CNNVD-202508-1369 Information
CNNVD ID
CNNVD-202508-1369
Related CVE
- CNNVD Published: 2025-08-13
Description (Chinese)
Apache Tomcat是美国阿帕奇(Apache)基金会的一款轻量级Web应用服务器。用于实现对Servlet和JavaServer Page(JSP)的支持。 Apache Tomcat 11.0.0-M1至11.0.9版本、10.1.0-M1至10.1.43版本和9.0.0.M1至9.0.107版本存在安全漏洞,该漏洞源于资源关闭不当,可能导致拒绝服务攻击。
Description (English)
Apache Tomcat is a lightweight Web application server for the Apache Foundation in the United States. Support for Servlet and JavaServer Page (JSP). 11.0.0-M1 to 11.0.9 versions, 10.1.0-M1 to 10.1.43 and 9.0.0.M1 to 9.0.107 have security gaps, which stem from inappropriate resource closure and may lead to denial of service attacks.
Hazard Level
Medium
Vulnerability Type
其他
Affected Vendor
阿帕奇
Published
2025-08-13
Last Modified
2026-02-24
References
https://lists.apache.org/thread/9ydfg0xr0tchmglcprhxgwhj0hfwxlyf https://www.oracle.com/security-alerts/cpuoct2025.html https://nvd.nist.gov/vuln/detail/CVE-2025-48989 https://www.oracle.com/security-alerts/cpujan2026.html
Patch
https://tomcat.apache.org/security-11.html
Share on: