WID-SEC-W-2025-0895
Vulnerability from csaf_certbund - Published: 2025-04-28 22:00 - Updated: 2026-01-07 23:00Summary
Apache Tomcat: Mehrere Schwachstellen
Severity
Mittel
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Apache Tomcat ist ein Web-Applikationsserver für verschiedene Plattformen.
Angriff: Ein Angreifer kann mehrere Schwachstellen in Apache Tomcat ausnutzen, um einen Denial of Service Angriff durchzuführen, oder Sicherheitsvorkehrungen zu umgehen.
Betroffene Betriebssysteme: - Linux
- UNIX
- Windows
References
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Apache Tomcat ist ein Web-Applikationsserver f\u00fcr verschiedene Plattformen.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein Angreifer kann mehrere Schwachstellen in Apache Tomcat ausnutzen, um einen Denial of Service Angriff durchzuf\u00fchren, oder Sicherheitsvorkehrungen zu umgehen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2025-0895 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-0895.json"
},
{
"category": "self",
"summary": "WID-SEC-2025-0895 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0895"
},
{
"category": "external",
"summary": "Lists Apache.org vom 2025-04-28",
"url": "https://lists.apache.org/thread/j6zzk0y3yym9pzfzkq5vcyxzz0yzh826"
},
{
"category": "external",
"summary": "Lists Apache.org vom 2025-04-28",
"url": "https://lists.apache.org/thread/cpklvqwvdrp4k9hmd2l3q33j0gzy4fox"
},
{
"category": "external",
"summary": "OSS Security Mailing List vom 2025-04-28",
"url": "https://seclists.org/oss-sec/2025/q2/100"
},
{
"category": "external",
"summary": "OSS Security Mailing List vom 2025-04-28",
"url": "https://seclists.org/oss-sec/2025/q2/101"
},
{
"category": "external",
"summary": "GitHub Advisory Database vom 2025-04-28",
"url": "https://github.com/advisories/GHSA-3p2h-wqq4-wf4h"
},
{
"category": "external",
"summary": "GitHub Advisory Database vom 2025-04-28",
"url": "https://github.com/advisories/GHSA-ff77-26x5-69cr"
},
{
"category": "external",
"summary": "PoC CVE-2025-31650 vom 2025-04-29",
"url": "https://github.com/tunahantekeoglu/CVE-2025-31650"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:1521-1 vom 2025-05-09",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/RFTKW33WAI4B3WZ5ZCAZYPZAMSCNNSM4/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:1537-1 vom 2025-05-13",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/WLX5T7LK4QQHONBUWBDVFGFTQU32S6PX/"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALASTOMCAT9-2025-017 vom 2025-05-14",
"url": "https://alas.aws.amazon.com/AL2/ALASTOMCAT9-2025-017.html"
},
{
"category": "external",
"summary": "Atlassian Security Advisory",
"url": "https://jira.atlassian.com/browse/BAM-26105"
},
{
"category": "external",
"summary": "Atlassian Security Advisory",
"url": "https://jira.atlassian.com/browse/CONFSERVER-99686"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7234040 vom 2025-05-21",
"url": "https://www.ibm.com/support/pages/node/7234040"
},
{
"category": "external",
"summary": "Atlassian Security Advisory",
"url": "https://jira.atlassian.com/browse/CONFSERVER-99568"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALASTOMCAT9-2025-018 vom 2025-05-29",
"url": "https://alas.aws.amazon.com/AL2/ALASTOMCAT9-2025-018.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:01521-1 vom 2025-05-29",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-May/020943.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:01537-1 vom 2025-05-29",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-May/020935.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:01882-1 vom 2025-06-11",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021460.html"
},
{
"category": "external",
"summary": "Atlassian Security Advisory JSWSERVER-26411 vom 2025-06-17",
"url": "https://confluence.atlassian.com/security/security-bulletin-june-17-2025-1574012717.html"
},
{
"category": "external",
"summary": "Trellix 2025 Update 5 Release Notes vom 2025-06-25",
"url": "https://docs.trellix.com/bundle/epolicy-orchestrator-saas-release-notes/page/UUID-bdfa33f8-426e-ec2b-a46a-a50c7743b530.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2TOMCAT9-2025-018 vom 2025-06-30",
"url": "https://alas.aws.amazon.com/AL2/ALAS2TOMCAT9-2025-018.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2TOMCAT9-2025-017 vom 2025-06-30",
"url": "https://alas.aws.amazon.com/AL2/ALAS2TOMCAT9-2025-017.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-11335 vom 2025-07-17",
"url": "https://linux.oracle.com/errata/ELSA-2025-11335.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:11335 vom 2025-07-16",
"url": "https://access.redhat.com/errata/RHSA-2025:11335"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:11332 vom 2025-07-16",
"url": "https://access.redhat.com/errata/RHSA-2025:11332"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:11333 vom 2025-07-16",
"url": "https://access.redhat.com/errata/RHSA-2025:11333"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:11334 vom 2025-07-16",
"url": "https://access.redhat.com/errata/RHSA-2025:11334"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-11333 vom 2025-07-17",
"url": "https://linux.oracle.com/errata/ELSA-2025-11333.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:11381 vom 2025-07-17",
"url": "https://access.redhat.com/errata/RHSA-2025:11381"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:11382 vom 2025-07-17",
"url": "https://access.redhat.com/errata/RHSA-2025:11382"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-11332 vom 2025-07-17",
"url": "https://linux.oracle.com/errata/ELSA-2025-11332.html"
},
{
"category": "external",
"summary": "Debian Security Advisory DLA-4244 vom 2025-07-22",
"url": "https://lists.debian.org/debian-lts-announce/2025/07/msg00009.html"
},
{
"category": "external",
"summary": "HCL Security Bulletin vom 2025-08-05",
"url": "https://support.hcl-software.com/community?id=community_blog\u0026sys_id=4cd4383f3bcb26d828f8f547f4e45af6"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7241547 vom 2025-08-06",
"url": "https://www.ibm.com/support/pages/node/7241547"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7705-1 vom 2025-08-20",
"url": "https://ubuntu.com/security/notices/USN-7705-1"
},
{
"category": "external",
"summary": "Dell Security Advisory DSA-2025-309 vom 2025-09-08",
"url": "https://www.dell.com/support/kbdoc/de-de/000362754/dsa-2025-309-security-update-for-dell-networker-apache-tomcat-vulnerabilities"
},
{
"category": "external",
"summary": "SAS Security Update vom 2025-10-02",
"url": "https://support.sas.com/en/security-bulletins/sas-security-update-for-sas-94m9-ts1m9.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:19810 vom 2025-11-06",
"url": "https://access.redhat.com/errata/RHSA-2025:19810"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:19809 vom 2025-11-06",
"url": "https://access.redhat.com/errata/RHSA-2025:19809"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7252039 vom 2025-11-20",
"url": "https://www.ibm.com/support/pages/node/7252039"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:22924 vom 2025-12-09",
"url": "https://access.redhat.com/errata/RHSA-2025:22924"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:22925 vom 2025-12-09",
"url": "https://access.redhat.com/errata/RHSA-2025:22925"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-23049 vom 2025-12-11",
"url": "http://linux.oracle.com/errata/ELSA-2025-23049.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-23050 vom 2025-12-11",
"url": "https://linux.oracle.com/errata/ELSA-2025-23050.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-23052 vom 2025-12-11",
"url": "http://linux.oracle.com/errata/ELSA-2025-23052.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:23053 vom 2025-12-10",
"url": "https://access.redhat.com/errata/RHSA-2025:23053"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:23051 vom 2025-12-10",
"url": "https://access.redhat.com/errata/RHSA-2025:23051"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:23050 vom 2025-12-10",
"url": "https://access.redhat.com/errata/RHSA-2025:23050"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:23052 vom 2025-12-10",
"url": "https://access.redhat.com/errata/RHSA-2025:23052"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:23049 vom 2025-12-10",
"url": "https://access.redhat.com/errata/RHSA-2025:23049"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:23048 vom 2025-12-10",
"url": "https://access.redhat.com/errata/RHSA-2025:23048"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:23047 vom 2025-12-10",
"url": "https://access.redhat.com/errata/RHSA-2025:23047"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:23046 vom 2025-12-10",
"url": "https://access.redhat.com/errata/RHSA-2025:23046"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:23045 vom 2025-12-10",
"url": "https://access.redhat.com/errata/RHSA-2025:23045"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:23044 vom 2025-12-10",
"url": "https://access.redhat.com/errata/RHSA-2025:23044"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2025:23049 vom 2025-12-11",
"url": "https://errata.build.resf.org/RLSA-2025:23049"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-23048 vom 2025-12-11",
"url": "http://linux.oracle.com/errata/ELSA-2025-23048.html"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2025:23050 vom 2025-12-12",
"url": "https://errata.build.resf.org/RLSA-2025:23050"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2025:23052 vom 2025-12-12",
"url": "https://errata.build.resf.org/RLSA-2025:23052"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2025:23048 vom 2025-12-13",
"url": "https://errata.build.resf.org/RLSA-2025:23048"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:0292 vom 2026-01-08",
"url": "https://access.redhat.com/errata/RHSA-2026:0292"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:0293 vom 2026-01-08",
"url": "https://access.redhat.com/errata/RHSA-2026:0293"
}
],
"source_lang": "en-US",
"title": "Apache Tomcat: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2026-01-07T23:00:00.000+00:00",
"generator": {
"date": "2026-01-08T08:11:50.522+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.5.0"
}
},
"id": "WID-SEC-W-2025-0895",
"initial_release_date": "2025-04-28T22:00:00.000+00:00",
"revision_history": [
{
"date": "2025-04-28T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2025-04-29T22:00:00.000+00:00",
"number": "2",
"summary": "PoC f\u00fcr CVE-2025-31650 aufgenommen"
},
{
"date": "2025-05-08T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-05-12T22:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-05-13T22:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2025-05-20T22:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von Atlassian und IBM aufgenommen"
},
{
"date": "2025-05-29T22:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von Amazon und SUSE aufgenommen"
},
{
"date": "2025-06-10T22:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-06-17T22:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von Atlassian aufgenommen"
},
{
"date": "2025-06-24T22:00:00.000+00:00",
"number": "10",
"summary": "Neue Updates aufgenommen"
},
{
"date": "2025-06-30T22:00:00.000+00:00",
"number": "11",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2025-07-16T22:00:00.000+00:00",
"number": "12",
"summary": "Neue Updates von Oracle Linux und Red Hat aufgenommen"
},
{
"date": "2025-07-17T22:00:00.000+00:00",
"number": "13",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2025-07-21T22:00:00.000+00:00",
"number": "14",
"summary": "Neue Updates von Debian aufgenommen"
},
{
"date": "2025-08-05T22:00:00.000+00:00",
"number": "15",
"summary": "Neue Updates von HCL aufgenommen"
},
{
"date": "2025-08-06T22:00:00.000+00:00",
"number": "16",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2025-08-19T22:00:00.000+00:00",
"number": "17",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-09-07T22:00:00.000+00:00",
"number": "18",
"summary": "Neue Updates von Dell aufgenommen"
},
{
"date": "2025-10-05T22:00:00.000+00:00",
"number": "19",
"summary": "Neue Updates aufgenommen"
},
{
"date": "2025-11-06T23:00:00.000+00:00",
"number": "20",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-11-19T23:00:00.000+00:00",
"number": "21",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2025-12-09T23:00:00.000+00:00",
"number": "22",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-12-10T23:00:00.000+00:00",
"number": "23",
"summary": "Neue Updates von Oracle Linux, Red Hat und Rocky Enterprise Software Foundation aufgenommen"
},
{
"date": "2025-12-11T23:00:00.000+00:00",
"number": "24",
"summary": "Neue Updates von Rocky Enterprise Software Foundation aufgenommen"
},
{
"date": "2025-12-14T23:00:00.000+00:00",
"number": "25",
"summary": "Neue Updates von Rocky Enterprise Software Foundation aufgenommen"
},
{
"date": "2026-01-07T23:00:00.000+00:00",
"number": "26",
"summary": "Neue Updates von Red Hat aufgenommen"
}
],
"status": "final",
"version": "26"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Amazon Linux 2",
"product": {
"name": "Amazon Linux 2",
"product_id": "398363",
"product_identification_helper": {
"cpe": "cpe:/o:amazon:linux_2:-"
}
}
}
],
"category": "vendor",
"name": "Amazon"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c11.0.6",
"product": {
"name": "Apache Tomcat \u003c11.0.6",
"product_id": "T043183"
}
},
{
"category": "product_version",
"name": "11.0.6",
"product": {
"name": "Apache Tomcat 11.0.6",
"product_id": "T043183-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:apache:tomcat:11.0.6"
}
}
},
{
"category": "product_version_range",
"name": "\u003c10.1.40",
"product": {
"name": "Apache Tomcat \u003c10.1.40",
"product_id": "T043184"
}
},
{
"category": "product_version",
"name": "10.1.40",
"product": {
"name": "Apache Tomcat 10.1.40",
"product_id": "T043184-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:apache:tomcat:10.1.40"
}
}
},
{
"category": "product_version_range",
"name": "\u003c9.0.104",
"product": {
"name": "Apache Tomcat \u003c9.0.104",
"product_id": "T043185"
}
},
{
"category": "product_version",
"name": "9.0.104",
"product": {
"name": "Apache Tomcat 9.0.104",
"product_id": "T043185-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:apache:tomcat:9.0.104"
}
}
}
],
"category": "product_name",
"name": "Tomcat"
}
],
"category": "vendor",
"name": "Apache"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.2.4",
"product": {
"name": "Atlassian Bamboo \u003c10.2.4",
"product_id": "T044013"
}
},
{
"category": "product_version",
"name": "10.2.4",
"product": {
"name": "Atlassian Bamboo 10.2.4",
"product_id": "T044013-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:bamboo:10.2.4"
}
}
},
{
"category": "product_version_range",
"name": "\u003c9.6.13",
"product": {
"name": "Atlassian Bamboo \u003c9.6.13",
"product_id": "T044014"
}
},
{
"category": "product_version",
"name": "9.6.13",
"product": {
"name": "Atlassian Bamboo 9.6.13",
"product_id": "T044014-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:bamboo:9.6.13"
}
}
},
{
"category": "product_version_range",
"name": "\u003c11.0.1",
"product": {
"name": "Atlassian Bamboo \u003c11.0.1",
"product_id": "T044015"
}
},
{
"category": "product_version",
"name": "11.0.1",
"product": {
"name": "Atlassian Bamboo 11.0.1",
"product_id": "T044015-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:bamboo:11.0.1"
}
}
}
],
"category": "product_name",
"name": "Bamboo"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c9.2.2",
"product": {
"name": "Atlassian Confluence \u003c9.2.2",
"product_id": "T042904"
}
},
{
"category": "product_version",
"name": "9.2.2",
"product": {
"name": "Atlassian Confluence 9.2.2",
"product_id": "T042904-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:confluence:data_center_and_server__9.2.2"
}
}
},
{
"category": "product_version_range",
"name": "\u003c9.3.2",
"product": {
"name": "Atlassian Confluence \u003c9.3.2",
"product_id": "T042906"
}
},
{
"category": "product_version",
"name": "9.3.2",
"product": {
"name": "Atlassian Confluence 9.3.2",
"product_id": "T042906-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:confluence:data_center_and_server__9.3.2"
}
}
},
{
"category": "product_version_range",
"name": "\u003c8.5.21",
"product": {
"name": "Atlassian Confluence \u003c8.5.21",
"product_id": "T042909"
}
},
{
"category": "product_version",
"name": "8.5.21",
"product": {
"name": "Atlassian Confluence 8.5.21",
"product_id": "T042909-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:confluence:data_center_and_server__8.5.21"
}
}
},
{
"category": "product_version_range",
"name": "\u003c9.4.1",
"product": {
"name": "Atlassian Confluence \u003c9.4.1",
"product_id": "T044016"
}
},
{
"category": "product_version",
"name": "9.4.1",
"product": {
"name": "Atlassian Confluence 9.4.1",
"product_id": "T044016-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:confluence:9.4.1"
}
}
},
{
"category": "product_version_range",
"name": "\u003c9.2.4",
"product": {
"name": "Atlassian Confluence \u003c9.2.4",
"product_id": "T044017"
}
},
{
"category": "product_version",
"name": "9.2.4",
"product": {
"name": "Atlassian Confluence 9.2.4",
"product_id": "T044017-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:confluence:9.2.4"
}
}
},
{
"category": "product_version_range",
"name": "\u003c8.5.22",
"product": {
"name": "Atlassian Confluence \u003c8.5.22",
"product_id": "T044018"
}
},
{
"category": "product_version",
"name": "8.5.22",
"product": {
"name": "Atlassian Confluence 8.5.22",
"product_id": "T044018-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:confluence:8.5.22"
}
}
}
],
"category": "product_name",
"name": "Confluence"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.6.1",
"product": {
"name": "Atlassian Jira \u003c10.6.1",
"product_id": "T044689"
}
},
{
"category": "product_version",
"name": "10.6.1",
"product": {
"name": "Atlassian Jira 10.6.1",
"product_id": "T044689-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:jira:10.6.1"
}
}
},
{
"category": "product_version_range",
"name": "\u003c10.3.6 (LTS)",
"product": {
"name": "Atlassian Jira \u003c10.3.6 (LTS)",
"product_id": "T044691"
}
},
{
"category": "product_version",
"name": "10.3.6 (LTS)",
"product": {
"name": "Atlassian Jira 10.3.6 (LTS)",
"product_id": "T044691-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:jira:10.3.6::lts"
}
}
}
],
"category": "product_name",
"name": "Jira"
}
],
"category": "vendor",
"name": "Atlassian"
},
{
"branches": [
{
"category": "product_name",
"name": "Debian Linux",
"product": {
"name": "Debian Linux",
"product_id": "2951",
"product_identification_helper": {
"cpe": "cpe:/o:debian:debian_linux:-"
}
}
}
],
"category": "vendor",
"name": "Debian"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c19.13.0.1",
"product": {
"name": "Dell NetWorker \u003c19.13.0.1",
"product_id": "T046768"
}
},
{
"category": "product_version",
"name": "19.13.0.1",
"product": {
"name": "Dell NetWorker 19.13.0.1",
"product_id": "T046768-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:dell:networker:19.13.0.1"
}
}
}
],
"category": "product_name",
"name": "NetWorker"
}
],
"category": "vendor",
"name": "Dell"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c9.1.18.2",
"product": {
"name": "HCL Commerce \u003c9.1.18.2",
"product_id": "T045896"
}
},
{
"category": "product_version",
"name": "9.1.18.2",
"product": {
"name": "HCL Commerce 9.1.18.2",
"product_id": "T045896-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:hcltechsw:commerce:9.1.18.2"
}
}
}
],
"category": "product_name",
"name": "Commerce"
}
],
"category": "vendor",
"name": "HCL"
},
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "10.1.0.0-10.1.0.5",
"product": {
"name": "IBM Integration Bus 10.1.0.0-10.1.0.5",
"product_id": "T044022",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:integration_bus:10.1.0.0_-_10.1.0.5"
}
}
}
],
"category": "product_name",
"name": "Integration Bus"
},
{
"category": "product_name",
"name": "IBM Power Hardware Management Console",
"product": {
"name": "IBM Power Hardware Management Console",
"product_id": "5114",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:hardware_management_console:-"
}
}
},
{
"branches": [
{
"category": "product_version",
"name": "11.5",
"product": {
"name": "IBM Security Guardium 11.5",
"product_id": "1411051",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:security_guardium:11.5"
}
}
}
],
"category": "product_name",
"name": "Security Guardium"
}
],
"category": "vendor",
"name": "IBM"
},
{
"branches": [
{
"category": "product_name",
"name": "Oracle Linux",
"product": {
"name": "Oracle Linux",
"product_id": "T004914",
"product_identification_helper": {
"cpe": "cpe:/o:oracle:linux:-"
}
}
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"category": "product_name",
"name": "RESF Rocky Linux",
"product": {
"name": "RESF Rocky Linux",
"product_id": "T032255",
"product_identification_helper": {
"cpe": "cpe:/o:resf:rocky_linux:-"
}
}
}
],
"category": "vendor",
"name": "RESF"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss Web Server",
"product": {
"name": "Red Hat JBoss Web Server",
"product_id": "T003426",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_web_server:-"
}
}
},
{
"category": "product_version_range",
"name": "\u003c5.8.6",
"product": {
"name": "Red Hat JBoss Web Server \u003c5.8.6",
"product_id": "T049206"
}
},
{
"category": "product_version",
"name": "5.8.6",
"product": {
"name": "Red Hat JBoss Web Server 5.8.6",
"product_id": "T049206-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_web_server:5.8.6"
}
}
}
],
"category": "product_name",
"name": "JBoss Web Server"
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c9.4M9 (TS1M9)",
"product": {
"name": "SAS Institute Base SAS \u003c9.4M9 (TS1M9)",
"product_id": "T047382"
}
},
{
"category": "product_version",
"name": "9.4M9 (TS1M9)",
"product": {
"name": "SAS Institute Base SAS 9.4M9 (TS1M9)",
"product_id": "T047382-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:sas:base_sas:9.4m9_%28ts1m9%29"
}
}
}
],
"category": "product_name",
"name": "Base SAS"
}
],
"category": "vendor",
"name": "SAS Institute"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c2025 Update 5",
"product": {
"name": "Trellix ePolicy Orchestrator \u003c2025 Update 5",
"product_id": "T044835"
}
},
{
"category": "product_version",
"name": "2025 Update 5",
"product": {
"name": "Trellix ePolicy Orchestrator 2025 Update 5",
"product_id": "T044835-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:trellix:epolicy_orchestrator:2025_update_5"
}
}
}
],
"category": "product_name",
"name": "ePolicy Orchestrator"
}
],
"category": "vendor",
"name": "Trellix"
},
{
"branches": [
{
"category": "product_name",
"name": "Ubuntu Linux",
"product": {
"name": "Ubuntu Linux",
"product_id": "T000126",
"product_identification_helper": {
"cpe": "cpe:/o:canonical:ubuntu_linux:-"
}
}
}
],
"category": "vendor",
"name": "Ubuntu"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-31650",
"product_status": {
"known_affected": [
"T042909",
"T047382",
"67646",
"T003426",
"T042904",
"T004914",
"T042906",
"T044016",
"T044015",
"T044018",
"T044017",
"T044835",
"T043183",
"398363",
"T043184",
"T043185",
"T044691",
"T049206",
"T044014",
"T044013",
"5114",
"T032255",
"T045896",
"T046768",
"T044689",
"2951",
"T002207",
"T000126",
"T044022",
"1411051"
]
},
"release_date": "2025-04-28T22:00:00.000+00:00",
"title": "CVE-2025-31650"
},
{
"cve": "CVE-2025-31651",
"product_status": {
"known_affected": [
"T042909",
"T047382",
"67646",
"T003426",
"T042904",
"T004914",
"T042906",
"T044016",
"T044015",
"T044018",
"T044017",
"T044835",
"T043183",
"398363",
"T043184",
"T043185",
"T044691",
"T049206",
"T044014",
"T044013",
"5114",
"T032255",
"T045896",
"T046768",
"T044689",
"2951",
"T002207",
"T000126",
"T044022",
"1411051"
]
},
"release_date": "2025-04-28T22:00:00.000+00:00",
"title": "CVE-2025-31651"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…