Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2025-55668 (GCVE-0-2025-55668)
Vulnerability from cvelistv5 – Published: 2025-08-13 13:21 – Updated: 2025-11-04 21:13
VLAI
EPSS
Title
Apache Tomcat: session fixation via rewrite valve
Summary
Session Fixation vulnerability in Apache Tomcat via rewrite valve.
This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.7, from 10.1.0-M1 through 10.1.41, from 9.0.0.M1 through 9.0.105.
Older, EOL versions may also be affected.
Users are recommended to upgrade to version 11.0.8, 10.1.42 or 9.0.106, which fix the issue.
Severity
6.5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-384 - Session Fixation
Assigner
References
2 references
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Apache Software Foundation | Apache Tomcat |
Affected:
11.0.0-M1 , ≤ 11.0.7
(semver)
Affected: 10.1.0-M1 , ≤ 10.1.41 (semver) Affected: 9.0.0.M1 , ≤ 9.0.105 (semver) Unknown: 8 , < 9.0.0.M1 (semver) Unknown: 10.0.0-M1 , ≤ 10.0.27 (semver) |
Credits
Greg K (https://github.com/gregk4sec)
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-55668",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-08-13T13:38:12.498649Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-13T13:39:26.761Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-04T21:13:09.014Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2025/08/13/3"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Apache Tomcat",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThanOrEqual": "11.0.7",
"status": "affected",
"version": "11.0.0-M1",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.1.41",
"status": "affected",
"version": "10.1.0-M1",
"versionType": "semver"
},
{
"lessThanOrEqual": "9.0.105",
"status": "affected",
"version": "9.0.0.M1",
"versionType": "semver"
},
{
"lessThan": "9.0.0.M1",
"status": "unknown",
"version": "8",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.0.27",
"status": "unknown",
"version": "10.0.0-M1",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Greg K (https://github.com/gregk4sec)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eSession Fixation vulnerability in Apache Tomcat via rewrite valve.\u003c/p\u003e\u003cp\u003eThis issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.7, from 10.1.0-M1 through 10.1.41, from 9.0.0.M1 through 9.0.105.\u003cbr\u003eOlder, EOL versions may also be affected.\u003c/p\u003e\u003cp\u003eUsers are recommended to upgrade to version 11.0.8, 10.1.42 or 9.0.106, which fix the issue.\u003c/p\u003e"
}
],
"value": "Session Fixation vulnerability in Apache Tomcat via rewrite valve.\n\nThis issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.7, from 10.1.0-M1 through 10.1.41, from 9.0.0.M1 through 9.0.105.\nOlder, EOL versions may also be affected.\n\nUsers are recommended to upgrade to version 11.0.8, 10.1.42 or 9.0.106, which fix the issue."
}
],
"metrics": [
{
"other": {
"content": {
"text": "moderate"
},
"type": "Textual description of severity"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-384",
"description": "CWE-384 Session Fixation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-29T11:39:30.355Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://lists.apache.org/thread/v6bknr96rl7l1qxkl1c03v0qdvbbqs47"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Apache Tomcat: session fixation via rewrite valve",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2025-55668",
"datePublished": "2025-08-13T13:21:35.743Z",
"dateReserved": "2025-08-13T12:16:36.881Z",
"dateUpdated": "2025-11-04T21:13:09.014Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2025-55668",
"date": "2026-06-14",
"epss": "0.00053",
"percentile": "0.16973"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2025-55668\",\"sourceIdentifier\":\"security@apache.org\",\"published\":\"2025-08-13T14:15:33.330\",\"lastModified\":\"2025-11-04T22:16:30.550\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Session Fixation vulnerability in Apache Tomcat via rewrite valve.\\n\\nThis issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.7, from 10.1.0-M1 through 10.1.41, from 9.0.0.M1 through 9.0.105.\\nOlder, EOL versions may also be affected.\\n\\nUsers are recommended to upgrade to version 11.0.8, 10.1.42 or 9.0.106, which fix the issue.\"},{\"lang\":\"es\",\"value\":\"Vulnerabilidad de fijaci\u00f3n de sesi\u00f3n en Apache Tomcat mediante una v\u00e1lvula de reescritura. Este problema afecta a Apache Tomcat: de 11.0.0-M1 a 11.0.7, de 10.1.0-M1 a 10.1.41, y de 9.0.0.M1 a 9.0.105. Las versiones anteriores al final de su vida \u00fatil tambi\u00e9n pueden verse afectadas. Se recomienda actualizar a las versiones 11.0.8, 10.1.42 o 9.0.106, que solucionan el problema.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N\",\"baseScore\":6.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"security@apache.org\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-384\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"9.0.1\",\"versionEndExcluding\":\"9.0.106\",\"matchCriteriaId\":\"6D612584-5CB2-48F6-A969-0016A419FCB7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"10.0.0\",\"versionEndExcluding\":\"10.1.42\",\"matchCriteriaId\":\"B331712D-D798-4901-AE46-C9B57379410A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"11.0.0\",\"versionEndExcluding\":\"11.0.8\",\"matchCriteriaId\":\"EE393E87-D325-4ABB-B49C-5863ECD3DD83\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:9.0.0:milestone1:*:*:*:*:*:*\",\"matchCriteriaId\":\"9D0689FE-4BC0-4F53-8C79-34B21F9B86C2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:9.0.0:milestone10:*:*:*:*:*:*\",\"matchCriteriaId\":\"89B129B2-FB6F-4EF9-BF12-E589A87996CF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:9.0.0:milestone11:*:*:*:*:*:*\",\"matchCriteriaId\":\"8B6787B6-54A8-475E-BA1C-AB99334B2535\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:9.0.0:milestone12:*:*:*:*:*:*\",\"matchCriteriaId\":\"EABB6FBC-7486-44D5-A6AD-FFF1D3F677E1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:9.0.0:milestone13:*:*:*:*:*:*\",\"matchCriteriaId\":\"E10C03BC-EE6B-45B2-83AE-9E8DFB58D7DB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:9.0.0:milestone14:*:*:*:*:*:*\",\"matchCriteriaId\":\"8A6DA0BE-908C-4DA8-A191-A0113235E99A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:9.0.0:milestone15:*:*:*:*:*:*\",\"matchCriteriaId\":\"39029C72-28B4-46A4-BFF5-EC822CFB2A4C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:9.0.0:milestone16:*:*:*:*:*:*\",\"matchCriteriaId\":\"1A2E05A3-014F-4C4D-81E5-88E725FBD6AD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:9.0.0:milestone17:*:*:*:*:*:*\",\"matchCriteriaId\":\"166C533C-0833-41D5-99B6-17A4FAB3CAF0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:9.0.0:milestone18:*:*:*:*:*:*\",\"matchCriteriaId\":\"D3768C60-21FA-4B92-B98C-C3A2602D1BC4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:9.0.0:milestone19:*:*:*:*:*:*\",\"matchCriteriaId\":\"DDD510FA-A2E4-4BAF-A0DE-F4E5777E9325\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:9.0.0:milestone2:*:*:*:*:*:*\",\"matchCriteriaId\":\"9F542E12-6BA8-4504-A494-DA83E7E19BD5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:9.0.0:milestone20:*:*:*:*:*:*\",\"matchCriteriaId\":\"C2409CC7-6A85-4A66-A457-0D62B9895DC1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:9.0.0:milestone21:*:*:*:*:*:*\",\"matchCriteriaId\":\"B392A7E5-4455-4B1C-8FAC-AE6DDC70689E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:9.0.0:milestone22:*:*:*:*:*:*\",\"matchCriteriaId\":\"EF411DDA-2601-449A-9046-D250419A0E1A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:9.0.0:milestone23:*:*:*:*:*:*\",\"matchCriteriaId\":\"D7D8F2F4-AFE2-47EA-A3FD-79B54324DE02\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:9.0.0:milestone24:*:*:*:*:*:*\",\"matchCriteriaId\":\"1B4FBF97-DE16-4E5E-BE19-471E01818D40\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:9.0.0:milestone25:*:*:*:*:*:*\",\"matchCriteriaId\":\"3B266B1E-24B5-47EE-A421-E0E3CC0C7471\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:9.0.0:milestone26:*:*:*:*:*:*\",\"matchCriteriaId\":\"29614C3A-6FB3-41C7-B56E-9CC3F45B04F0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:9.0.0:milestone27:*:*:*:*:*:*\",\"matchCriteriaId\":\"C6AB156C-8FF6-4727-AF75-590D0DCB3F9D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:9.0.0:milestone3:*:*:*:*:*:*\",\"matchCriteriaId\":\"C0C5F004-F7D8-45DB-B173-351C50B0EC16\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:9.0.0:milestone4:*:*:*:*:*:*\",\"matchCriteriaId\":\"D1902D2E-1896-4D3D-9E1C-3A675255072C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:9.0.0:milestone5:*:*:*:*:*:*\",\"matchCriteriaId\":\"49AAF4DF-F61D-47A8-8788-A21E317A145D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:9.0.0:milestone6:*:*:*:*:*:*\",\"matchCriteriaId\":\"454211D0-60A2-4661-AECA-4C0121413FEB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:9.0.0:milestone7:*:*:*:*:*:*\",\"matchCriteriaId\":\"0686F977-889F-4960-8E0B-7784B73A7F2D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:9.0.0:milestone8:*:*:*:*:*:*\",\"matchCriteriaId\":\"558703AE-DB5E-4DFF-B497-C36694DD7B24\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:9.0.0:milestone9:*:*:*:*:*:*\",\"matchCriteriaId\":\"ED6273F2-1165-47A4-8DD7-9E9B2472941B\"}]}]}],\"references\":[{\"url\":\"https://lists.apache.org/thread/v6bknr96rl7l1qxkl1c03v0qdvbbqs47\",\"source\":\"security@apache.org\",\"tags\":[\"Mailing List\",\"Vendor Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2025/08/13/3\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"http://www.openwall.com/lists/oss-security/2025/08/13/3\"}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2025-11-04T21:13:09.014Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 6.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"REQUIRED\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-55668\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-08-13T13:38:12.498649Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-08-13T13:38:57.635Z\"}}], \"cna\": {\"title\": \"Apache Tomcat: session fixation via rewrite valve\", \"source\": {\"discovery\": \"EXTERNAL\"}, \"credits\": [{\"lang\": \"en\", \"type\": \"finder\", \"value\": \"Greg K (https://github.com/gregk4sec)\"}], \"metrics\": [{\"other\": {\"type\": \"Textual description of severity\", \"content\": {\"text\": \"moderate\"}}}], \"affected\": [{\"vendor\": \"Apache Software Foundation\", \"product\": \"Apache Tomcat\", \"versions\": [{\"status\": \"affected\", \"version\": \"11.0.0-M1\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"11.0.7\"}, {\"status\": \"affected\", \"version\": \"10.1.0-M1\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"10.1.41\"}, {\"status\": \"affected\", \"version\": \"9.0.0.M1\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"9.0.105\"}, {\"status\": \"unknown\", \"version\": \"8\", \"lessThan\": \"9.0.0.M1\", \"versionType\": \"semver\"}, {\"status\": \"unknown\", \"version\": \"10.0.0-M1\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"10.0.27\"}], \"defaultStatus\": \"unaffected\"}], \"references\": [{\"url\": \"https://lists.apache.org/thread/v6bknr96rl7l1qxkl1c03v0qdvbbqs47\", \"tags\": [\"vendor-advisory\"]}], \"x_generator\": {\"engine\": \"Vulnogram 0.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"Session Fixation vulnerability in Apache Tomcat via rewrite valve.\\n\\nThis issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.7, from 10.1.0-M1 through 10.1.41, from 9.0.0.M1 through 9.0.105.\\nOlder, EOL versions may also be affected.\\n\\nUsers are recommended to upgrade to version 11.0.8, 10.1.42 or 9.0.106, which fix the issue.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\u003cp\u003eSession Fixation vulnerability in Apache Tomcat via rewrite valve.\u003c/p\u003e\u003cp\u003eThis issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.7, from 10.1.0-M1 through 10.1.41, from 9.0.0.M1 through 9.0.105.\u003cbr\u003eOlder, EOL versions may also be affected.\u003c/p\u003e\u003cp\u003eUsers are recommended to upgrade to version 11.0.8, 10.1.42 or 9.0.106, which fix the issue.\u003c/p\u003e\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-384\", \"description\": \"CWE-384 Session Fixation\"}]}], \"providerMetadata\": {\"orgId\": \"f0158376-9dc2-43b6-827c-5f631a4d8d09\", \"shortName\": \"apache\", \"dateUpdated\": \"2025-10-29T11:39:30.355Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2025-55668\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-11-04T21:13:09.014Z\", \"dateReserved\": \"2025-08-13T12:16:36.881Z\", \"assignerOrgId\": \"f0158376-9dc2-43b6-827c-5f631a4d8d09\", \"datePublished\": \"2025-08-13T13:21:35.743Z\", \"assignerShortName\": \"apache\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
RHSA-2026:8334
Vulnerability from csaf_redhat - Published: 2026-04-15 17:31 - Updated: 2026-06-10 08:41Summary
Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update
Severity
Important
Notes
Topic: An update for Red Hat Hardened Images RPMs is now available.
Details: This update includes the following RPMs:
tomcat10:
* tomcat10-10.1.54-1.hum1 (noarch)
* tomcat10-admin-webapps-10.1.54-1.hum1 (noarch)
* tomcat10-common-10.1.54-1.hum1 (noarch)
* tomcat10-docs-webapp-10.1.54-1.hum1 (noarch)
* tomcat10-el-5.0-api-10.1.54-1.hum1 (noarch)
* tomcat10-jsp-3.1-api-10.1.54-1.hum1 (noarch)
* tomcat10-lib-10.1.54-1.hum1 (noarch)
* tomcat10-servlet-6.0-api-10.1.54-1.hum1 (noarch)
* tomcat10-user-instance-10.1.54-1.hum1 (noarch)
* tomcat10-webapps-10.1.54-1.hum1 (noarch)
* tomcat10-10.1.54-1.hum1.src (src)
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A session fixation vulnerability has been identified in Apache Tomcat, affecting its rewrite functionality. If the rewrite valve is enabled for a web application, an attacker can craft a specific URL. If a victim clicks on this malicious URL, their subsequent interaction with the resource will occur within the context of the attacker's session. This could allow an attacker to hijack the victim's session and perform actions on their behalf.
6.5 (Medium)
Affected products
Threats
Impact
Moderate
A directory traversal vulnerability in Apache Tomcat caused by improper URL normalization during request rewriting. When specific rewrite rules are used, an attacker could craft a malicious request to bypass access restrictions and reach protected directories such as /WEB-INF/ or /META-INF/. If HTTP PUT requests are also enabled, this flaw could allow the upload of malicious files, potentially leading to remote code execution.
7.5 (High)
Affected products
Threats
Impact
Important
An improper input neutralization flaw has been discovered in Apache Tomcat. Tomcat did not escape ANSI escape sequences in log messages. If Tomcat was running in a console on a Windows operating system, and the console supported ANSI escape sequences, it was possible for an attacker to use a specially crafted URL to inject ANSI escape sequences to manipulate the console and the clipboard and attempt to trick an administrator into running an attacker controlled command. While no attack vector was found, it may have been possible to mount this attack on other operating systems.
CWE-150 - Improper Neutralization of Escape, Meta, or Control SequencesAffected products
Threats
Impact
Moderate
A denial of service flaw has been discovered in Apache Tomcat. If an error occurred (including exceeding limits) during the processing of a multipart upload, temporary copies of the uploaded parts written to disc were not cleaned up immediately but left for the garbage collection process to delete. Depending on JVM settings, application memory usage and application load, it was possible that space for the temporary copies of uploaded parts would be filled faster than GC cleared it, leading to a DoS.
5.3 (Medium)
Affected products
Threats
Impact
Moderate
A certificate validation flaw has been found in Apache Tomcat. omcat did not validate that the host name provided via the SNI extension was the same as the host name provided in the HTTP host header field. If Tomcat was configured with more than one virtual host and the TLS configuration for one of those hosts did not require client certificate authentication but another one did, it was possible for a client to bypass the client certificate authentication by sending different host names in the SNI extension and the HTTP host header field. The vulnerability only applies if client certificate authentication is only enforced at the Connector. It does not apply if client certificate authentication is enforced at the web application.
5.3 (Medium)
Affected products
Threats
Impact
Moderate
A flaw was found in Tomcat. An improper input validation vulnerability allows an attacker to bypass security constraints. Specifically, if a security constraint is configured to permit HEAD requests to a URI but deny GET requests, a malformed or specification invalid HEAD request using the HTTP/0.9 protocol can bypass the intended denial rule, enabling an attacker to access resources that should be protected.
5.3 (Medium)
Affected products
Threats
Impact
Low
A flaw was found in Apache Tomcat. When an Online Certificate Status Protocol (OCSP) responder is used, the Tomcat Native component, and Tomcat's FFM port of the Tomcat Native code, does not properly verify or check the freshness of the OCSP response. This improper input validation vulnerability could allow an attacker to bypass certificate revocation checks, potentially leading to the acceptance of revoked certificates.
7.4 (High)
Affected products
Threats
Impact
Important
References
52 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for Red Hat Hardened Images RPMs is now available.",
"title": "Topic"
},
{
"category": "general",
"text": "This update includes the following RPMs:\n\ntomcat10:\n * tomcat10-10.1.54-1.hum1 (noarch)\n * tomcat10-admin-webapps-10.1.54-1.hum1 (noarch)\n * tomcat10-common-10.1.54-1.hum1 (noarch)\n * tomcat10-docs-webapp-10.1.54-1.hum1 (noarch)\n * tomcat10-el-5.0-api-10.1.54-1.hum1 (noarch)\n * tomcat10-jsp-3.1-api-10.1.54-1.hum1 (noarch)\n * tomcat10-lib-10.1.54-1.hum1 (noarch)\n * tomcat10-servlet-6.0-api-10.1.54-1.hum1 (noarch)\n * tomcat10-user-instance-10.1.54-1.hum1 (noarch)\n * tomcat10-webapps-10.1.54-1.hum1 (noarch)\n * tomcat10-10.1.54-1.hum1.src (src)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:8334",
"url": "https://access.redhat.com/errata/RHSA-2026:8334"
},
{
"category": "external",
"summary": "https://images.redhat.com/",
"url": "https://images.redhat.com/"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-55668",
"url": "https://access.redhat.com/security/cve/CVE-2025-55668"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-61795",
"url": "https://access.redhat.com/security/cve/CVE-2025-61795"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-55754",
"url": "https://access.redhat.com/security/cve/CVE-2025-55754"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-55752",
"url": "https://access.redhat.com/security/cve/CVE-2025-55752"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-24733",
"url": "https://access.redhat.com/security/cve/CVE-2026-24733"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66614",
"url": "https://access.redhat.com/security/cve/CVE-2025-66614"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-24734",
"url": "https://access.redhat.com/security/cve/CVE-2026-24734"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_8334.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update",
"tracking": {
"current_release_date": "2026-06-10T08:41:08+00:00",
"generator": {
"date": "2026-06-10T08:41:08+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.2"
}
},
"id": "RHSA-2026:8334",
"initial_release_date": "2026-04-15T17:31:38+00:00",
"revision_history": [
{
"date": "2026-04-15T17:31:38+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-04-18T19:58:04+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-10T08:41:08+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Hardened Images",
"product": {
"name": "Red Hat Hardened Images",
"product_id": "Red Hat Hardened Images",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:hummingbird:1"
}
}
}
],
"category": "product_family",
"name": "Red Hat Hardened Images"
},
{
"branches": [
{
"category": "product_version",
"name": "tomcat10-main@noarch",
"product": {
"name": "tomcat10-main@noarch",
"product_id": "tomcat10-main@noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat10@10.1.54-1.hum1?arch=noarch\u0026distro=hummingbird-20251124\u0026repository_id=public-hummingbird-x86_64-rpms"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "tomcat10-main@src",
"product": {
"name": "tomcat10-main@src",
"product_id": "tomcat10-main@src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcat10@10.1.54-1.hum1?arch=src\u0026distro=hummingbird-20251124\u0026repository_id=public-hummingbird-source-rpms"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat10-main@noarch as a component of Red Hat Hardened Images",
"product_id": "Red Hat Hardened Images:tomcat10-main@noarch"
},
"product_reference": "tomcat10-main@noarch",
"relates_to_product_reference": "Red Hat Hardened Images"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcat10-main@src as a component of Red Hat Hardened Images",
"product_id": "Red Hat Hardened Images:tomcat10-main@src"
},
"product_reference": "tomcat10-main@src",
"relates_to_product_reference": "Red Hat Hardened Images"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-55668",
"cwe": {
"id": "CWE-384",
"name": "Session Fixation"
},
"discovery_date": "2025-08-13T14:00:45.674371+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2388226"
}
],
"notes": [
{
"category": "description",
"text": "A session fixation vulnerability has been identified in Apache Tomcat, affecting its rewrite functionality. If the rewrite valve is enabled for a web application, an attacker can craft a specific URL. If a victim clicks on this malicious URL, their subsequent interaction with the resource will occur within the context of the attacker\u0027s session. This could allow an attacker to hijack the victim\u0027s session and perform actions on their behalf.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "org.apache.tomcat/tomcat-catalina: tomcat: Apache Tomcat: session fixation via rewrite valve",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:tomcat10-main@noarch",
"Red Hat Hardened Images:tomcat10-main@src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-55668"
},
{
"category": "external",
"summary": "RHBZ#2388226",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2388226"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-55668",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55668"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-55668",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-55668"
},
{
"category": "external",
"summary": "https://github.com/apache/tomcat/commit/8621e4c6ba2c916a41eb34cb0f781171ead33fb6",
"url": "https://github.com/apache/tomcat/commit/8621e4c6ba2c916a41eb34cb0f781171ead33fb6"
},
{
"category": "external",
"summary": "https://github.com/apache/tomcat/commit/90306d971bb8b8393336d893644124fb2ca11d21",
"url": "https://github.com/apache/tomcat/commit/90306d971bb8b8393336d893644124fb2ca11d21"
},
{
"category": "external",
"summary": "https://github.com/apache/tomcat/commit/9c3673ba04009377cb0c81ccb6cf5078aec1aa95",
"url": "https://github.com/apache/tomcat/commit/9c3673ba04009377cb0c81ccb6cf5078aec1aa95"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/v6bknr96rl7l1qxkl1c03v0qdvbbqs47",
"url": "https://lists.apache.org/thread/v6bknr96rl7l1qxkl1c03v0qdvbbqs47"
}
],
"release_date": "2025-08-13T13:21:35.743000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-15T17:31:38+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:tomcat10-main@noarch",
"Red Hat Hardened Images:tomcat10-main@src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:8334"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Hardened Images:tomcat10-main@noarch",
"Red Hat Hardened Images:tomcat10-main@src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:tomcat10-main@noarch",
"Red Hat Hardened Images:tomcat10-main@src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "org.apache.tomcat/tomcat-catalina: tomcat: Apache Tomcat: session fixation via rewrite valve"
},
{
"cve": "CVE-2025-55752",
"cwe": {
"id": "CWE-23",
"name": "Relative Path Traversal"
},
"discovery_date": "2025-10-27T18:01:22.818037+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2406591"
}
],
"notes": [
{
"category": "description",
"text": "A directory traversal vulnerability in Apache Tomcat caused by improper URL normalization during request rewriting. When specific rewrite rules are used, an attacker could craft a malicious request to bypass access restrictions and reach protected directories such as /WEB-INF/ or /META-INF/. If HTTP PUT requests are also enabled, this flaw could allow the upload of malicious files, potentially leading to remote code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: org.apache.tomcat/tomcat-catalina: Apache Tomcat: Directory traversal via rewrite with possible RCE",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated as Important rather than Critical because successful exploitation depends on specific, non-default configuration conditions. The flaw only becomes exploitable when both URL rewriting rules that modify the request path are in use and HTTP PUT requests are enabled \u2014 a feature typically restricted to administrative or trusted users. In standard Tomcat deployments, PUT is disabled or tightly controlled, and rewrite configurations rarely expose sensitive paths. Therefore, while the issue could theoretically lead to remote code execution, the limited attack surface and requirement for uncommon setup conditions significantly reduce its overall risk level.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:tomcat10-main@noarch",
"Red Hat Hardened Images:tomcat10-main@src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-55752"
},
{
"category": "external",
"summary": "RHBZ#2406591",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2406591"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-55752",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55752"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-55752",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-55752"
},
{
"category": "external",
"summary": "https://github.com/apache/tomcat/commit/fec06c610ed7466b401e29cc567a58aee5ed826a",
"url": "https://github.com/apache/tomcat/commit/fec06c610ed7466b401e29cc567a58aee5ed826a"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/n05kjcwyj1s45ovs8ll1qrrojhfb1tog",
"url": "https://lists.apache.org/thread/n05kjcwyj1s45ovs8ll1qrrojhfb1tog"
}
],
"release_date": "2025-10-27T17:29:56.060000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-15T17:31:38+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:tomcat10-main@noarch",
"Red Hat Hardened Images:tomcat10-main@src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:8334"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.\n\nTo reduced the risk, by disabling or strictly limiting the use of HTTP PUT requests to trusted, authenticated users only. Additionally, administrators should review and adjust URL rewrite rules to ensure they do not manipulate request paths in ways that could expose protected directories such as /WEB-INF/ or /META-INF/. Implementing strict access controls and monitoring for unexpected rewrite or upload behavior can further minimize potential exploitation.",
"product_ids": [
"Red Hat Hardened Images:tomcat10-main@noarch",
"Red Hat Hardened Images:tomcat10-main@src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:tomcat10-main@noarch",
"Red Hat Hardened Images:tomcat10-main@src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "tomcat: org.apache.tomcat/tomcat-catalina: Apache Tomcat: Directory traversal via rewrite with possible RCE"
},
{
"cve": "CVE-2025-55754",
"cwe": {
"id": "CWE-150",
"name": "Improper Neutralization of Escape, Meta, or Control Sequences"
},
"discovery_date": "2025-10-27T18:01:17.953987+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2406590"
}
],
"notes": [
{
"category": "description",
"text": "An improper input neutralization flaw has been discovered in Apache Tomcat. \nTomcat did not escape ANSI escape sequences in log messages. If Tomcat was running in a console on a Windows operating system, and the console supported ANSI escape sequences, it was possible for an attacker to use a specially crafted URL to inject ANSI escape sequences to manipulate the console and the clipboard and attempt to trick an administrator into running an attacker controlled command. While no attack vector was found, it may have been possible to mount this attack on other operating systems.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "org.apache.tomcat/tomcat-juli: tomcat: Apache Tomcat: console manipulation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:tomcat10-main@noarch",
"Red Hat Hardened Images:tomcat10-main@src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-55754"
},
{
"category": "external",
"summary": "RHBZ#2406590",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2406590"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-55754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55754"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-55754",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-55754"
},
{
"category": "external",
"summary": "https://github.com/apache/tomcat/commit/5a3db092982c0c58d4855304167ee757fe5e79bb",
"url": "https://github.com/apache/tomcat/commit/5a3db092982c0c58d4855304167ee757fe5e79bb"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/j7w54hqbkfcn0xb9xy0wnx8w5nymcbqd",
"url": "https://lists.apache.org/thread/j7w54hqbkfcn0xb9xy0wnx8w5nymcbqd"
}
],
"release_date": "2025-10-27T17:29:50.756000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-15T17:31:38+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:tomcat10-main@noarch",
"Red Hat Hardened Images:tomcat10-main@src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:8334"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Hardened Images:tomcat10-main@noarch",
"Red Hat Hardened Images:tomcat10-main@src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:tomcat10-main@noarch",
"Red Hat Hardened Images:tomcat10-main@src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "org.apache.tomcat/tomcat-juli: tomcat: Apache Tomcat: console manipulation"
},
{
"cve": "CVE-2025-61795",
"cwe": {
"id": "CWE-404",
"name": "Improper Resource Shutdown or Release"
},
"discovery_date": "2025-10-27T18:01:06.418669+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2406588"
}
],
"notes": [
{
"category": "description",
"text": "A denial of service flaw has been discovered in Apache Tomcat. If an error occurred (including exceeding limits) during the processing of a multipart upload, temporary copies of the uploaded parts written to disc were not cleaned up immediately but left for the garbage collection process to delete. Depending on JVM settings, application memory usage and application load, it was possible that space for the temporary copies of uploaded parts would be filled faster than GC cleared it, leading to a DoS.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: org.apache.tomcat/tomcat-catalina: Apache Tomcat: Denial of service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:tomcat10-main@noarch",
"Red Hat Hardened Images:tomcat10-main@src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61795"
},
{
"category": "external",
"summary": "RHBZ#2406588",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2406588"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61795"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61795",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61795"
},
{
"category": "external",
"summary": "https://github.com/apache/tomcat/commit/1cdf5f730ede75a0759492f179ac21ca4ff68e06",
"url": "https://github.com/apache/tomcat/commit/1cdf5f730ede75a0759492f179ac21ca4ff68e06"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/wm9mx8brmx9g4zpywm06ryrtvd3160pp",
"url": "https://lists.apache.org/thread/wm9mx8brmx9g4zpywm06ryrtvd3160pp"
}
],
"release_date": "2025-10-27T17:30:28.334000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-15T17:31:38+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:tomcat10-main@noarch",
"Red Hat Hardened Images:tomcat10-main@src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:8334"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Hardened Images:tomcat10-main@noarch",
"Red Hat Hardened Images:tomcat10-main@src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:tomcat10-main@noarch",
"Red Hat Hardened Images:tomcat10-main@src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "tomcat: org.apache.tomcat/tomcat-catalina: Apache Tomcat: Denial of service"
},
{
"cve": "CVE-2025-66614",
"cwe": {
"id": "CWE-1289",
"name": "Improper Validation of Unsafe Equivalence in Input"
},
"discovery_date": "2026-02-17T20:04:14.943661+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2440430"
}
],
"notes": [
{
"category": "description",
"text": "A certificate validation flaw has been found in Apache Tomcat. omcat did not validate that the host name provided via the SNI extension was the same as the host name provided in the HTTP host header field. If Tomcat was configured with more than one virtual host and the TLS configuration for one of those hosts did not require client certificate authentication but another one did, it was possible for a client to bypass the client certificate authentication by sending different host names in the SNI extension and the HTTP host header field. The vulnerability only applies if client certificate authentication is only enforced at the Connector. It does not apply if client certificate authentication is enforced at the web application.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: Client certificate verification bypass due to virtual host mapping",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:tomcat10-main@noarch",
"Red Hat Hardened Images:tomcat10-main@src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66614"
},
{
"category": "external",
"summary": "RHBZ#2440430",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2440430"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66614",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66614"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66614",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66614"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/vw6lxtlh2qbqwpb61wd3sv1flm2nttw7",
"url": "https://lists.apache.org/thread/vw6lxtlh2qbqwpb61wd3sv1flm2nttw7"
}
],
"release_date": "2026-02-17T18:48:30.577000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-15T17:31:38+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:tomcat10-main@noarch",
"Red Hat Hardened Images:tomcat10-main@src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:8334"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Hardened Images:tomcat10-main@noarch",
"Red Hat Hardened Images:tomcat10-main@src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:tomcat10-main@noarch",
"Red Hat Hardened Images:tomcat10-main@src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "tomcat: Client certificate verification bypass due to virtual host mapping"
},
{
"cve": "CVE-2026-24733",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2026-02-17T20:05:04.953085+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2440437"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Tomcat. An improper input validation vulnerability allows an attacker to bypass security constraints. Specifically, if a security constraint is configured to permit HEAD requests to a URI but deny GET requests, a malformed or specification invalid HEAD request using the HTTP/0.9 protocol can bypass the intended denial rule, enabling an attacker to access resources that should be protected.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: security constraint bypass with HTTP/0.9",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw is only exploitable when Tomcat is configured to allow HEAD requests but deny GET requests to the same resource, a very unlikely configuration. Due to this reason, this flaw has been rated with a low severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:tomcat10-main@noarch",
"Red Hat Hardened Images:tomcat10-main@src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-24733"
},
{
"category": "external",
"summary": "RHBZ#2440437",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2440437"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-24733",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24733"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-24733",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24733"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/6xk3t65qpn1myp618krtfotbjn1qt90f",
"url": "https://lists.apache.org/thread/6xk3t65qpn1myp618krtfotbjn1qt90f"
}
],
"release_date": "2026-02-17T18:50:43.871000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-15T17:31:38+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:tomcat10-main@noarch",
"Red Hat Hardened Images:tomcat10-main@src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:8334"
},
{
"category": "workaround",
"details": "To mitigate this vulnerability, ensure that security constraints are consistent across similar methods (e.g., if GET is denied, HEAD should likely be denied) or block HTTP/0.9 traffic via a reverse proxy or firewall, if it is not required.",
"product_ids": [
"Red Hat Hardened Images:tomcat10-main@noarch",
"Red Hat Hardened Images:tomcat10-main@src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:tomcat10-main@noarch",
"Red Hat Hardened Images:tomcat10-main@src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "tomcat: security constraint bypass with HTTP/0.9"
},
{
"cve": "CVE-2026-24734",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"discovery_date": "2026-02-17T20:03:45.051629+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2440426"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache Tomcat. When an Online Certificate Status Protocol (OCSP) responder is used, the Tomcat Native component, and Tomcat\u0027s FFM port of the Tomcat Native code, does not properly verify or check the freshness of the OCSP response. This improper input validation vulnerability could allow an attacker to bypass certificate revocation checks, potentially leading to the acceptance of revoked certificates.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: Apache Tomcat: Certificate revocation bypass due to improper OCSP response validation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability doesn\u0027t affect the Apache Tomcat distributed with Red Hat Enterprise 8 and Red Hat Enterprise up to the version 9.7 as the vulnerable code is not built. The vulnerable code is compiled with Red Hat Enterprise Linux 9.8 and above.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Hardened Images:tomcat10-main@noarch",
"Red Hat Hardened Images:tomcat10-main@src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-24734"
},
{
"category": "external",
"summary": "RHBZ#2440426",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2440426"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-24734",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24734"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-24734",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24734"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/292dlmx3fz1888v6v16221kpozq56gml",
"url": "https://lists.apache.org/thread/292dlmx3fz1888v6v16221kpozq56gml"
}
],
"release_date": "2026-02-17T18:53:12.228000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-15T17:31:38+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
"product_ids": [
"Red Hat Hardened Images:tomcat10-main@noarch",
"Red Hat Hardened Images:tomcat10-main@src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:8334"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Hardened Images:tomcat10-main@noarch",
"Red Hat Hardened Images:tomcat10-main@src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "tomcat: Apache Tomcat: Certificate revocation bypass due to improper OCSP response validation"
}
]
}
WID-SEC-W-2025-1905
Vulnerability from csaf_certbund - Published: 2025-08-25 22:00 - Updated: 2025-08-27 22:00Summary
IBM QRadar SIEM Komponente: Mehrere Schwachstellen
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: IBM QRadar Security Information and Event Management (SIEM) bietet Unterstützung bei der Erkennung und Priorisierung von Sicherheitsbedrohungen im Unternehmen.
Angriff: Ein Angreifer kann mehrere Schwachstellen in IBM QRadar SIEM Komponenten ausnutzen, um Daten zu manipulieren, um einen Denial of Service Angriff durchzuführen, um beliebigen Programmcode auszuführen, um Sicherheitsvorkehrungen zu umgehen, und um Informationen offenzulegen.
Betroffene Betriebssysteme: - Linux
- UNIX
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 |
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 |
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 |
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 |
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 |
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 |
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 |
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 |
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 |
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 |
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 |
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 |
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 |
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 |
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 |
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 |
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 |
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 |
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 |
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 |
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 |
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 |
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 |
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 |
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 |
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 |
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 |
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 |
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 |
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 |
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 |
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 |
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 |
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 |
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 |
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 |
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 |
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 |
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 |
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 |
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 |
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 |
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 |
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 |
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 |
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 |
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 |
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 |
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 |
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 |
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 |
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 |
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 |
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 |
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 |
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 |
Affected products
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM <7.5.0 UP13 IF01
IBM / QRadar SIEM
|
<7.5.0 UP13 IF01 |
References
5 references
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "IBM QRadar Security Information and Event Management (SIEM) bietet Unterst\u00fctzung bei der Erkennung und Priorisierung von Sicherheitsbedrohungen im Unternehmen.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein Angreifer kann mehrere Schwachstellen in IBM QRadar SIEM Komponenten ausnutzen, um Daten zu manipulieren, um einen Denial of Service Angriff durchzuf\u00fchren, um beliebigen Programmcode auszuf\u00fchren, um Sicherheitsvorkehrungen zu umgehen, und um Informationen offenzulegen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- UNIX",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2025-1905 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-1905.json"
},
{
"category": "self",
"summary": "WID-SEC-2025-1905 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1905"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7243011 vom 2025-08-25",
"url": "https://www.ibm.com/support/pages/node/7243011"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:14746 vom 2025-08-27",
"url": "https://access.redhat.com/errata/RHSA-2025:14746"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:14748 vom 2025-08-27",
"url": "https://access.redhat.com/errata/RHSA-2025:14748"
}
],
"source_lang": "en-US",
"title": "IBM QRadar SIEM Komponente: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2025-08-27T22:00:00.000+00:00",
"generator": {
"date": "2025-08-28T05:52:03.530+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.4.0"
}
},
"id": "WID-SEC-W-2025-1905",
"initial_release_date": "2025-08-25T22:00:00.000+00:00",
"revision_history": [
{
"date": "2025-08-25T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2025-08-27T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von Red Hat aufgenommen"
}
],
"status": "final",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c7.5.0 UP13 IF01",
"product": {
"name": "IBM QRadar SIEM \u003c7.5.0 UP13 IF01",
"product_id": "T046492"
}
},
{
"category": "product_version",
"name": "7.5.0 UP13 IF01",
"product": {
"name": "IBM QRadar SIEM 7.5.0 UP13 IF01",
"product_id": "T046492-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:qradar_siem:7.5.0_up13_if01"
}
}
}
],
"category": "product_name",
"name": "QRadar SIEM"
}
],
"category": "vendor",
"name": "IBM"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-17543",
"product_status": {
"known_affected": [
"67646",
"T046492"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2019-17543"
},
{
"cve": "CVE-2019-5427",
"product_status": {
"known_affected": [
"67646",
"T046492"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2019-5427"
},
{
"cve": "CVE-2020-5260",
"product_status": {
"known_affected": [
"67646",
"T046492"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2020-5260"
},
{
"cve": "CVE-2022-49058",
"product_status": {
"known_affected": [
"67646",
"T046492"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2022-49058"
},
{
"cve": "CVE-2022-49111",
"product_status": {
"known_affected": [
"67646",
"T046492"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2022-49111"
},
{
"cve": "CVE-2022-49136",
"product_status": {
"known_affected": [
"67646",
"T046492"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2022-49136"
},
{
"cve": "CVE-2022-49788",
"product_status": {
"known_affected": [
"67646",
"T046492"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2022-49788"
},
{
"cve": "CVE-2022-49846",
"product_status": {
"known_affected": [
"67646",
"T046492"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2022-49846"
},
{
"cve": "CVE-2022-49977",
"product_status": {
"known_affected": [
"67646",
"T046492"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2022-49977"
},
{
"cve": "CVE-2022-50020",
"product_status": {
"known_affected": [
"67646",
"T046492"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2022-50020"
},
{
"cve": "CVE-2024-23337",
"product_status": {
"known_affected": [
"67646",
"T046492"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2024-23337"
},
{
"cve": "CVE-2024-28956",
"product_status": {
"known_affected": [
"67646",
"T046492"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2024-28956"
},
{
"cve": "CVE-2024-34397",
"product_status": {
"known_affected": [
"67646",
"T046492"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2024-34397"
},
{
"cve": "CVE-2024-43420",
"product_status": {
"known_affected": [
"67646",
"T046492"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2024-43420"
},
{
"cve": "CVE-2024-45332",
"product_status": {
"known_affected": [
"67646",
"T046492"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2024-45332"
},
{
"cve": "CVE-2024-50154",
"product_status": {
"known_affected": [
"67646",
"T046492"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2024-50154"
},
{
"cve": "CVE-2024-50349",
"product_status": {
"known_affected": [
"67646",
"T046492"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2024-50349"
},
{
"cve": "CVE-2024-52006",
"product_status": {
"known_affected": [
"67646",
"T046492"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2024-52006"
},
{
"cve": "CVE-2024-52533",
"product_status": {
"known_affected": [
"67646",
"T046492"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2024-52533"
},
{
"cve": "CVE-2024-53920",
"product_status": {
"known_affected": [
"67646",
"T046492"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2024-53920"
},
{
"cve": "CVE-2024-54661",
"product_status": {
"known_affected": [
"67646",
"T046492"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2024-54661"
},
{
"cve": "CVE-2024-57980",
"product_status": {
"known_affected": [
"67646",
"T046492"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2024-57980"
},
{
"cve": "CVE-2024-58002",
"product_status": {
"known_affected": [
"67646",
"T046492"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2024-58002"
},
{
"cve": "CVE-2024-6531",
"product_status": {
"known_affected": [
"67646",
"T046492"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2024-6531"
},
{
"cve": "CVE-2025-20012",
"product_status": {
"known_affected": [
"67646",
"T046492"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2025-20012"
},
{
"cve": "CVE-2025-20623",
"product_status": {
"known_affected": [
"67646",
"T046492"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2025-20623"
},
{
"cve": "CVE-2025-21905",
"product_status": {
"known_affected": [
"67646",
"T046492"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2025-21905"
},
{
"cve": "CVE-2025-21919",
"product_status": {
"known_affected": [
"67646",
"T046492"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2025-21919"
},
{
"cve": "CVE-2025-21928",
"product_status": {
"known_affected": [
"67646",
"T046492"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2025-21928"
},
{
"cve": "CVE-2025-21991",
"product_status": {
"known_affected": [
"67646",
"T046492"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2025-21991"
},
{
"cve": "CVE-2025-22004",
"product_status": {
"known_affected": [
"67646",
"T046492"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2025-22004"
},
{
"cve": "CVE-2025-22020",
"product_status": {
"known_affected": [
"67646",
"T046492"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2025-22020"
},
{
"cve": "CVE-2025-23150",
"product_status": {
"known_affected": [
"67646",
"T046492"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2025-23150"
},
{
"cve": "CVE-2025-24495",
"product_status": {
"known_affected": [
"67646",
"T046492"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2025-24495"
},
{
"cve": "CVE-2025-27613",
"product_status": {
"known_affected": [
"67646",
"T046492"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2025-27613"
},
{
"cve": "CVE-2025-27614",
"product_status": {
"known_affected": [
"67646",
"T046492"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2025-27614"
},
{
"cve": "CVE-2025-32415",
"product_status": {
"known_affected": [
"67646",
"T046492"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2025-32415"
},
{
"cve": "CVE-2025-37738",
"product_status": {
"known_affected": [
"67646",
"T046492"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2025-37738"
},
{
"cve": "CVE-2025-37890",
"product_status": {
"known_affected": [
"67646",
"T046492"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2025-37890"
},
{
"cve": "CVE-2025-38052",
"product_status": {
"known_affected": [
"67646",
"T046492"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2025-38052"
},
{
"cve": "CVE-2025-38079",
"product_status": {
"known_affected": [
"67646",
"T046492"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2025-38079"
},
{
"cve": "CVE-2025-38086",
"product_status": {
"known_affected": [
"67646",
"T046492"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2025-38086"
},
{
"cve": "CVE-2025-4373",
"product_status": {
"known_affected": [
"67646",
"T046492"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2025-4373"
},
{
"cve": "CVE-2025-46835",
"product_status": {
"known_affected": [
"67646",
"T046492"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2025-46835"
},
{
"cve": "CVE-2025-47273",
"product_status": {
"known_affected": [
"67646",
"T046492"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2025-47273"
},
{
"cve": "CVE-2025-48060",
"product_status": {
"known_affected": [
"67646",
"T046492"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2025-48060"
},
{
"cve": "CVE-2025-48384",
"product_status": {
"known_affected": [
"67646",
"T046492"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2025-48384"
},
{
"cve": "CVE-2025-48385",
"product_status": {
"known_affected": [
"67646",
"T046492"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2025-48385"
},
{
"cve": "CVE-2025-49794",
"product_status": {
"known_affected": [
"67646",
"T046492"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2025-49794"
},
{
"cve": "CVE-2025-49796",
"product_status": {
"known_affected": [
"67646",
"T046492"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2025-49796"
},
{
"cve": "CVE-2025-52434",
"product_status": {
"known_affected": [
"67646",
"T046492"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2025-52434"
},
{
"cve": "CVE-2025-52520",
"product_status": {
"known_affected": [
"67646",
"T046492"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2025-52520"
},
{
"cve": "CVE-2025-53506",
"product_status": {
"known_affected": [
"67646",
"T046492"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2025-53506"
},
{
"cve": "CVE-2025-55668",
"product_status": {
"known_affected": [
"67646",
"T046492"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2025-55668"
},
{
"cve": "CVE-2025-6021",
"product_status": {
"known_affected": [
"67646",
"T046492"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2025-6021"
},
{
"cve": "CVE-2025-6965",
"product_status": {
"known_affected": [
"67646",
"T046492"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2025-6965"
},
{
"cve": "CVE-2025-7425",
"product_status": {
"known_affected": [
"67646",
"T046492"
]
},
"release_date": "2025-08-25T22:00:00.000+00:00",
"title": "CVE-2025-7425"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…