{"vulnerability": "CVE-2025-31651", "sightings": [{"uuid": "38372425-3bec-492e-81ba-49eb867776ba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31651", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114417316809865035", "content": "", "creation_timestamp": "2025-04-28T19:48:23.109208Z"}, {"uuid": "8ed9f8bd-80ef-46f6-a23f-512af37c9c86", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31651", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3lnvl3vhqjc24", "content": "", "creation_timestamp": "2025-04-28T20:09:42.954853Z"}, {"uuid": "faef4434-715c-45de-8ad4-736dd95b68ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31651", "type": "seen", "source": "https://bsky.app/profile/omo.bsky.social/post/3lnvz4ow7zc2o", "content": "", "creation_timestamp": "2025-04-29T00:20:47.212970Z"}, {"uuid": "efaa0760-b16b-45c8-ad96-1f4812c2afdc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31651", "type": "seen", "source": "https://seclists.org/oss-sec/2025/q2/101", "content": "", "creation_timestamp": "2025-04-28T17:45:13.000000Z"}, {"uuid": "aeeb0b07-7b03-4040-ba02-e34fda1f01fe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31651", "type": "seen", "source": "https://bsky.app/profile/shiojiri.com/post/3lomw25qstk2k", "content": "", "creation_timestamp": "2025-05-08T02:56:49.944133Z"}, {"uuid": "7c019c06-6b12-4e37-b991-3db37e4c0a83", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31651", "type": "seen", "source": "https://bsky.app/profile/osanpo.bsky.social/post/3lonmlkdknd2r", "content": "", "creation_timestamp": "2025-05-08T09:40:15.645429Z"}, {"uuid": "490d726f-0c83-4ec6-9a8b-0e01f9410329", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31651", "type": "published-proof-of-concept", "source": "Telegram/ZxsIaa5eZFUaiSvD4DlOA2nuaXeqbYgdUu5BG2utsXAUqUs", "content": "", "creation_timestamp": "2025-04-08T11:00:06.000000Z"}, {"uuid": "292158dd-d2f7-4f0c-a43f-f77ab47cd7e6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31651", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lvjlbvyc332w", "content": "", "creation_timestamp": "2025-08-03T21:02:46.959171Z"}, {"uuid": "111b5935-c8e8-46d0-8a02-52e4fdba5c8f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2025-31651", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0395/", "content": "", "creation_timestamp": "2026-04-02T17:00:00.000000Z"}, {"uuid": "42d30747-bcc7-4417-bf69-1e8ff9f42b5f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31651", "type": "seen", "source": "https://t.me/cvedetector/23954", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-31651 - Apache Tomcat Improper Neutralization of Escape, Meta, or Control Sequences\", \n  \"Content\": \"CVE ID : CVE-2025-31651 \nPublished : April 28, 2025, 8:15 p.m. | 1\u00a0hour, 35\u00a0minutes ago \nDescription : Improper Neutralization of Escape, Meta, or Control Sequences vulnerability in Apache Tomcat.\u00a0For a subset of unlikely rewrite rule configurations, it was possible   \nfor a specially crafted request to bypass some rewrite rules. If those   \nrewrite rules effectively enforced security constraints, those   \nconstraints could be bypassed.  \n  \nThis issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.5, from 10.1.0-M1 through 10.1.39, from 9.0.0.M1 through 9.0.102.  \n  \nUsers are recommended to upgrade to version [FIXED_VERSION], which fixes the issue. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"28 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-29T00:06:30.000000Z"}, {"uuid": "98af8d2b-3673-43a3-b9f3-65b7b5de51e9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31651", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/13747", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-31651\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Improper Neutralization of Escape, Meta, or Control Sequences vulnerability in Apache Tomcat.\u00a0For a subset of unlikely rewrite rule configurations, it was possible \nfor a specially crafted request to bypass some rewrite rules. If those \nrewrite rules effectively enforced security constraints, those \nconstraints could be bypassed.\n\nThis issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.5, from 10.1.0-M1 through 10.1.39, from 9.0.0.M1 through 9.0.102.\n\nUsers are recommended to upgrade to version [FIXED_VERSION], which fixes the issue.\n\ud83d\udccf Published: 2025-04-28T19:17:21.721Z\n\ud83d\udccf Modified: 2025-04-28T22:02:47.596Z\n\ud83d\udd17 References:\n1. https://lists.apache.org/list.html?announce@tomcat.apache.org", "creation_timestamp": "2025-04-28T22:10:53.000000Z"}]}