CVE-2025-24813 vulnerabilities and exploits

(subscribe to this query)

Path Equivalence: 'file.Name' (Internal Dot) leading to Remote Code Execution and/or Information disclosure and/or malicious content added to uploaded files via write enabled Default Servlet in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 up to and in...

20 Github repositories2 Articles

When serving resources from a network location using the NTFS file system, Apache Tomcat versions 10.0.0-M1 to 10.0.0-M9, 9.0.0.M1 to 9.0.39, 8.5.0 to 8.5.59 and 7.0.0 to 7.0.106 were susceptible to JSP source code disclosure in some configurations. The root cause was the unexpec...

Apache Tomcat Apache Tomcat 9.0.0 Apache Tomcat 10.0.0 Debian Debian Linux 9.0 Oracle Agile Plm 9.3.3 Oracle Agile Plm 9.3.6

Incomplete Cleanup vulnerability in Apache Tomcat.When recycling various internal objects in Apache Tomcat from 11.0.0-M1 up to and including 11.0.0-M11, from 10.1.0-M1 up to and including 10.1.13, from 9.0.0-M1 up to and including 9.0.80 and from 8.5.0 up to and including 8.5.93...

Apache Tomcat Apache Tomcat 9.0.0 Apache Tomcat 10.1.0 Apache Tomcat 11.0.0 Debian Debian Linux 10.0 Debian Debian Linux 11.0 Debian Debian Linux 12.0

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook