CNNVD-202507-1398 Information

CNNVD ID

CNNVD-202507-1398

Related CVE

CVE-2025-52434

• CNNVD Published: 2025-07-10

Description (Chinese)

Apache Tomcat是美国阿帕奇（Apache）基金会的一款轻量级Web应用服务器。用于实现对Servlet和JavaServer Page（JSP）的支持。 Apache Tomcat 9.0.0.M1至9.0.106版本存在竞争条件问题漏洞，该漏洞源于竞争条件，可能导致HTTP/2连接问题。

Description (English)

Apache Tomcat is a lightweight Web application server for the Apache Foundation in the United States. Support for Servlet and JavaServer Page (JSP). Appache Tomcat 9.0.0.M1 to 9.0.106 contains a gap in competition conditions, which stems from competitive conditions and may lead to HTTP/2 connectivity problems.

Hazard Level

Medium

Vulnerability Type

竞争条件问题

Affected Vendor

阿帕奇

Published

2025-07-10

Last Modified

2026-02-24

References

https://lists.apache.org/thread/gxgh65004f25y8519coth6w7vchww030 https://access.redhat.com/security/cve/cve-2025-52434 https://nvd.nist.gov/vuln/detail/CVE-2025-52434

Patch

https://tomcat.apache.org/