat10-jsp-3_1-api-10.1.42-150200.5.45.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-jsp-3_1-api-10.1.42-150200.5.45.1.noarch"
        },
        "product_reference": "tomcat10-jsp-3_1-api-10.1.42-150200.5.45.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat10-lib-10.1.42-150200.5.45.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-lib-10.1.42-150200.5.45.1.noarch"
        },
        "product_reference": "tomcat10-lib-10.1.42-150200.5.45.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat10-servlet-6_0-api-10.1.42-150200.5.45.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-servlet-6_0-api-10.1.42-150200.5.45.1.noarch"
        },
        "product_reference": "tomcat10-servlet-6_0-api-10.1.42-150200.5.45.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat10-webapps-10.1.42-150200.5.45.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-webapps-10.1.42-150200.5.45.1.noarch"
        },
        "product_reference": "tomcat10-webapps-10.1.42-150200.5.45.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat10-10.1.42-150200.5.45.1.noarch as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-10.1.42-150200.5.45.1.noarch"
        },
        "product_reference": "tomcat10-10.1.42-150200.5.45.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat10-admin-webapps-10.1.42-150200.5.45.1.noarch as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-admin-webapps-10.1.42-150200.5.45.1.noarch"
        },
        "product_reference": "tomcat10-admin-webapps-10.1.42-150200.5.45.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat10-el-5_0-api-10.1.42-150200.5.45.1.noarch as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-el-5_0-api-10.1.42-150200.5.45.1.noarch"
        },
        "product_reference": "tomcat10-el-5_0-api-10.1.42-150200.5.45.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat10-jsp-3_1-api-10.1.42-150200.5.45.1.noarch as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-jsp-3_1-api-10.1.42-150200.5.45.1.noarch"
        },
        "product_reference": "tomcat10-jsp-3_1-api-10.1.42-150200.5.45.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat10-lib-10.1.42-150200.5.45.1.noarch as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-lib-10.1.42-150200.5.45.1.noarch"
        },
        "product_reference": "tomcat10-lib-10.1.42-150200.5.45.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat10-servlet-6_0-api-10.1.42-150200.5.45.1.noarch as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-servlet-6_0-api-10.1.42-150200.5.45.1.noarch"
        },
        "product_reference": "tomcat10-servlet-6_0-api-10.1.42-150200.5.45.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat10-webapps-10.1.42-150200.5.45.1.noarch as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-webapps-10.1.42-150200.5.45.1.noarch"
        },
        "product_reference": "tomcat10-webapps-10.1.42-150200.5.45.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat10-10.1.42-150200.5.45.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-10.1.42-150200.5.45.1.noarch"
        },
        "product_reference": "tomcat10-10.1.42-150200.5.45.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat10-admin-webapps-10.1.42-150200.5.45.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-admin-webapps-10.1.42-150200.5.45.1.noarch"
        },
        "product_reference": "tomcat10-admin-webapps-10.1.42-150200.5.45.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat10-el-5_0-api-10.1.42-150200.5.45.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-el-5_0-api-10.1.42-150200.5.45.1.noarch"
        },
        "product_reference": "tomcat10-el-5_0-api-10.1.42-150200.5.45.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat10-jsp-3_1-api-10.1.42-150200.5.45.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-jsp-3_1-api-10.1.42-150200.5.45.1.noarch"
        },
        "product_reference": "tomcat10-jsp-3_1-api-10.1.42-150200.5.45.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat10-lib-10.1.42-150200.5.45.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-lib-10.1.42-150200.5.45.1.noarch"
        },
        "product_reference": "tomcat10-lib-10.1.42-150200.5.45.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat10-servlet-6_0-api-10.1.42-150200.5.45.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-servlet-6_0-api-10.1.42-150200.5.45.1.noarch"
        },
        "product_reference": "tomcat10-servlet-6_0-api-10.1.42-150200.5.45.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat10-webapps-10.1.42-150200.5.45.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-webapps-10.1.42-150200.5.45.1.noarch"
        },
        "product_reference": "tomcat10-webapps-10.1.42-150200.5.45.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat10-10.1.42-150200.5.45.1.noarch as component of openSUSE Leap 15.6",
          "product_id": "openSUSE Leap 15.6:tomcat10-10.1.42-150200.5.45.1.noarch"
        },
        "product_reference": "tomcat10-10.1.42-150200.5.45.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat10-admin-webapps-10.1.42-150200.5.45.1.noarch as component of openSUSE Leap 15.6",
          "product_id": "openSUSE Leap 15.6:tomcat10-admin-webapps-10.1.42-150200.5.45.1.noarch"
        },
        "product_reference": "tomcat10-admin-webapps-10.1.42-150200.5.45.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat10-doc-10.1.42-150200.5.45.1.noarch as component of openSUSE Leap 15.6",
          "product_id": "openSUSE Leap 15.6:tomcat10-doc-10.1.42-150200.5.45.1.noarch"
        },
        "product_reference": "tomcat10-doc-10.1.42-150200.5.45.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat10-docs-webapp-10.1.42-150200.5.45.1.noarch as component of openSUSE Leap 15.6",
          "product_id": "openSUSE Leap 15.6:tomcat10-docs-webapp-10.1.42-150200.5.45.1.noarch"
        },
        "product_reference": "tomcat10-docs-webapp-10.1.42-150200.5.45.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat10-el-5_0-api-10.1.42-150200.5.45.1.noarch as component of openSUSE Leap 15.6",
          "product_id": "openSUSE Leap 15.6:tomcat10-el-5_0-api-10.1.42-150200.5.45.1.noarch"
        },
        "product_reference": "tomcat10-el-5_0-api-10.1.42-150200.5.45.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat10-embed-10.1.42-150200.5.45.1.noarch as component of openSUSE Leap 15.6",
          "product_id": "openSUSE Leap 15.6:tomcat10-embed-10.1.42-150200.5.45.1.noarch"
        },
        "product_reference": "tomcat10-embed-10.1.42-150200.5.45.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat10-jsp-3_1-api-10.1.42-150200.5.45.1.noarch as component of openSUSE Leap 15.6",
          "product_id": "openSUSE Leap 15.6:tomcat10-jsp-3_1-api-10.1.42-150200.5.45.1.noarch"
        },
        "product_reference": "tomcat10-jsp-3_1-api-10.1.42-150200.5.45.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat10-jsvc-10.1.42-150200.5.45.1.noarch as component of openSUSE Leap 15.6",
          "product_id": "openSUSE Leap 15.6:tomcat10-jsvc-10.1.42-150200.5.45.1.noarch"
        },
        "product_reference": "tomcat10-jsvc-10.1.42-150200.5.45.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat10-lib-10.1.42-150200.5.45.1.noarch as component of openSUSE Leap 15.6",
          "product_id": "openSUSE Leap 15.6:tomcat10-lib-10.1.42-150200.5.45.1.noarch"
        },
        "product_reference": "tomcat10-lib-10.1.42-150200.5.45.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat10-servlet-6_0-api-10.1.42-150200.5.45.1.noarch as component of openSUSE Leap 15.6",
          "product_id": "openSUSE Leap 15.6:tomcat10-servlet-6_0-api-10.1.42-150200.5.45.1.noarch"
        },
        "product_reference": "tomcat10-servlet-6_0-api-10.1.42-150200.5.45.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat10-webapps-10.1.42-150200.5.45.1.noarch as component of openSUSE Leap 15.6",
          "product_id": "openSUSE Leap 15.6:tomcat10-webapps-10.1.42-150200.5.45.1.noarch"
        },
        "product_reference": "tomcat10-webapps-10.1.42-150200.5.45.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.6"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2025-46701",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-46701"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Improper Handling of Case Sensitivity vulnerability in Apache Tomcat\u0027s GCI servlet allows security constraint bypass of security constraints that apply to the pathInfo component of a URI mapped to the CGI servlet.\n\nThis issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.6, from 10.1.0-M1 through 10.1.40, from 9.0.0.M1 through 9.0.104.\n\nUsers are recommended to upgrade to version 11.0.7, 10.1.41 or 9.0.105, which fixes the issue.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-10.1.42-150200.5.45.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-admin-webapps-10.1.42-150200.5.45.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-el-5_0-api-10.1.42-150200.5.45.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-jsp-3_1-api-10.1.42-150200.5.45.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-lib-10.1.42-150200.5.45.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-servlet-6_0-api-10.1.42-150200.5.45.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-webapps-10.1.42-150200.5.45.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-10.1.42-150200.5.45.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-admin-webapps-10.1.42-150200.5.45.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-el-5_0-api-10.1.42-150200.5.45.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-jsp-3_1-api-10.1.42-150200.5.45.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-lib-10.1.42-150200.5.45.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-servlet-6_0-api-10.1.42-150200.5.45.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-webapps-10.1.42-150200.5.45.1.noarch",
          "SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-10.1.42-150200.5.45.1.noarch",
          "SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-admin-webapps-10.1.42-150200.5.45.1.noarch",
          "SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-el-5_0-api-10.1.42-150200.5.45.1.noarch",
          "SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-jsp-3_1-api-10.1.42-150200.5.45.1.noarch",
          "SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-lib-10.1.42-150200.5.45.1.noarch",
          "SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-servlet-6_0-api-10.1.42-150200.5.45.1.noarch",
          "SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-webapps-10.1.42-150200.5.45.1.noarch",
          "SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-10.1.42-150200.5.45.1.noarch",
          "SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-admin-webapps-10.1.42-150200.5.45.1.noarch",
          "SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-el-5_0-api-10.1.42-150200.5.45.1.noarch",
          "SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-jsp-3_1-api-10.1.42-150200.5.45.1.noarch",
          "SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-lib-10.1.42-150200.5.45.1.noarch",
          "SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-servlet-6_0-api-10.1.42-150200.5.45.1.noarch",
          "SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-webapps-10.1.42-150200.5.45.1.noarch",
          "SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-10.1.42-150200.5.45.1.noarch",
          "SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-admin-webapps-10.1.42-150200.5.45.1.noarch",
          "SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-el-5_0-api-10.1.42-150200.5.45.1.noarch",
          "SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-jsp-3_1-api-10.1.42-150200.5.45.1.noarch",
          "SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-lib-10.1.42-150200.5.45.1.noarch",
          "SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-servlet-6_0-api-10.1.42-150200.5.45.1.noarch",
          "SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-webapps-10.1.42-150200.5.45.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-10.1.42-150200.5.45.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-admin-webapps-10.1.42-150200.5.45.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-el-5_0-api-10.1.42-150200.5.45.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-jsp-3_1-api-10.1.42-150200.5.45.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-lib-10.1.42-150200.5.45.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-servlet-6_0-api-10.1.42-150200.5.45.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-webapps-10.1.42-150200.5.45.1.noarch",
          "openSUSE Leap 15.6:tomcat10-10.1.42-150200.5.45.1.noarch",
          "openSUSE Leap 15.6:tomcat10-admin-webapps-10.1.42-150200.5.45.1.noarch",
          "openSUSE Leap 15.6:tomcat10-doc-10.1.42-150200.5.45.1.noarch",
          "openSUSE Leap 15.6:tomcat10-docs-webapp-10.1.42-150200.5.45.1.noarch",
          "openSUSE Leap 15.6:tomcat10-el-5_0-api-10.1.42-150200.5.45.1.noarch",
          "openSUSE Leap 15.6:tomcat10-embed-10.1.42-150200.5.45.1.noarch",
          "openSUSE Leap 15.6:tomcat10-jsp-3_1-api-10.1.42-150200.5.45.1.noarch",
          "openSUSE Leap 15.6:tomcat10-jsvc-10.1.42-150200.5.45.1.noarch",
          "openSUSE Leap 15.6:tomcat10-lib-10.1.42-150200.5.45.1.noarch",
          "openSUSE Leap 15.6:tomcat10-servlet-6_0-api-10.1.42-150200.5.45.1.noarch",
          "openSUSE Leap 15.6:tomcat10-webapps-10.1.42-150200.5.45.1.noarch"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-46701",
          "url": "https://www.suse.com/security/cve/CVE-2025-46701"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1243815 for CVE-2025-46701",
          "url": "https://bugzilla.suse.com/1243815"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-admin-webapps-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-el-5_0-api-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-jsp-3_1-api-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-lib-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-servlet-6_0-api-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-webapps-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-admin-webapps-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-el-5_0-api-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-jsp-3_1-api-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-lib-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-servlet-6_0-api-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-webapps-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-admin-webapps-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-el-5_0-api-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-jsp-3_1-api-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-lib-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-servlet-6_0-api-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-webapps-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-admin-webapps-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-el-5_0-api-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-jsp-3_1-api-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-lib-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-servlet-6_0-api-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-webapps-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-admin-webapps-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-el-5_0-api-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-jsp-3_1-api-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-lib-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-servlet-6_0-api-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-webapps-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-admin-webapps-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-el-5_0-api-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-jsp-3_1-api-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-lib-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-servlet-6_0-api-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-webapps-10.1.42-150200.5.45.1.noarch",
            "openSUSE Leap 15.6:tomcat10-10.1.42-150200.5.45.1.noarch",
            "openSUSE Leap 15.6:tomcat10-admin-webapps-10.1.42-150200.5.45.1.noarch",
            "openSUSE Leap 15.6:tomcat10-doc-10.1.42-150200.5.45.1.noarch",
            "openSUSE Leap 15.6:tomcat10-docs-webapp-10.1.42-150200.5.45.1.noarch",
            "openSUSE Leap 15.6:tomcat10-el-5_0-api-10.1.42-150200.5.45.1.noarch",
            "openSUSE Leap 15.6:tomcat10-embed-10.1.42-150200.5.45.1.noarch",
            "openSUSE Leap 15.6:tomcat10-jsp-3_1-api-10.1.42-150200.5.45.1.noarch",
            "openSUSE Leap 15.6:tomcat10-jsvc-10.1.42-150200.5.45.1.noarch",
            "openSUSE Leap 15.6:tomcat10-lib-10.1.42-150200.5.45.1.noarch",
            "openSUSE Leap 15.6:tomcat10-servlet-6_0-api-10.1.42-150200.5.45.1.noarch",
            "openSUSE Leap 15.6:tomcat10-webapps-10.1.42-150200.5.45.1.noarch"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-admin-webapps-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-el-5_0-api-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-jsp-3_1-api-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-lib-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-servlet-6_0-api-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-webapps-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-admin-webapps-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-el-5_0-api-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-jsp-3_1-api-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-lib-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-servlet-6_0-api-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-webapps-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-admin-webapps-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-el-5_0-api-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-jsp-3_1-api-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-lib-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-servlet-6_0-api-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-webapps-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-admin-webapps-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-el-5_0-api-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-jsp-3_1-api-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-lib-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-servlet-6_0-api-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-webapps-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-admin-webapps-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-el-5_0-api-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-jsp-3_1-api-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-lib-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-servlet-6_0-api-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-webapps-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-admin-webapps-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-el-5_0-api-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-jsp-3_1-api-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-lib-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-servlet-6_0-api-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-webapps-10.1.42-150200.5.45.1.noarch",
            "openSUSE Leap 15.6:tomcat10-10.1.42-150200.5.45.1.noarch",
            "openSUSE Leap 15.6:tomcat10-admin-webapps-10.1.42-150200.5.45.1.noarch",
            "openSUSE Leap 15.6:tomcat10-doc-10.1.42-150200.5.45.1.noarch",
            "openSUSE Leap 15.6:tomcat10-docs-webapp-10.1.42-150200.5.45.1.noarch",
            "openSUSE Leap 15.6:tomcat10-el-5_0-api-10.1.42-150200.5.45.1.noarch",
            "openSUSE Leap 15.6:tomcat10-embed-10.1.42-150200.5.45.1.noarch",
            "openSUSE Leap 15.6:tomcat10-jsp-3_1-api-10.1.42-150200.5.45.1.noarch",
            "openSUSE Leap 15.6:tomcat10-jsvc-10.1.42-150200.5.45.1.noarch",
            "openSUSE Leap 15.6:tomcat10-lib-10.1.42-150200.5.45.1.noarch",
            "openSUSE Leap 15.6:tomcat10-servlet-6_0-api-10.1.42-150200.5.45.1.noarch",
            "openSUSE Leap 15.6:tomcat10-webapps-10.1.42-150200.5.45.1.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-07-09T17:40:32Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-46701"
    },
    {
      "cve": "CVE-2025-48988",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-48988"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Allocation of Resources Without Limits or Throttling vulnerability in Apache Tomcat.\n\nThis issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.7, from 10.1.0-M1 through 10.1.41, from 9.0.0.M1 through 9.0.105.\n\nUsers are recommended to upgrade to version 11.0.8, 10.1.42 or 9.0.106, which fix the issue.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-10.1.42-150200.5.45.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-admin-webapps-10.1.42-150200.5.45.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-el-5_0-api-10.1.42-150200.5.45.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-jsp-3_1-api-10.1.42-150200.5.45.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-lib-10.1.42-150200.5.45.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-servlet-6_0-api-10.1.42-150200.5.45.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-webapps-10.1.42-150200.5.45.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-10.1.42-150200.5.45.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-admin-webapps-10.1.42-150200.5.45.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-el-5_0-api-10.1.42-150200.5.45.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-jsp-3_1-api-10.1.42-150200.5.45.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-lib-10.1.42-150200.5.45.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-servlet-6_0-api-10.1.42-150200.5.45.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-webapps-10.1.42-150200.5.45.1.noarch",
          "SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-10.1.42-150200.5.45.1.noarch",
          "SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-admin-webapps-10.1.42-150200.5.45.1.noarch",
          "SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-el-5_0-api-10.1.42-150200.5.45.1.noarch",
          "SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-jsp-3_1-api-10.1.42-150200.5.45.1.noarch",
          "SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-lib-10.1.42-150200.5.45.1.noarch",
          "SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-servlet-6_0-api-10.1.42-150200.5.45.1.noarch",
          "SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-webapps-10.1.42-150200.5.45.1.noarch",
          "SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-10.1.42-150200.5.45.1.noarch",
          "SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-admin-webapps-10.1.42-150200.5.45.1.noarch",
          "SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-el-5_0-api-10.1.42-150200.5.45.1.noarch",
          "SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-jsp-3_1-api-10.1.42-150200.5.45.1.noarch",
          "SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-lib-10.1.42-150200.5.45.1.noarch",
          "SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-servlet-6_0-api-10.1.42-150200.5.45.1.noarch",
          "SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-webapps-10.1.42-150200.5.45.1.noarch",
          "SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-10.1.42-150200.5.45.1.noarch",
          "SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-admin-webapps-10.1.42-150200.5.45.1.noarch",
          "SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-el-5_0-api-10.1.42-150200.5.45.1.noarch",
          "SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-jsp-3_1-api-10.1.42-150200.5.45.1.noarch",
          "SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-lib-10.1.42-150200.5.45.1.noarch",
          "SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-servlet-6_0-api-10.1.42-150200.5.45.1.noarch",
          "SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-webapps-10.1.42-150200.5.45.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-10.1.42-150200.5.45.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-admin-webapps-10.1.42-150200.5.45.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-el-5_0-api-10.1.42-150200.5.45.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-jsp-3_1-api-10.1.42-150200.5.45.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-lib-10.1.42-150200.5.45.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-servlet-6_0-api-10.1.42-150200.5.45.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-webapps-10.1.42-150200.5.45.1.noarch",
          "openSUSE Leap 15.6:tomcat10-10.1.42-150200.5.45.1.noarch",
          "openSUSE Leap 15.6:tomcat10-admin-webapps-10.1.42-150200.5.45.1.noarch",
          "openSUSE Leap 15.6:tomcat10-doc-10.1.42-150200.5.45.1.noarch",
          "openSUSE Leap 15.6:tomcat10-docs-webapp-10.1.42-150200.5.45.1.noarch",
          "openSUSE Leap 15.6:tomcat10-el-5_0-api-10.1.42-150200.5.45.1.noarch",
          "openSUSE Leap 15.6:tomcat10-embed-10.1.42-150200.5.45.1.noarch",
          "openSUSE Leap 15.6:tomcat10-jsp-3_1-api-10.1.42-150200.5.45.1.noarch",
          "openSUSE Leap 15.6:tomcat10-jsvc-10.1.42-150200.5.45.1.noarch",
          "openSUSE Leap 15.6:tomcat10-lib-10.1.42-150200.5.45.1.noarch",
          "openSUSE Leap 15.6:tomcat10-servlet-6_0-api-10.1.42-150200.5.45.1.noarch",
          "openSUSE Leap 15.6:tomcat10-webapps-10.1.42-150200.5.45.1.noarch"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-48988",
          "url": "https://www.suse.com/security/cve/CVE-2025-48988"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1244656 for CVE-2025-48988",
          "url": "https://bugzilla.suse.com/1244656"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-admin-webapps-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-el-5_0-api-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-jsp-3_1-api-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-lib-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-servlet-6_0-api-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-webapps-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-admin-webapps-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-el-5_0-api-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-jsp-3_1-api-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-lib-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-servlet-6_0-api-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-webapps-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-admin-webapps-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-el-5_0-api-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-jsp-3_1-api-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-lib-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-servlet-6_0-api-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-webapps-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-admin-webapps-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-el-5_0-api-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-jsp-3_1-api-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-lib-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-servlet-6_0-api-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-webapps-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-admin-webapps-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-el-5_0-api-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-jsp-3_1-api-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-lib-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-servlet-6_0-api-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-webapps-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-admin-webapps-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-el-5_0-api-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-jsp-3_1-api-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-lib-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-servlet-6_0-api-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-webapps-10.1.42-150200.5.45.1.noarch",
            "openSUSE Leap 15.6:tomcat10-10.1.42-150200.5.45.1.noarch",
            "openSUSE Leap 15.6:tomcat10-admin-webapps-10.1.42-150200.5.45.1.noarch",
            "openSUSE Leap 15.6:tomcat10-doc-10.1.42-150200.5.45.1.noarch",
            "openSUSE Leap 15.6:tomcat10-docs-webapp-10.1.42-150200.5.45.1.noarch",
            "openSUSE Leap 15.6:tomcat10-el-5_0-api-10.1.42-150200.5.45.1.noarch",
            "openSUSE Leap 15.6:tomcat10-embed-10.1.42-150200.5.45.1.noarch",
            "openSUSE Leap 15.6:tomcat10-jsp-3_1-api-10.1.42-150200.5.45.1.noarch",
            "openSUSE Leap 15.6:tomcat10-jsvc-10.1.42-150200.5.45.1.noarch",
            "openSUSE Leap 15.6:tomcat10-lib-10.1.42-150200.5.45.1.noarch",
            "openSUSE Leap 15.6:tomcat10-servlet-6_0-api-10.1.42-150200.5.45.1.noarch",
            "openSUSE Leap 15.6:tomcat10-webapps-10.1.42-150200.5.45.1.noarch"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-admin-webapps-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-el-5_0-api-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-jsp-3_1-api-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-lib-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-servlet-6_0-api-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-webapps-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-admin-webapps-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-el-5_0-api-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-jsp-3_1-api-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-lib-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-servlet-6_0-api-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-webapps-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-admin-webapps-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-el-5_0-api-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-jsp-3_1-api-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-lib-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-servlet-6_0-api-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-webapps-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-admin-webapps-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-el-5_0-api-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-jsp-3_1-api-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-lib-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-servlet-6_0-api-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-webapps-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-admin-webapps-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-el-5_0-api-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-jsp-3_1-api-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-lib-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-servlet-6_0-api-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-webapps-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-admin-webapps-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-el-5_0-api-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-jsp-3_1-api-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-lib-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-servlet-6_0-api-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-webapps-10.1.42-150200.5.45.1.noarch",
            "openSUSE Leap 15.6:tomcat10-10.1.42-150200.5.45.1.noarch",
            "openSUSE Leap 15.6:tomcat10-admin-webapps-10.1.42-150200.5.45.1.noarch",
            "openSUSE Leap 15.6:tomcat10-doc-10.1.42-150200.5.45.1.noarch",
            "openSUSE Leap 15.6:tomcat10-docs-webapp-10.1.42-150200.5.45.1.noarch",
            "openSUSE Leap 15.6:tomcat10-el-5_0-api-10.1.42-150200.5.45.1.noarch",
            "openSUSE Leap 15.6:tomcat10-embed-10.1.42-150200.5.45.1.noarch",
            "openSUSE Leap 15.6:tomcat10-jsp-3_1-api-10.1.42-150200.5.45.1.noarch",
            "openSUSE Leap 15.6:tomcat10-jsvc-10.1.42-150200.5.45.1.noarch",
            "openSUSE Leap 15.6:tomcat10-lib-10.1.42-150200.5.45.1.noarch",
            "openSUSE Leap 15.6:tomcat10-servlet-6_0-api-10.1.42-150200.5.45.1.noarch",
            "openSUSE Leap 15.6:tomcat10-webapps-10.1.42-150200.5.45.1.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-07-09T17:40:32Z",
          "details": "important"
        }
      ],
      "title": "CVE-2025-48988"
    },
    {
      "cve": "CVE-2025-49125",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-49125"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Authentication Bypass Using an Alternate Path or Channel vulnerability in Apache Tomcat.   When using PreResources or PostResources mounted other than at the root of the web application, it was possible to access those resources via an unexpected path. That path was likely not to be protected by the same security constraints as the expected path, allowing those security constraints to be bypassed.\n\nThis issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.7, from 10.1.0-M1 through 10.1.41, from 9.0.0.M1 through 9.0.105.\n\nUsers are recommended to upgrade to version 11.0.8, 10.1.42 or 9.0.106, which fix the issue.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-10.1.42-150200.5.45.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-admin-webapps-10.1.42-150200.5.45.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-el-5_0-api-10.1.42-150200.5.45.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-jsp-3_1-api-10.1.42-150200.5.45.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-lib-10.1.42-150200.5.45.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-servlet-6_0-api-10.1.42-150200.5.45.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-webapps-10.1.42-150200.5.45.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-10.1.42-150200.5.45.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-admin-webapps-10.1.42-150200.5.45.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-el-5_0-api-10.1.42-150200.5.45.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-jsp-3_1-api-10.1.42-150200.5.45.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-lib-10.1.42-150200.5.45.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-servlet-6_0-api-10.1.42-150200.5.45.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-webapps-10.1.42-150200.5.45.1.noarch",
          "SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-10.1.42-150200.5.45.1.noarch",
          "SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-admin-webapps-10.1.42-150200.5.45.1.noarch",
          "SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-el-5_0-api-10.1.42-150200.5.45.1.noarch",
          "SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-jsp-3_1-api-10.1.42-150200.5.45.1.noarch",
          "SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-lib-10.1.42-150200.5.45.1.noarch",
          "SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-servlet-6_0-api-10.1.42-150200.5.45.1.noarch",
          "SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-webapps-10.1.42-150200.5.45.1.noarch",
          "SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-10.1.42-150200.5.45.1.noarch",
          "SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-admin-webapps-10.1.42-150200.5.45.1.noarch",
          "SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-el-5_0-api-10.1.42-150200.5.45.1.noarch",
          "SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-jsp-3_1-api-10.1.42-150200.5.45.1.noarch",
          "SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-lib-10.1.42-150200.5.45.1.noarch",
          "SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-servlet-6_0-api-10.1.42-150200.5.45.1.noarch",
          "SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-webapps-10.1.42-150200.5.45.1.noarch",
          "SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-10.1.42-150200.5.45.1.noarch",
          "SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-admin-webapps-10.1.42-150200.5.45.1.noarch",
          "SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-el-5_0-api-10.1.42-150200.5.45.1.noarch",
          "SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-jsp-3_1-api-10.1.42-150200.5.45.1.noarch",
          "SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-lib-10.1.42-150200.5.45.1.noarch",
          "SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-servlet-6_0-api-10.1.42-150200.5.45.1.noarch",
          "SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-webapps-10.1.42-150200.5.45.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-10.1.42-150200.5.45.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-admin-webapps-10.1.42-150200.5.45.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-el-5_0-api-10.1.42-150200.5.45.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-jsp-3_1-api-10.1.42-150200.5.45.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-lib-10.1.42-150200.5.45.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-servlet-6_0-api-10.1.42-150200.5.45.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-webapps-10.1.42-150200.5.45.1.noarch",
          "openSUSE Leap 15.6:tomcat10-10.1.42-150200.5.45.1.noarch",
          "openSUSE Leap 15.6:tomcat10-admin-webapps-10.1.42-150200.5.45.1.noarch",
          "openSUSE Leap 15.6:tomcat10-doc-10.1.42-150200.5.45.1.noarch",
          "openSUSE Leap 15.6:tomcat10-docs-webapp-10.1.42-150200.5.45.1.noarch",
          "openSUSE Leap 15.6:tomcat10-el-5_0-api-10.1.42-150200.5.45.1.noarch",
          "openSUSE Leap 15.6:tomcat10-embed-10.1.42-150200.5.45.1.noarch",
          "openSUSE Leap 15.6:tomcat10-jsp-3_1-api-10.1.42-150200.5.45.1.noarch",
          "openSUSE Leap 15.6:tomcat10-jsvc-10.1.42-150200.5.45.1.noarch",
          "openSUSE Leap 15.6:tomcat10-lib-10.1.42-150200.5.45.1.noarch",
          "openSUSE Leap 15.6:tomcat10-servlet-6_0-api-10.1.42-150200.5.45.1.noarch",
          "openSUSE Leap 15.6:tomcat10-webapps-10.1.42-150200.5.45.1.noarch"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-49125",
          "url": "https://www.suse.com/security/cve/CVE-2025-49125"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1244649 for CVE-2025-49125",
          "url": "https://bugzilla.suse.com/1244649"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-admin-webapps-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-el-5_0-api-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-jsp-3_1-api-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-lib-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-servlet-6_0-api-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-webapps-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-admin-webapps-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-el-5_0-api-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-jsp-3_1-api-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-lib-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-servlet-6_0-api-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-webapps-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-admin-webapps-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-el-5_0-api-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-jsp-3_1-api-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-lib-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-servlet-6_0-api-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-webapps-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-admin-webapps-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-el-5_0-api-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-jsp-3_1-api-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-lib-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-servlet-6_0-api-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-webapps-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-admin-webapps-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-el-5_0-api-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-jsp-3_1-api-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-lib-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-servlet-6_0-api-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-webapps-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-admin-webapps-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-el-5_0-api-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-jsp-3_1-api-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-lib-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-servlet-6_0-api-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-webapps-10.1.42-150200.5.45.1.noarch",
            "openSUSE Leap 15.6:tomcat10-10.1.42-150200.5.45.1.noarch",
            "openSUSE Leap 15.6:tomcat10-admin-webapps-10.1.42-150200.5.45.1.noarch",
            "openSUSE Leap 15.6:tomcat10-doc-10.1.42-150200.5.45.1.noarch",
            "openSUSE Leap 15.6:tomcat10-docs-webapp-10.1.42-150200.5.45.1.noarch",
            "openSUSE Leap 15.6:tomcat10-el-5_0-api-10.1.42-150200.5.45.1.noarch",
            "openSUSE Leap 15.6:tomcat10-embed-10.1.42-150200.5.45.1.noarch",
            "openSUSE Leap 15.6:tomcat10-jsp-3_1-api-10.1.42-150200.5.45.1.noarch",
            "openSUSE Leap 15.6:tomcat10-jsvc-10.1.42-150200.5.45.1.noarch",
            "openSUSE Leap 15.6:tomcat10-lib-10.1.42-150200.5.45.1.noarch",
            "openSUSE Leap 15.6:tomcat10-servlet-6_0-api-10.1.42-150200.5.45.1.noarch",
            "openSUSE Leap 15.6:tomcat10-webapps-10.1.42-150200.5.45.1.noarch"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-admin-webapps-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-el-5_0-api-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-jsp-3_1-api-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-lib-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-servlet-6_0-api-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:tomcat10-webapps-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-admin-webapps-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-el-5_0-api-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-jsp-3_1-api-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-lib-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-servlet-6_0-api-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:tomcat10-webapps-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-admin-webapps-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-el-5_0-api-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-jsp-3_1-api-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-lib-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-servlet-6_0-api-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP6:tomcat10-webapps-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-admin-webapps-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-el-5_0-api-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-jsp-3_1-api-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-lib-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-servlet-6_0-api-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP7:tomcat10-webapps-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-admin-webapps-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-el-5_0-api-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-jsp-3_1-api-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-lib-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-servlet-6_0-api-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Server 15 SP5-LTSS:tomcat10-webapps-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-admin-webapps-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-el-5_0-api-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-jsp-3_1-api-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-lib-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-servlet-6_0-api-10.1.42-150200.5.45.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP5:tomcat10-webapps-10.1.42-150200.5.45.1.noarch",
            "openSUSE Leap 15.6:tomcat10-10.1.42-150200.5.45.1.noarch",
            "openSUSE Leap 15.6:tomcat10-admin-webapps-10.1.42-150200.5.45.1.noarch",
            "openSUSE Leap 15.6:tomcat10-doc-10.1.42-150200.5.45.1.noarch",
            "openSUSE Leap 15.6:tomcat10-docs-webapp-10.1.42-150200.5.45.1.noarch",
            "openSUSE Leap 15.6:tomcat10-el-5_0-api-10.1.42-150200.5.45.1.noarch",
            "openSUSE Leap 15.6:tomcat10-embed-10.1.42-150200.5.45.1.noarch",
            "openSUSE Leap 15.6:tomcat10-jsp-3_1-api-10.1.42-150200.5.45.1.noarch",
            "openSUSE Leap 15.6:tomcat10-jsvc-10.1.42-150200.5.45.1.noarch",
            "openSUSE Leap 15.6:tomcat10-lib-10.1.42-150200.5.45.1.noarch",
            "openSUSE Leap 15.6:tomcat10-servlet-6_0-api-10.1.42-150200.5.45.1.noarch",
            "openSUSE Leap 15.6:tomcat10-webapps-10.1.42-150200.5.45.1.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-07-09T17:40:32Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-49125"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.


Loading…