| Bug | bookworm | trixie | sid | Description |
|---|
| CVE-2025-53506 | vulnerable | vulnerable | vulnerable | Uncontrolled Resource Consumption vulnerability in Apache Tomcat if an ... |
| CVE-2025-52520 | vulnerable | vulnerable | vulnerable | For some unlikely configurations of multipart upload, an Integer Overf ... |
| CVE-2025-49125 | vulnerable | vulnerable | vulnerable | Authentication Bypass Using an Alternate Path or Channel vulnerability ... |
| CVE-2025-48988 | vulnerable | vulnerable | vulnerable | Allocation of Resources Without Limits or Throttling vulnerability in ... |
| CVE-2025-48976 | vulnerable | vulnerable | vulnerable | Allocation of resources for multipart headers with insufficient limits ... |
| CVE-2025-46701 | vulnerable | vulnerable | vulnerable | Improper Handling of Case Sensitivity vulnerability in Apache Tomcat's ... |
| CVE-2025-31651 | vulnerable | fixed | fixed | Improper Neutralization of Escape, Meta, or Control Sequences vulnerab ... |
| CVE-2025-31650 | vulnerable | fixed | fixed | Improper Input Validation vulnerability in Apache Tomcat. Incorrect er ... |
| Bug | Description |
|---|
| CVE-2025-49124 | Untrusted Search Path vulnerability in Apache Tomcat installer for Win ... |
| CVE-2025-24813 | Path Equivalence: 'file.Name' (Internal Dot) leading toRemote Code Exe ... |
| CVE-2024-56337 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Apa ... |
| CVE-2024-54677 | Uncontrolled Resource Consumption vulnerability in the examples web ap ... |
| CVE-2024-52318 | Incorrect object recycling and reuse vulnerability in Apache Tomcat. ... |
| CVE-2024-52317 | Incorrect object re-cycling and re-use vulnerability in Apache Tomcat. ... |
| CVE-2024-52316 | Unchecked Error Condition vulnerability in Apache Tomcat. If Tomcat is ... |
| CVE-2024-50379 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability during ... |
| CVE-2024-38286 | Allocation of Resources Without Limits or Throttling vulnerability in ... |
| CVE-2024-34750 | Improper Handling of Exceptional Conditions, Uncontrolled Resource Con ... |
| CVE-2024-24549 | Denial of Service due to improper input validation vulnerability for H ... |
| CVE-2024-23672 | Denial of Service via incomplete cleanup vulnerability in Apache Tomca ... |
| CVE-2024-22029 | Insecure permissions in the packaging of tomcat allow local users that ... |
| CVE-2023-46589 | Improper Input Validation vulnerability in Apache Tomcat.Tomcat from 1 ... |
| CVE-2023-45648 | Improper Input Validation vulnerability in Apache Tomcat.Tomcatfrom 11 ... |
| CVE-2023-44487 | The HTTP/2 protocol allows a denial of service (server resource consum ... |
| CVE-2023-42795 | Incomplete Cleanup vulnerability in Apache Tomcat.When recycling vario ... |
| CVE-2023-42794 | Incomplete Cleanup vulnerability in Apache Tomcat. The internal fork ... |
| CVE-2023-41080 | URL Redirection to Untrusted Site ('Open Redirect') vulnerability in F ... |
| CVE-2023-34981 | A regression in the fix for bug 66512 in Apache Tomcat 11.0.0-M5, 10.1 ... |
| CVE-2023-28709 | The fix for CVE-2023-24998 was incomplete for Apache Tomcat 11.0.0-M2 ... |
| CVE-2023-28708 | When using the RemoteIpFilter with requests received from a reverse ... |
| CVE-2023-24998 | Apache Commons FileUpload before 1.5 does not limit the number of requ ... |