sz-lk-docflow-management-app.tar (alt cpe:/o:alt:spcontainer:10.2.2) - Trivy Report - 2026-06-04 10:11:10.359465354 +0000 UTC m=+5.443104606

alt
No Vulnerabilities found
No Misconfigurations found
jar
Package	Vulnerability ID	Severity	Installed Version	Fixed Version	Links
ch.qos.logback:logback-core	CVE-2025-11226	MEDIUM	1.5.18	1.5.19, 1.3.16	https://access.redhat.com/security/cve/CVE-2025-11226 https://github.com/qos-ch/logback https://github.com/qos-ch/logback/commit/61f6a2544f36b3016e0efd434ee21f19269f1df7 https://github.com/qos-ch/logback/issues/974 https://github.com/qos-ch/logback/releases/tag/v_1.5.19 https://logback.qos.ch/news.html#1.3.16 https://logback.qos.ch/news.html#1.5.19 https://nvd.nist.gov/vuln/detail/CVE-2025-11226 https://www.cve.org/CVERecord?id=CVE-2025-11226
ch.qos.logback:logback-core	CVE-2026-1225	LOW	1.5.18	1.5.25	https://access.redhat.com/security/cve/CVE-2026-1225 https://github.com/qos-ch/logback https://github.com/qos-ch/logback/commit/1f97ae1844b1be8486e4e9cade98d7123d3eded5 https://github.com/qos-ch/logback/issues/997 https://logback.qos.ch/news.html#1.5.25 https://nvd.nist.gov/vuln/detail/CVE-2026-1225 https://www.cve.org/CVERecord?id=CVE-2026-1225
com.fasterxml.jackson.core:jackson-core	GHSA-72hv-8253-57qq	MEDIUM	2.18.4.1	2.21.1, 2.18.6	https://github.com/FasterXML/jackson-core https://github.com/FasterXML/jackson-core/commit/b0c428e6f993e1b5ece5c1c3cb2523e887cd52cf https://github.com/FasterXML/jackson-core/pull/1555 https://github.com/FasterXML/jackson-core/security/advisories/GHSA-72hv-8253-57qq
commons-fileupload:commons-fileupload	CVE-2025-48976	HIGH	1.5	1.6.0	http://www.openwall.com/lists/oss-security/2025/06/16/4 https://access.redhat.com/errata/RHSA-2025:14181 https://access.redhat.com/security/cve/CVE-2025-48976 https://bugzilla.redhat.com/2373015 https://bugzilla.redhat.com/2373018 https://bugzilla.redhat.com/2373020 https://bugzilla.redhat.com/2373309 https://bugzilla.redhat.com/2379374 https://bugzilla.redhat.com/2379382 https://bugzilla.redhat.com/2379386 https://bugzilla.redhat.com/show_bug.cgi?id=2373015 https://bugzilla.redhat.com/show_bug.cgi?id=2373018 https://bugzilla.redhat.com/show_bug.cgi?id=2373020 https://bugzilla.redhat.com/show_bug.cgi?id=2373309 https://bugzilla.redhat.com/show_bug.cgi?id=2379374 https://bugzilla.redhat.com/show_bug.cgi?id=2379386 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48976 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48988 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48989 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-49125 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-52520 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-53506 https://errata.almalinux.org/9/ALSA-2025-14181.html https://errata.rockylinux.org/RLSA-2025:14179 https://github.com/apache/commons-fileupload https://github.com/apache/commons-fileupload/commit/2108495a4775910b8559f18ed5a779d60542ee96 (commons-fileupload-1.6.0-RC1) https://github.com/apache/commons-fileupload/commit/b247774a72a044f5d5380ae947140ee80af4e78b https://github.com/apache/commons-fileupload/commit/bf68f63cfb312ef4710fb3dfb4d8e4e1665f4497 https://github.com/apache/tomcat/commit/667ddd76e2a0e762f3a784d86f0d25e7fd7cdb86 (10.1.42) https://github.com/apache/tomcat/commit/74f69ffaf61e54c727603e7e831fe20f0ac5d2a7 (11.0.8) https://github.com/apache/tomcat/commit/97790a35a27d236fa053e660676c3f8196284d93 https://github.com/apache/tomcat/commit/97790a35a27d236fa053e660676c3f8196284d93 (9.0.106) https://linux.oracle.com/cve/CVE-2025-48976.html https://linux.oracle.com/errata/ELSA-2025-14181.html https://lists.apache.org/thread/fbs3wrr3p67vkjcxogqqqqz45pqtso12 https://lists.apache.org/thread/w7dbnfyqn1yc05kbqqbbyct7wbomv7lf https://lists.debian.org/debian-lts-announce/2025/07/msg00008.html https://lists.debian.org/debian-lts-announce/2025/07/msg00009.html https://nvd.nist.gov/vuln/detail/CVE-2025-48976 https://www.cve.org/CVERecord?id=CVE-2025-48976
io.netty:netty-codec	CVE-2026-42583	HIGH	4.1.128.Final	4.1.133.Final	https://github.com/netty/netty https://github.com/netty/netty/security/advisories/GHSA-mj4r-2hfc-f8p6 https://nvd.nist.gov/vuln/detail/CVE-2026-42583 https://www.cve.org/CVERecord?id=CVE-2026-42583
io.netty:netty-codec-dns	CVE-2026-42579	HIGH	4.1.128.Final	4.2.13.Final, 4.1.133.Final	https://access.redhat.com/security/cve/CVE-2026-42579 https://github.com/netty/netty https://github.com/netty/netty/security/advisories/GHSA-cm33-6792-r9fm https://nvd.nist.gov/vuln/detail/CVE-2026-42579 https://tools.ietf.org/html/rfc1035#section-2.3.4 https://tools.ietf.org/html/rfc1035#section-4.1.4 https://www.cve.org/CVERecord?id=CVE-2026-42579
io.netty:netty-codec-http	CVE-2026-33870	HIGH	4.1.128.Final	4.1.132.Final, 4.2.10.Final	https://access.redhat.com/security/cve/CVE-2026-33870 https://github.com/netty/netty https://github.com/netty/netty/security/advisories/GHSA-pwqr-wmgm-9rr8 https://nvd.nist.gov/vuln/detail/CVE-2026-33870 https://w4ke.info/2025/06/18/funky-chunks.html https://w4ke.info/2025/10/29/funky-chunks-2.html https://www.cve.org/CVERecord?id=CVE-2026-33870 https://www.rfc-editor.org/rfc/rfc9110
io.netty:netty-codec-http	CVE-2026-42584	HIGH	4.1.128.Final	4.2.13.Final, 4.1.133.Final	https://access.redhat.com/security/cve/CVE-2026-42584 https://github.com/netty/netty https://github.com/netty/netty/security/advisories/GHSA-57rv-r2g8-2cj3 https://nvd.nist.gov/vuln/detail/CVE-2026-42584 https://www.cve.org/CVERecord?id=CVE-2026-42584
io.netty:netty-codec-http	CVE-2026-42587	HIGH	4.1.128.Final	4.2.13.Final, 4.1.133.Final	https://access.redhat.com/security/cve/CVE-2026-42587 https://github.com/netty/netty https://github.com/netty/netty/security/advisories/GHSA-f6hv-jmp6-3vwv https://nvd.nist.gov/vuln/detail/CVE-2026-42587 https://www.cve.org/CVERecord?id=CVE-2026-42587
io.netty:netty-codec-http	CVE-2025-67735	MEDIUM	4.1.128.Final	4.2.8.Final, 4.1.129.Final	https://access.redhat.com/security/cve/CVE-2025-67735 https://github.com/netty/netty https://github.com/netty/netty/commit/77e81f1e5944d98b3acf887d3aa443b252752e94 https://github.com/netty/netty/security/advisories/GHSA-84h7-rjj3-6jx4 https://nvd.nist.gov/vuln/detail/CVE-2025-67735 https://www.cve.org/CVERecord?id=CVE-2025-67735
io.netty:netty-codec-http	CVE-2026-41417	MEDIUM	4.1.128.Final	4.1.133.Final, 4.2.13.Final	https://access.redhat.com/security/cve/CVE-2026-41417 https://github.com/netty/netty https://github.com/netty/netty/security/advisories/GHSA-v8h7-rr48-vmmv https://nvd.nist.gov/vuln/detail/CVE-2026-41417 https://www.cve.org/CVERecord?id=CVE-2026-41417
io.netty:netty-codec-http	CVE-2026-42580	MEDIUM	4.1.128.Final	4.2.13.Final, 4.1.133.Final	https://access.redhat.com/security/cve/CVE-2026-42580 https://github.com/netty/netty https://github.com/netty/netty/security/advisories/GHSA-m4cv-j2px-7723 https://nvd.nist.gov/vuln/detail/CVE-2026-42580 https://www.cve.org/CVERecord?id=CVE-2026-42580
io.netty:netty-codec-http	CVE-2026-42581	MEDIUM	4.1.128.Final	4.2.13.Final, 4.1.133.Final	https://access.redhat.com/security/cve/CVE-2026-42581 https://github.com/netty/netty https://github.com/netty/netty/security/advisories/GHSA-xxqh-mfjm-7mv9 https://nvd.nist.gov/vuln/detail/CVE-2026-42581 https://www.cve.org/CVERecord?id=CVE-2026-42581
io.netty:netty-codec-http	CVE-2026-42585	MEDIUM	4.1.128.Final	4.2.13.Final, 4.1.133.Final	https://access.redhat.com/security/cve/CVE-2026-42585 https://datatracker.ietf.org/doc/html/rfc9112#name-message-body-length https://github.com/netty/netty https://github.com/netty/netty/security/advisories/GHSA-38f8-5428-x5cv https://nvd.nist.gov/vuln/detail/CVE-2026-42585 https://www.cve.org/CVERecord?id=CVE-2026-42585
io.netty:netty-codec-http2	CVE-2026-33871	HIGH	4.1.128.Final	4.1.132.Final, 4.2.11.Final	https://access.redhat.com/security/cve/CVE-2026-33871 https://github.com/netty/netty https://github.com/netty/netty/security/advisories/GHSA-w9fj-cfpg-grvv https://nvd.nist.gov/vuln/detail/CVE-2026-33871 https://www.cve.org/CVERecord?id=CVE-2026-33871
io.netty:netty-codec-http2	CVE-2026-42587	HIGH	4.1.128.Final	4.2.13.Final, 4.1.133.Final	https://access.redhat.com/security/cve/CVE-2026-42587 https://github.com/netty/netty https://github.com/netty/netty/security/advisories/GHSA-f6hv-jmp6-3vwv https://nvd.nist.gov/vuln/detail/CVE-2026-42587 https://www.cve.org/CVERecord?id=CVE-2026-42587
io.netty:netty-handler-proxy	CVE-2026-42578	LOW	4.1.128.Final	4.1.133.Final, 4.2.13.Final	https://access.redhat.com/security/cve/CVE-2026-42578 https://github.com/advisories/GHSA-84h7-rjj3-6jx4 https://github.com/netty/netty https://github.com/netty/netty/security/advisories/GHSA-45q3-82m4-75jr https://nvd.nist.gov/vuln/detail/CVE-2026-42578 https://www.cve.org/CVERecord?id=CVE-2026-42578
org.apache.commons:commons-lang3	CVE-2025-48924	MEDIUM	3.17.0	3.18.0	http://www.openwall.com/lists/oss-security/2025/07/11/1 https://access.redhat.com/security/cve/CVE-2025-48924 https://github.com/apache/commons-lang https://github.com/apache/commons-lang/commit/b424803abdb2bec818e4fbcb251ce031c22aca53 https://lists.apache.org/thread/bgv0lpswokgol11tloxnjfzdl7yrc1g1 https://lists.debian.org/debian-lts-announce/2025/08/msg00000.html https://lists.debian.org/debian-lts-announce/2025/08/msg00026.html https://lists.debian.org/debian-lts-announce/2025/09/msg00032.html https://lists.debian.org/debian-lts-announce/2025/09/msg00036.html https://nvd.nist.gov/vuln/detail/CVE-2025-48924 https://ubuntu.com/security/notices/USN-8364-1 https://www.cve.org/CVERecord?id=CVE-2025-48924 https://www.openwall.com/lists/oss-security/2025/07/11/1
org.apache.httpcomponents:httpclient	CVE-2020-13956	MEDIUM	4.5.10	4.5.13, 5.0.3	https://access.redhat.com/security/cve/CVE-2020-13956 https://bugzilla.redhat.com/show_bug.cgi?id=1886587 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13956 https://errata.almalinux.org/8/ALSA-2022-1861.html https://errata.rockylinux.org/RLSA-2022:1861 https://github.com/apache/httpcomponents-client https://linux.oracle.com/cve/CVE-2020-13956.html https://linux.oracle.com/errata/ELSA-2022-1861.html https://lists.apache.org/thread.html/r03bbc318c81be21f5c8a9b85e34f2ecc741aa804a8e43b0ef2c37749%40%3Cissues.maven.apache.org%3E https://lists.apache.org/thread.html/r03bbc318c81be21f5c8a9b85e34f2ecc741aa804a8e43b0ef2c37749@%3Cissues.maven.apache.org%3E https://lists.apache.org/thread.html/r043a75acdeb52b15dd5e9524cdadef4202e6a5228644206acf9363f9%40%3Cdev.hive.apache.org%3E https://lists.apache.org/thread.html/r043a75acdeb52b15dd5e9524cdadef4202e6a5228644206acf9363f9@%3Cdev.hive.apache.org%3E https://lists.apache.org/thread.html/r06cf3ca5c8ceb94b39cd24a73d4e96153b485a7dac88444dd876accb%40%3Cissues.drill.apache.org%3E https://lists.apache.org/thread.html/r06cf3ca5c8ceb94b39cd24a73d4e96153b485a7dac88444dd876accb@%3Cissues.drill.apache.org%3E https://lists.apache.org/thread.html/r0a75b8f0f72f3e18442dc56d33f3827b905f2fe5b7ba48997436f5d1%40%3Cissues.solr.apache.org%3E https://lists.apache.org/thread.html/r0a75b8f0f72f3e18442dc56d33f3827b905f2fe5b7ba48997436f5d1@%3Cissues.solr.apache.org%3E https://lists.apache.org/thread.html/r0bebe6f9808ac7bdf572873b4fa96a29c6398c90dab29f131f3ebffe%40%3Cissues.solr.apache.org%3E https://lists.apache.org/thread.html/r0bebe6f9808ac7bdf572873b4fa96a29c6398c90dab29f131f3ebffe@%3Cissues.solr.apache.org%3E https://lists.apache.org/thread.html/r12cb62751b35bdcda0ae2a08b67877d665a1f4d41eee0fa7367169e0%40%3Cdev.ranger.apache.org%3E https://lists.apache.org/thread.html/r12cb62751b35bdcda0ae2a08b67877d665a1f4d41eee0fa7367169e0@%3Cdev.ranger.apache.org%3E https://lists.apache.org/thread.html/r132e4c6a560cfc519caa1aaee63bdd4036327610eadbd89f76dd5457%40%3Cdev.creadur.apache.org%3E https://lists.apache.org/thread.html/r132e4c6a560cfc519caa1aaee63bdd4036327610eadbd89f76dd5457@%3Cdev.creadur.apache.org%3E https://lists.apache.org/thread.html/r2835543ef0f91adcc47da72389b816e36936f584c7be584d2314fac3%40%3Cissues.lucene.apache.org%3E https://lists.apache.org/thread.html/r2835543ef0f91adcc47da72389b816e36936f584c7be584d2314fac3@%3Cissues.lucene.apache.org%3E https://lists.apache.org/thread.html/r2a03dc210231d7e852ef73015f71792ac0fcaca6cccc024c522ef17d%40%3Ccommits.creadur.apache.org%3E https://lists.apache.org/thread.html/r2a03dc210231d7e852ef73015f71792ac0fcaca6cccc024c522ef17d@%3Ccommits.creadur.apache.org%3E https://lists.apache.org/thread.html/r2dc7930b43eadc78220d269b79e13ecd387e4bee52db67b2f47d4303%40%3Cgitbox.hive.apache.org%3E https://lists.apache.org/thread.html/r2dc7930b43eadc78220d269b79e13ecd387e4bee52db67b2f47d4303@%3Cgitbox.hive.apache.org%3E https://lists.apache.org/thread.html/r34178ab6ef106bc940665fd3f4ba5026fac3603b3fa2aefafa0b619d%40%3Cdev.ranger.apache.org%3E https://lists.apache.org/thread.html/r34178ab6ef106bc940665fd3f4ba5026fac3603b3fa2aefafa0b619d@%3Cdev.ranger.apache.org%3E https://lists.apache.org/thread.html/r34efec51cb817397ccf9f86e25a75676d435ba5f83ee7b2eabdad707%40%3Ccommits.creadur.apache.org%3E https://lists.apache.org/thread.html/r34efec51cb817397ccf9f86e25a75676d435ba5f83ee7b2eabdad707@%3Ccommits.creadur.apache.org%3E https://lists.apache.org/thread.html/r3cecd59fba74404cbf4eb430135e1080897fb376f111406a78bed13a%40%3Cissues.lucene.apache.org%3E https://lists.apache.org/thread.html/r3cecd59fba74404cbf4eb430135e1080897fb376f111406a78bed13a@%3Cissues.lucene.apache.org%3E https://lists.apache.org/thread.html/r3f740e4c38bba1face49078aa5cbeeb558c27be601cc9712ad2dcd1e%40%3Ccommits.creadur.apache.org%3E https://lists.apache.org/thread.html/r3f740e4c38bba1face49078aa5cbeeb558c27be601cc9712ad2dcd1e@%3Ccommits.creadur.apache.org%3E https://lists.apache.org/thread.html/r4850b3fbaea02fde2886e461005e4af8d37c80a48b3ce2a6edca0e30%40%3Cissues.solr.apache.org%3E https://lists.apache.org/thread.html/r4850b3fbaea02fde2886e461005e4af8d37c80a48b3ce2a6edca0e30@%3Cissues.solr.apache.org%3E https://lists.apache.org/thread.html/r549ac8c159bf0c568c19670bedeb8d7c0074beded951d34b1c1d0d05%40%3Cdev.drill.apache.org%3E https://lists.apache.org/thread.html/r549ac8c159bf0c568c19670bedeb8d7c0074beded951d34b1c1d0d05@%3Cdev.drill.apache.org%3E https://lists.apache.org/thread.html/r55b2a1d1e9b1ec9db792b93da8f0f99a4fd5a5310b02673359d9b4d1%40%3Cdev.drill.apache.org%3E https://lists.apache.org/thread.html/r55b2a1d1e9b1ec9db792b93da8f0f99a4fd5a5310b02673359d9b4d1@%3Cdev.drill.apache.org%3E https://lists.apache.org/thread.html/r5b55f65c123a7481104d663a915ec45a0d103e6aaa03f42ed1c07a89%40%3Cdev.jackrabbit.apache.org%3E https://lists.apache.org/thread.html/r5b55f65c123a7481104d663a915ec45a0d103e6aaa03f42ed1c07a89@%3Cdev.jackrabbit.apache.org%3E https://lists.apache.org/thread.html/r5de3d3808e7b5028df966e45115e006456c4e8931dc1e29036f17927%40%3Cissues.solr.apache.org%3E https://lists.apache.org/thread.html/r5de3d3808e7b5028df966e45115e006456c4e8931dc1e29036f17927@%3Cissues.solr.apache.org%3E https://lists.apache.org/thread.html/r5fec9c1d67f928179adf484b01e7becd7c0a6fdfe3a08f92ea743b90%40%3Cissues.hive.apache.org%3E https://lists.apache.org/thread.html/r5fec9c1d67f928179adf484b01e7becd7c0a6fdfe3a08f92ea743b90@%3Cissues.hive.apache.org%3E https://lists.apache.org/thread.html/r63296c45d5d84447babaf39bd1487329d8a80d8d563e67a4b6f3d8a7%40%3Cdev.ranger.apache.org%3E https://lists.apache.org/thread.html/r63296c45d5d84447babaf39bd1487329d8a80d8d563e67a4b6f3d8a7@%3Cdev.ranger.apache.org%3E https://lists.apache.org/thread.html/r69a94e2f302d1b778bdfefe90fcb4b8c50b226438c3c8c1d0de85a19%40%3Cdev.ranger.apache.org%3E https://lists.apache.org/thread.html/r69a94e2f302d1b778bdfefe90fcb4b8c50b226438c3c8c1d0de85a19@%3Cdev.ranger.apache.org%3E https://lists.apache.org/thread.html/r6a3cda38d050ebe13c1bc9a28d0a8ec38945095d07eca49046bcb89f%40%3Cissues.solr.apache.org%3E https://lists.apache.org/thread.html/r6a3cda38d050ebe13c1bc9a28d0a8ec38945095d07eca49046bcb89f@%3Cissues.solr.apache.org%3E https://lists.apache.org/thread.html/r6d672b46622842e565e00f6ef6bef83eb55d8792aac2bee75bff9a2a%40%3Cissues.lucene.apache.org%3E https://lists.apache.org/thread.html/r6d672b46622842e565e00f6ef6bef83eb55d8792aac2bee75bff9a2a@%3Cissues.lucene.apache.org%3E https://lists.apache.org/thread.html/r6dab7da30f8bf075f79ee189e33b45a197502e2676481bb8787fc0d7%40%3Cdev.hc.apache.org%3E https://lists.apache.org/thread.html/r6eb2dae157dbc9af1f30d1f64e9c60d4ebef618f3dce4a0e32d6ea4d%40%3Ccommits.drill.apache.org%3E https://lists.apache.org/thread.html/r6eb2dae157dbc9af1f30d1f64e9c60d4ebef618f3dce4a0e32d6ea4d@%3Ccommits.drill.apache.org%3E https://lists.apache.org/thread.html/r70c429923100c5a4fae8e5bc71c8a2d39af3de4888f50a0ac3755e6f%40%3Ccommits.creadur.apache.org%3E https://lists.apache.org/thread.html/r70c429923100c5a4fae8e5bc71c8a2d39af3de4888f50a0ac3755e6f@%3Ccommits.creadur.apache.org%3E https://lists.apache.org/thread.html/r87ddc09295c27f25471269ad0a79433a91224045988b88f0413a97ec%40%3Cissues.bookkeeper.apache.org%3E https://lists.apache.org/thread.html/r87ddc09295c27f25471269ad0a79433a91224045988b88f0413a97ec@%3Cissues.bookkeeper.apache.org%3E https://lists.apache.org/thread.html/r8aa1e5c343b89aec5b69961471950e862f15246cb6392910161c389b%40%3Cissues.maven.apache.org%3E https://lists.apache.org/thread.html/r8aa1e5c343b89aec5b69961471950e862f15246cb6392910161c389b@%3Cissues.maven.apache.org%3E https://lists.apache.org/thread.html/r9e52a6c72c8365000ecd035e48cc9fee5a677a150350d4420c46443d%40%3Cdev.drill.apache.org%3E https://lists.apache.org/thread.html/r9e52a6c72c8365000ecd035e48cc9fee5a677a150350d4420c46443d@%3Cdev.drill.apache.org%3E https://lists.apache.org/thread.html/ra539f20ef0fb0c27ee39945b5f56bf162e5c13d1c60f7344dab8de3b%40%3Cissues.maven.apache.org%3E https://lists.apache.org/thread.html/ra539f20ef0fb0c27ee39945b5f56bf162e5c13d1c60f7344dab8de3b@%3Cissues.maven.apache.org%3E https://lists.apache.org/thread.html/ra8bc6b61c5df301a6fe5a716315528ecd17ccb8a7f907e24a47a1a5e%40%3Cissues.lucene.apache.org%3E https://lists.apache.org/thread.html/ra8bc6b61c5df301a6fe5a716315528ecd17ccb8a7f907e24a47a1a5e@%3Cissues.lucene.apache.org%3E https://lists.apache.org/thread.html/rad6222134183046f3928f733bf680919e0c390739bfbfe6c90049673%40%3Cissues.drill.apache.org%3E https://lists.apache.org/thread.html/rad6222134183046f3928f733bf680919e0c390739bfbfe6c90049673@%3Cissues.drill.apache.org%3E https://lists.apache.org/thread.html/rae14ae25ff4a60251e3ba2629c082c5ba3851dfd4d21218b99b56652%40%3Cissues.solr.apache.org%3E https://lists.apache.org/thread.html/rae14ae25ff4a60251e3ba2629c082c5ba3851dfd4d21218b99b56652@%3Cissues.solr.apache.org%3E https://lists.apache.org/thread.html/rb33212dab7beccaf1ffef9b88610047c644f644c7a0ebdc44d77e381%40%3Ccommits.turbine.apache.org%3E https://lists.apache.org/thread.html/rb33212dab7beccaf1ffef9b88610047c644f644c7a0ebdc44d77e381@%3Ccommits.turbine.apache.org%3E https://lists.apache.org/thread.html/rb4ba262d6f08ab9cf8b1ebbcd9b00b0368ffe90dad7ad7918b4b56fc%40%3Cdev.drill.apache.org%3E https://lists.apache.org/thread.html/rb4ba262d6f08ab9cf8b1ebbcd9b00b0368ffe90dad7ad7918b4b56fc@%3Cdev.drill.apache.org%3E https://lists.apache.org/thread.html/rb725052404fabffbe093c83b2c46f3f87e12c3193a82379afbc529f8%40%3Csolr-user.lucene.apache.org%3E https://lists.apache.org/thread.html/rb725052404fabffbe093c83b2c46f3f87e12c3193a82379afbc529f8@%3Csolr-user.lucene.apache.org%3E https://lists.apache.org/thread.html/rc0863892ccfd9fd0d0ae10091f24ee769fb39b8957fe4ebabfc11f17%40%3Cdev.jackrabbit.apache.org%3E https://lists.apache.org/thread.html/rc0863892ccfd9fd0d0ae10091f24ee769fb39b8957fe4ebabfc11f17@%3Cdev.jackrabbit.apache.org%3E https://lists.apache.org/thread.html/rc3739e0ad4bcf1888c6925233bfc37dd71156bbc8416604833095c42%40%3Cdev.drill.apache.org%3E https://lists.apache.org/thread.html/rc3739e0ad4bcf1888c6925233bfc37dd71156bbc8416604833095c42@%3Cdev.drill.apache.org%3E https://lists.apache.org/thread.html/rc505fee574fe8d18f9b0c655a4d120b0ae21bb6a73b96003e1d9be35%40%3Cissues.solr.apache.org%3E https://lists.apache.org/thread.html/rc505fee574fe8d18f9b0c655a4d120b0ae21bb6a73b96003e1d9be35@%3Cissues.solr.apache.org%3E https://lists.apache.org/thread.html/rc5c6ccb86d2afe46bbd4b71573f0448dc1f87bbcd5a0d8c7f8f904b2%40%3Cissues.lucene.apache.org%3E https://lists.apache.org/thread.html/rc5c6ccb86d2afe46bbd4b71573f0448dc1f87bbcd5a0d8c7f8f904b2@%3Cissues.lucene.apache.org%3E https://lists.apache.org/thread.html/rc990e2462ec32b09523deafb2c73606208599e196fa2d7f50bdbc587%40%3Cissues.maven.apache.org%3E https://lists.apache.org/thread.html/rc990e2462ec32b09523deafb2c73606208599e196fa2d7f50bdbc587@%3Cissues.maven.apache.org%3E https://lists.apache.org/thread.html/rcced7ed3237c29cd19c1e9bf465d0038b8b2e967b99fc283db7ca553%40%3Cdev.ranger.apache.org%3E https://lists.apache.org/thread.html/rcced7ed3237c29cd19c1e9bf465d0038b8b2e967b99fc283db7ca553@%3Cdev.ranger.apache.org%3E https://lists.apache.org/thread.html/rcd9ad5dda60c82ab0d0c9bd3e9cb1dc740804451fc20c7f451ef5cc4%40%3Cgitbox.hive.apache.org%3E https://lists.apache.org/thread.html/rcd9ad5dda60c82ab0d0c9bd3e9cb1dc740804451fc20c7f451ef5cc4@%3Cgitbox.hive.apache.org%3E https://lists.apache.org/thread.html/rd0e44e8ef71eeaaa3cf3d1b8b41eb25894372e2995ec908ce7624d26%40%3Ccommits.pulsar.apache.org%3E https://lists.apache.org/thread.html/rd0e44e8ef71eeaaa3cf3d1b8b41eb25894372e2995ec908ce7624d26@%3Ccommits.pulsar.apache.org%3E https://lists.apache.org/thread.html/rd5ab56beb2ac6879f6ab427bc4e5f7691aed8362d17b713f61779858%40%3Cissues.hive.apache.org%3E https://lists.apache.org/thread.html/rd5ab56beb2ac6879f6ab427bc4e5f7691aed8362d17b713f61779858@%3Cissues.hive.apache.org%3E https://lists.apache.org/thread.html/re504acd4d63b8df2a7353658f45c9a3137e5f80e41cf7de50058b2c1%40%3Cissues.solr.apache.org%3E https://lists.apache.org/thread.html/re504acd4d63b8df2a7353658f45c9a3137e5f80e41cf7de50058b2c1@%3Cissues.solr.apache.org%3E https://lists.apache.org/thread.html/rea3dbf633dde5008d38bf6600a3738b9216e733e03f9ff7becf79625%40%3Cissues.drill.apache.org%3E https://lists.apache.org/thread.html/rea3dbf633dde5008d38bf6600a3738b9216e733e03f9ff7becf79625@%3Cissues.drill.apache.org%3E https://lists.apache.org/thread.html/ree942561f4620313c75982a4e5f3b74fe6f7062b073210779648eec2%40%3Cissues.lucene.apache.org%3E https://lists.apache.org/thread.html/ree942561f4620313c75982a4e5f3b74fe6f7062b073210779648eec2@%3Cissues.lucene.apache.org%3E https://lists.apache.org/thread.html/reef569c2419705754a3acf42b5f19b2a158153cef0e448158bc54917%40%3Cdev.drill.apache.org%3E https://lists.apache.org/thread.html/reef569c2419705754a3acf42b5f19b2a158153cef0e448158bc54917@%3Cdev.drill.apache.org%3E https://lists.apache.org/thread.html/rf03228972e56cb4a03e6d9558188c2938078cf3ceb23a3fead87c9ca%40%3Cissues.bookkeeper.apache.org%3E https://lists.apache.org/thread.html/rf03228972e56cb4a03e6d9558188c2938078cf3ceb23a3fead87c9ca@%3Cissues.bookkeeper.apache.org%3E https://lists.apache.org/thread.html/rf43d17ed0d1fb4fb79036b582810ef60b18b1ef3add0d5dea825af1e%40%3Cissues.lucene.apache.org%3E https://lists.apache.org/thread.html/rf43d17ed0d1fb4fb79036b582810ef60b18b1ef3add0d5dea825af1e@%3Cissues.lucene.apache.org%3E https://lists.apache.org/thread.html/rf4db88c22e1be9eb60c7dc623d0528642c045fb196a24774ac2fa3a3%40%3Cissues.lucene.apache.org%3E https://lists.apache.org/thread.html/rf4db88c22e1be9eb60c7dc623d0528642c045fb196a24774ac2fa3a3@%3Cissues.lucene.apache.org%3E https://lists.apache.org/thread.html/rf7ca60f78f05b772cc07d27e31bcd112f9910a05caf9095e38ee150f%40%3Cdev.ranger.apache.org%3E https://lists.apache.org/thread.html/rf7ca60f78f05b772cc07d27e31bcd112f9910a05caf9095e38ee150f@%3Cdev.ranger.apache.org%3E https://lists.apache.org/thread.html/rfb35f6db9ba1f1e061b63769a4eff5abadcc254ebfefc280e5a0dcf1%40%3Ccommits.creadur.apache.org%3E https://lists.apache.org/thread.html/rfb35f6db9ba1f1e061b63769a4eff5abadcc254ebfefc280e5a0dcf1@%3Ccommits.creadur.apache.org%3E https://lists.apache.org/thread.html/rfbedcb586a1e7dfce87ee03c720e583fc2ceeafa05f35c542cecc624%40%3Cissues.solr.apache.org%3E https://lists.apache.org/thread.html/rfbedcb586a1e7dfce87ee03c720e583fc2ceeafa05f35c542cecc624@%3Cissues.solr.apache.org%3E https://lists.apache.org/thread.html/rfc00884c7b7ca878297bffe45fcb742c362b00b26ba37070706d44c3%40%3Cissues.hive.apache.org%3E https://lists.apache.org/thread.html/rfc00884c7b7ca878297bffe45fcb742c362b00b26ba37070706d44c3@%3Cissues.hive.apache.org%3E https://nvd.nist.gov/vuln/detail/CVE-2020-13956 https://priyankn.github.io/2021-02-26-CVE-2020-13956/ https://security.netapp.com/advisory/ntap-20220210-0002 https://security.netapp.com/advisory/ntap-20220210-0002/ https://ubuntu.com/security/notices/USN-5239-1 https://www.cve.org/CVERecord?id=CVE-2020-13956 https://www.openwall.com/lists/oss-security/2020/10/08/4 https://www.oracle.com//security-alerts/cpujul2021.html https://www.oracle.com/security-alerts/cpuApr2021.html https://www.oracle.com/security-alerts/cpuapr2022.html https://www.oracle.com/security-alerts/cpujan2022.html https://www.oracle.com/security-alerts/cpuoct2021.html
org.apache.tomcat.embed:tomcat-embed-core	CVE-2026-41293	CRITICAL	10.1.42	9.0.118, 10.1.55, 11.0.22	http://www.openwall.com/lists/oss-security/2026/05/12/13 https://github.com/apache/tomcat https://github.com/apache/tomcat/commit/19f17a257797e8d139b33ff9c88d362a273be148 https://github.com/apache/tomcat/commit/1c70480466572c9192ed412ebefcd43fc63137fd https://github.com/apache/tomcat/commit/2a2476460e823789f530a22207873ea8cd6eff3b https://github.com/apache/tomcat/commit/3915fd27e6810b14ccd21e3d900bd8faef44d3df https://github.com/apache/tomcat/commit/57c2b3bfd62792631e1df24cf4237b990a0b36fa https://github.com/apache/tomcat/commit/c2925554c677da57390f940d856871e18daaacab https://github.com/apache/tomcat/commit/cf9452443bcbf3b1a4b435ef7d624364f1b65ca3 https://github.com/apache/tomcat/commit/e5cef9618c3f4fd31bd6fb1e83f0f18022280dac https://github.com/apache/tomcat/commit/f72a6174ab1f0f5a053435f80448b4f6837fe6d7 https://lists.apache.org/thread/qwg0q16z7xkb2qrr853wdll5531mvl1r https://nvd.nist.gov/vuln/detail/CVE-2026-41293 https://tomcat.apache.org/security-10.html https://tomcat.apache.org/security-11.html https://tomcat.apache.org/security-9.html https://www.cve.org/CVERecord?id=CVE-2026-41293
org.apache.tomcat.embed:tomcat-embed-core	CVE-2026-43512	CRITICAL	10.1.42	9.0.118, 10.1.55, 11.0.22	http://www.openwall.com/lists/oss-security/2026/05/12/8 https://access.redhat.com/security/cve/CVE-2026-43512 https://github.com/apache/tomcat/commit/3d4d3fae07a6cd9c2eb193c5491001740ec64448 https://github.com/apache/tomcat/commit/6565a6cb6499e56fe2f34457cec99f9d1c4f39e9 https://github.com/apache/tomcat/commit/a99c355e8199adbfd67c9a1fffbd85b810b196cd https://lists.apache.org/thread/7x09x7o12solvclslw3sz0288xc8wx73 https://nvd.nist.gov/vuln/detail/CVE-2026-43512 https://tomcat.apache.org/security-10.html https://tomcat.apache.org/security-11.html https://tomcat.apache.org/security-9.html https://www.cve.org/CVERecord?id=CVE-2026-43512
org.apache.tomcat.embed:tomcat-embed-core	CVE-2026-43515	CRITICAL	10.1.42	9.0.118, 10.1.55, 11.0.22	http://www.openwall.com/lists/oss-security/2026/05/12/11 https://github.com/apache/tomcat https://github.com/apache/tomcat/commit/276087d9c7abbcecc6c4fb4e4b08cf64780c6e36 https://github.com/apache/tomcat/commit/c621317382682206fb58ab92ebd3e1b6fdd10ce9 https://github.com/apache/tomcat/commit/db919ff9912b4d61d1b702a1342b8bde39270031 https://lists.apache.org/thread/746nxfxod0wsocxtmv8pb8nkgmwpc6bb https://nvd.nist.gov/vuln/detail/CVE-2026-43515 https://tomcat.apache.org/security-10.html https://tomcat.apache.org/security-11.html https://tomcat.apache.org/security-9.html https://www.cve.org/CVERecord?id=CVE-2026-43515
org.apache.tomcat.embed:tomcat-embed-core	CVE-2025-48989	HIGH	10.1.42	11.0.10, 10.1.44, 9.0.108	http://www.openwall.com/lists/oss-security/2025/08/13/2 https://access.redhat.com/errata/RHSA-2025:14181 https://access.redhat.com/security/cve/CVE-2025-48989 https://bugzilla.redhat.com/2373015 https://bugzilla.redhat.com/2373018 https://bugzilla.redhat.com/2373020 https://bugzilla.redhat.com/2373309 https://bugzilla.redhat.com/2379374 https://bugzilla.redhat.com/2379382 https://bugzilla.redhat.com/2379386 https://bugzilla.redhat.com/show_bug.cgi?id=2373015 https://bugzilla.redhat.com/show_bug.cgi?id=2373018 https://bugzilla.redhat.com/show_bug.cgi?id=2373020 https://bugzilla.redhat.com/show_bug.cgi?id=2373309 https://bugzilla.redhat.com/show_bug.cgi?id=2379374 https://bugzilla.redhat.com/show_bug.cgi?id=2379386 https://cert-portal.siemens.com/productcert/html/ssa-032379.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48976 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48988 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48989 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-49125 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-52520 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-53506 https://errata.almalinux.org/9/ALSA-2025-14181.html https://errata.rockylinux.org/RLSA-2025:14179 https://github.com/apache/tomcat https://github.com/apache/tomcat/commit/73c04a10395774bda71a0b37802cf983662ce255 https://github.com/apache/tomcat/commit/73c04a10395774bda71a0b37802cf983662ce255 (10.1.44) https://github.com/apache/tomcat/commit/f362c8eb3b8ec5b7f312f7f5610731c0fb299a06 https://github.com/apache/tomcat/commit/f362c8eb3b8ec5b7f312f7f5610731c0fb299a06 (11.0.10) https://github.com/apache/tomcat/commit/f36b8a4eea4ce8a0bc035079e1d259d29f5eb7bf https://github.com/apache/tomcat/commit/f36b8a4eea4ce8a0bc035079e1d259d29f5eb7bf (9.0.108) https://kb.cert.org/vuls/id/767506 https://linux.oracle.com/cve/CVE-2025-48989.html https://linux.oracle.com/errata/ELSA-2025-14181.html https://lists.apache.org/thread/9ydfg0xr0tchmglcprhxgwhj0hfwxlyf https://nvd.nist.gov/vuln/detail/CVE-2025-48989 https://tomcat.apache.org/security-10.html https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.44 https://tomcat.apache.org/security-11.html https://tomcat.apache.org/security-9.html https://www.cve.org/CVERecord?id=CVE-2025-48989 https://www.kb.cert.org/vuls/id/767506
org.apache.tomcat.embed:tomcat-embed-core	CVE-2025-52520	HIGH	10.1.42	11.0.9, 10.1.43, 9.0.107	http://www.openwall.com/lists/oss-security/2025/07/10/12 https://access.redhat.com/errata/RHSA-2025:14181 https://access.redhat.com/security/cve/CVE-2025-52520 https://bugzilla.redhat.com/2373015 https://bugzilla.redhat.com/2373018 https://bugzilla.redhat.com/2373020 https://bugzilla.redhat.com/2373309 https://bugzilla.redhat.com/2379374 https://bugzilla.redhat.com/2379382 https://bugzilla.redhat.com/2379386 https://bugzilla.redhat.com/show_bug.cgi?id=2373015 https://bugzilla.redhat.com/show_bug.cgi?id=2373018 https://bugzilla.redhat.com/show_bug.cgi?id=2373020 https://bugzilla.redhat.com/show_bug.cgi?id=2373309 https://bugzilla.redhat.com/show_bug.cgi?id=2379374 https://bugzilla.redhat.com/show_bug.cgi?id=2379386 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48976 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48988 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48989 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-49125 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-52520 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-53506 https://errata.almalinux.org/9/ALSA-2025-14181.html https://errata.rockylinux.org/RLSA-2025:14179 https://github.com/apache/tomcat https://github.com/apache/tomcat/commit/927d66fbc294cb65242102b817a45fd80834e040 https://github.com/apache/tomcat/commit/927d66fbc294cb65242102b817a45fd80834e040 (9.0.107) https://github.com/apache/tomcat/commit/a51e4bedccfafd35b7cdd0ee3e22267dee9f90db https://github.com/apache/tomcat/commit/a51e4bedccfafd35b7cdd0ee3e22267dee9f90db (11.0.9) https://github.com/apache/tomcat/commit/fc42bbccb9041fafd194fbfdf3eab1d44cb5c45c https://github.com/apache/tomcat/commit/fc42bbccb9041fafd194fbfdf3eab1d44cb5c45c (10.1.43) https://linux.oracle.com/cve/CVE-2025-52520.html https://linux.oracle.com/errata/ELSA-2025-14181.html https://lists.apache.org/thread/trqq01bbxw6c92zx69kx2mw2qgmfy0o5 https://lists.debian.org/debian-lts-announce/2025/07/msg00009.html https://nvd.nist.gov/vuln/detail/CVE-2025-52520 https://www.cve.org/CVERecord?id=CVE-2025-52520
org.apache.tomcat.embed:tomcat-embed-core	CVE-2025-53506	HIGH	10.1.42	9.0.107, 10.1.43, 11.0.9	http://www.openwall.com/lists/oss-security/2025/07/10/13 https://access.redhat.com/errata/RHSA-2025:14181 https://access.redhat.com/security/cve/CVE-2025-53506 https://bugzilla.redhat.com/2373015 https://bugzilla.redhat.com/2373018 https://bugzilla.redhat.com/2373020 https://bugzilla.redhat.com/2373309 https://bugzilla.redhat.com/2379374 https://bugzilla.redhat.com/2379382 https://bugzilla.redhat.com/2379386 https://bugzilla.redhat.com/show_bug.cgi?id=2373015 https://bugzilla.redhat.com/show_bug.cgi?id=2373018 https://bugzilla.redhat.com/show_bug.cgi?id=2373020 https://bugzilla.redhat.com/show_bug.cgi?id=2373309 https://bugzilla.redhat.com/show_bug.cgi?id=2379374 https://bugzilla.redhat.com/show_bug.cgi?id=2379386 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48976 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48988 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48989 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-49125 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-52520 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-53506 https://errata.almalinux.org/9/ALSA-2025-14181.html https://errata.rockylinux.org/RLSA-2025:14179 https://github.com/apache/tomcat https://github.com/apache/tomcat/commit/2aa6261276ebe50b99276953591e3a2be7898bdb https://github.com/apache/tomcat/commit/2aa6261276ebe50b99276953591e3a2be7898bdb (10.1.43) https://github.com/apache/tomcat/commit/434772930f362145516dd60681134e7f0cf8115b https://github.com/apache/tomcat/commit/434772930f362145516dd60681134e7f0cf8115b (9.0.107) https://github.com/apache/tomcat/commit/be8f330f83ceddaf3baeed57522e571572b6b99b https://github.com/apache/tomcat/commit/be8f330f83ceddaf3baeed57522e571572b6b99b (11.0.9) https://linux.oracle.com/cve/CVE-2025-53506.html https://linux.oracle.com/errata/ELSA-2025-14181.html https://lists.apache.org/thread/p09775q0rd185m6zz98krg0fp45j8kr0 https://lists.debian.org/debian-lts-announce/2025/07/msg00009.html https://nvd.nist.gov/vuln/detail/CVE-2025-53506 https://www.cve.org/CVERecord?id=CVE-2025-53506
org.apache.tomcat.embed:tomcat-embed-core	CVE-2025-55752	HIGH	10.1.42	11.0.11, 10.1.45, 9.0.109	http://www.openwall.com/lists/oss-security/2025/10/27/4 https://access.redhat.com/errata/RHSA-2025:23049 https://access.redhat.com/security/cve/CVE-2025-55752 https://bugzilla.redhat.com/2362782 https://bugzilla.redhat.com/2406591 https://bugzilla.redhat.com/show_bug.cgi?id=2362782 https://bugzilla.redhat.com/show_bug.cgi?id=2406591 https://cert-portal.siemens.com/productcert/html/ssa-032379.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-31651 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-55752 https://errata.almalinux.org/9/ALSA-2025-23049.html https://errata.rockylinux.org/RLSA-2025:23052 https://github.com/apache/tomcat https://github.com/apache/tomcat/commit/130d36d8492ef9e4eb22952c17c92423cb35fd06 https://github.com/apache/tomcat/commit/130d36d8492ef9e4eb22952c17c92423cb35fd06 (10.1.45) https://github.com/apache/tomcat/commit/b5042622b8b78340ae65403c55dcb9c7416924df https://github.com/apache/tomcat/commit/b5042622b8b78340ae65403c55dcb9c7416924df (9.0.109) https://github.com/apache/tomcat/commit/fec06c610ed7466b401e29cc567a58aee5ed826a https://github.com/apache/tomcat/commit/fec06c610ed7466b401e29cc567a58aee5ed826a (11.0.11) https://linux.oracle.com/cve/CVE-2025-55752.html https://linux.oracle.com/errata/ELSA-2025-23052.html https://lists.apache.org/thread/n05kjcwyj1s45ovs8ll1qrrojhfb1tog https://nvd.nist.gov/vuln/detail/CVE-2025-55752 https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.45 https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.11 https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.109 https://www.cve.org/CVERecord?id=CVE-2025-55752 https://www.vicarius.io/vsociety/posts/cve-2025-55752-detect-apache-tomcat-vulnerability https://www.vicarius.io/vsociety/posts/cve-2025-55752-mitigate-apache-tomcat-vulnerability
org.apache.tomcat.embed:tomcat-embed-core	CVE-2026-24734	HIGH	10.1.42	11.0.18, 10.1.52, 9.0.115	https://access.redhat.com/errata/RHSA-2026:19054 https://access.redhat.com/security/cve/CVE-2026-24734 https://bugzilla.redhat.com/2440426 https://errata.almalinux.org/10/ALSA-2026-19054.html https://github.com/apache/tomcat https://lists.apache.org/thread/292dlmx3fz1888v6v16221kpozq56gml https://nvd.nist.gov/vuln/detail/CVE-2026-24734 https://www.cve.org/CVERecord?id=CVE-2026-24734
org.apache.tomcat.embed:tomcat-embed-core	CVE-2026-24880	HIGH	10.1.42	9.0.116, 10.1.52, 11.0.20	http://www.openwall.com/lists/oss-security/2026/04/09/20 https://access.redhat.com/security/cve/CVE-2026-24880 https://github.com/apache/tomcat https://github.com/apache/tomcat/commit/1b586d6aa8ae65726da5fa8799427b5d4718478a https://github.com/apache/tomcat/commit/1e71441a15972f56e661b0b549fb9e5d838b83bb https://github.com/apache/tomcat/commit/2cb06c34f661ca42f7570bbcc21e99806184bcc5 https://github.com/apache/tomcat/commit/6d478dbe18b7c4bb671c30fedf130309b0dab77c https://github.com/apache/tomcat/commit/f07df938d00f7419b40fa65aa912966d0efac522 https://github.com/apache/tomcat/commit/fde1a8235fb73125217bd41e162aa0a113f33552 https://lists.apache.org/thread/2c682qnlg2tv4o5knlggqbl9yc2gb5sn https://nvd.nist.gov/vuln/detail/CVE-2026-24880 https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.53 https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.20 https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.116 https://www.cve.org/CVERecord?id=CVE-2026-24880 https://www.herodevs.com/vulnerability-directory/cve-2026-24880
org.apache.tomcat.embed:tomcat-embed-core	CVE-2026-34483	HIGH	10.1.42	9.0.116, 10.1.54, 11.0.21	http://www.openwall.com/lists/oss-security/2026/04/09/26 https://access.redhat.com/security/cve/CVE-2026-34483 https://github.com/apache/tomcat https://lists.apache.org/thread/j1w7304yonlr8vo1tkb5nfs7od1y228b https://nvd.nist.gov/vuln/detail/CVE-2026-34483 https://www.cve.org/CVERecord?id=CVE-2026-34483
org.apache.tomcat.embed:tomcat-embed-core	CVE-2026-34487	HIGH	10.1.42	9.0.117, 10.1.54, 11.0.21	http://www.openwall.com/lists/oss-security/2026/04/09/28 https://access.redhat.com/security/cve/CVE-2026-34487 https://github.com/apache/tomcat https://lists.apache.org/thread/4xpkwolpkrj8v5xzp5nyovtlqp3y850h https://nvd.nist.gov/vuln/detail/CVE-2026-34487 https://www.cve.org/CVERecord?id=CVE-2026-34487
org.apache.tomcat.embed:tomcat-embed-core	CVE-2026-41284	HIGH	10.1.42	9.0.118, 10.1.55, 11.0.22	http://www.openwall.com/lists/oss-security/2026/05/12/12 https://github.com/apache/tomcat https://github.com/apache/tomcat/commit/17dacd9aa48628da2eba37a9ab743c0b6c71685c https://github.com/apache/tomcat/commit/a96fffd18487a29c0a30d36f00cb2b2d91f6d42c https://github.com/apache/tomcat/commit/b3d1c1c239142e806be0b7329d304b94a58913ed https://lists.apache.org/thread/2nvqjr7ovjmvx2vbhb7s61ycd5msc8qc https://nvd.nist.gov/vuln/detail/CVE-2026-41284 https://tomcat.apache.org/security-10.html https://tomcat.apache.org/security-11.html https://tomcat.apache.org/security-9.html https://www.cve.org/CVERecord?id=CVE-2026-41284
org.apache.tomcat.embed:tomcat-embed-core	CVE-2026-42498	HIGH	10.1.42	9.0.118, 10.1.55, 11.0.22	http://www.openwall.com/lists/oss-security/2026/05/12/14 https://github.com/apache/tomcat https://github.com/apache/tomcat/commit/169d725788ea6aec217ecac70fe4161c837ba423 https://github.com/apache/tomcat/commit/6cbe274592ef2d11607b5b188e1df649de52f8d5 https://github.com/apache/tomcat/commit/b7b173694d588ddcfa432f079baf763cbbbaa5c4 https://lists.apache.org/thread/n61zwf75jrv09rz90j4jssncm244bwdb https://nvd.nist.gov/vuln/detail/CVE-2026-42498 https://tomcat.apache.org/security-10.html https://tomcat.apache.org/security-11.html https://tomcat.apache.org/security-9.html https://www.cve.org/CVERecord?id=CVE-2026-42498
org.apache.tomcat.embed:tomcat-embed-core	CVE-2026-43513	HIGH	10.1.42	9.0.118, 10.1.55, 11.0.22	http://www.openwall.com/lists/oss-security/2026/05/12/9 https://github.com/apache/tomcat https://github.com/apache/tomcat/commit/4a90d3fa93988c447cd5bb7482f76ff70d7f15c2 https://github.com/apache/tomcat/commit/6dd75beb55bd42fc5f78e929596b25018cd17717 https://github.com/apache/tomcat/commit/83f3e51df7b87f5f6e626951c575ded1a512e8ef https://lists.apache.org/thread/ytjcgldshj73lcnd1sh95od5hrghwogp https://nvd.nist.gov/vuln/detail/CVE-2026-43513 https://tomcat.apache.org/security-10.html https://tomcat.apache.org/security-11.html https://tomcat.apache.org/security-9.html https://www.cve.org/CVERecord?id=CVE-2026-43513
org.apache.tomcat.embed:tomcat-embed-core	CVE-2025-66614	MEDIUM	10.1.42	11.0.15, 10.1.50, 9.0.113	https://access.redhat.com/security/cve/CVE-2025-66614 https://github.com/apache/tomcat https://github.com/apache/tomcat/commit/152c14885d45f5e0a8b59bd9f93c289cfe20ce30 https://github.com/apache/tomcat/commit/258a591b61f8cf5c22109e21e5a2a38b63454fd2 https://github.com/apache/tomcat/commit/5053fa82a1b2b52756810601227984a8b71888a4 https://github.com/apache/tomcat/commit/9276b5e783c8cd5b3fe2bb716306b65004bdd940 https://github.com/apache/tomcat/commit/972f9a5e2a07674d92610c478aac1b205d60724e https://github.com/apache/tomcat/commit/a4aa74232e826028cd2f7ba0445caf8a8b52c509 https://lists.apache.org/thread/vw6lxtlh2qbqwpb61wd3sv1flm2nttw7 https://nvd.nist.gov/vuln/detail/CVE-2025-66614 https://tomcat.apache.org/security-10.html https://tomcat.apache.org/security-11.html https://tomcat.apache.org/security-9.html https://www.cve.org/CVERecord?id=CVE-2025-66614
org.apache.tomcat.embed:tomcat-embed-core	CVE-2026-25854	MEDIUM	10.1.42	9.0.116, 10.1.53, 11.0.20	http://www.openwall.com/lists/oss-security/2026/04/09/21 https://access.redhat.com/security/cve/CVE-2026-25854 https://github.com/apache/tomcat https://lists.apache.org/thread/ghct3b6o74bp2vm7q875s1zh0dqrz3h0 https://nvd.nist.gov/vuln/detail/CVE-2026-25854 https://www.cve.org/CVERecord?id=CVE-2026-25854
org.apache.tomcat.embed:tomcat-embed-core	CVE-2025-55754	LOW	10.1.42	11.0.11, 10.1.45, 9.0.109	http://www.openwall.com/lists/oss-security/2025/10/27/5 https://access.redhat.com/security/cve/CVE-2025-55754 https://cert-portal.siemens.com/productcert/html/ssa-032379.html https://github.com/apache/tomcat https://github.com/apache/tomcat/commit/138d7f5cfaae683078948303333c080e6faa75d2 https://github.com/apache/tomcat/commit/138d7f5cfaae683078948303333c080e6faa75d2 (10.1.45) https://github.com/apache/tomcat/commit/5a3db092982c0c58d4855304167ee757fe5e79bb https://github.com/apache/tomcat/commit/5a3db092982c0c58d4855304167ee757fe5e79bb (11.0.11) https://github.com/apache/tomcat/commit/a03cabf3a36a42d27d8d997ed31f034f50ba6cd5 https://github.com/apache/tomcat/commit/a03cabf3a36a42d27d8d997ed31f034f50ba6cd5 (9.0.109) https://lists.apache.org/thread/j7w54hqbkfcn0xb9xy0wnx8w5nymcbqd https://nvd.nist.gov/vuln/detail/CVE-2025-55754 https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.45 https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.11 https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.109 https://www.cve.org/CVERecord?id=CVE-2025-55754
org.apache.tomcat.embed:tomcat-embed-core	CVE-2025-61795	LOW	10.1.42	11.0.12, 10.1.47, 9.0.110	http://www.openwall.com/lists/oss-security/2025/10/27/6 https://access.redhat.com/errata/RHSA-2025:23050 https://access.redhat.com/security/cve/CVE-2025-61795 https://bugzilla.redhat.com/2362782 https://bugzilla.redhat.com/2406588 https://bugzilla.redhat.com/2406591 https://bugzilla.redhat.com/show_bug.cgi?id=2362782 https://bugzilla.redhat.com/show_bug.cgi?id=2406588 https://bugzilla.redhat.com/show_bug.cgi?id=2406591 https://cert-portal.siemens.com/productcert/html/ssa-032379.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-31651 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-55752 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61795 https://errata.almalinux.org/10/ALSA-2025-23050.html https://errata.rockylinux.org/RLSA-2025:23050 https://github.com/apache/tomcat https://github.com/apache/tomcat/commit/1cdf5f730ede75a0759492f179ac21ca4ff68e06 https://github.com/apache/tomcat/commit/1cdf5f730ede75a0759492f179ac21ca4ff68e06 (11.0.12) https://github.com/apache/tomcat/commit/af6e9181620304c0d818121c29c074e1330610d0 https://github.com/apache/tomcat/commit/af6e9181620304c0d818121c29c074e1330610d0 (10.1.47) https://github.com/apache/tomcat/commit/afa422bd7ca1eef0f507259c682fd876494d9c3b https://github.com/apache/tomcat/commit/afa422bd7ca1eef0f507259c682fd876494d9c3b (9.0.110) https://linux.oracle.com/cve/CVE-2025-61795.html https://linux.oracle.com/errata/ELSA-2025-23050.html https://lists.apache.org/thread/wm9mx8brmx9g4zpywm06ryrtvd3160pp https://nvd.nist.gov/vuln/detail/CVE-2025-61795 https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.47 https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.12 https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.110 https://www.cve.org/CVERecord?id=CVE-2025-61795
org.apache.tomcat.embed:tomcat-embed-core	CVE-2026-24733	LOW	10.1.42	11.0.15, 10.1.50, 9.0.113	https://access.redhat.com/security/cve/CVE-2026-24733 https://github.com/apache/tomcat https://github.com/apache/tomcat/commit/2e2fa23f2635bbb819759576a2f2f5e64ecf7c5f https://github.com/apache/tomcat/commit/6c73d74ff281260d74c836370ff6b82f1da8048b https://github.com/apache/tomcat/commit/711b465cf22684a1acf0cb43501cdbbce9b6c5f4 https://lists.apache.org/thread/6xk3t65qpn1myp618krtfotbjn1qt90f https://nvd.nist.gov/vuln/detail/CVE-2026-24733 https://tomcat.apache.org/security-10.html https://tomcat.apache.org/security-11.html https://tomcat.apache.org/security-9.html https://www.cve.org/CVERecord?id=CVE-2026-24733
org.apache.tomcat.embed:tomcat-embed-core	CVE-2026-43514	LOW	10.1.42	9.0.118, 10.1.55, 11.0.22	http://www.openwall.com/lists/oss-security/2026/05/12/10 https://github.com/apache/tomcat https://github.com/apache/tomcat/commit/933dcdbf2515972280002929e7e597dead2e9ffa https://github.com/apache/tomcat/commit/a102a2a157868ca51d83eaf5a119ccd9976a113e https://github.com/apache/tomcat/commit/d35d9d23263c8e4af561f615c960c91697ff200e https://lists.apache.org/thread/2k654v5cq123npfsd1b2kk1y30owqb1m https://nvd.nist.gov/vuln/detail/CVE-2026-43514 https://tomcat.apache.org/security-10.html https://tomcat.apache.org/security-11.html https://tomcat.apache.org/security-9.html https://www.cve.org/CVERecord?id=CVE-2026-43514
org.bouncycastle:bcprov-jdk18on	CVE-2026-5598	HIGH	1.78.1	1.84	https://access.redhat.com/security/cve/CVE-2026-5598 https://github.com/bcgit/bc-java https://github.com/bcgit/bc-java/commit/8692e6b2b191fc4aafa32545c7a78bdb9bf110c5 https://github.com/bcgit/bc-java/commit/94abbd56413dfdac651fd878bc60253871ef5e87 https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902026%E2%80%905598 https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902026%E2%80%905998 https://github.com/bcgit/bc-java/wiki/CVE-2026-5598 https://nvd.nist.gov/vuln/detail/CVE-2026-5598 https://www.cve.org/CVERecord?id=CVE-2026-5598
org.bouncycastle:bcprov-jdk18on	CVE-2026-0636	MEDIUM	1.78.1	1.84	https://access.redhat.com/security/cve/CVE-2026-0636 https://github.com/bcgit/bc-java https://github.com/bcgit/bc-java/commit/d20cdb8430e09224114fec0179a71859929fcbde https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902026%E2%80%900636 https://nvd.nist.gov/vuln/detail/CVE-2026-0636 https://www.cve.org/CVERecord?id=CVE-2026-0636
org.postgresql:postgresql	CVE-2026-42198	HIGH	42.7.7	42.7.11	https://access.redhat.com/security/cve/CVE-2026-42198 https://bugzilla.redhat.com/show_bug.cgi?id=2463857 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42198 https://errata.rockylinux.org/RLSA-2026:22304 https://github.com/pgjdbc/pgjdbc https://github.com/pgjdbc/pgjdbc/releases/tag/REL42.7.11 https://github.com/pgjdbc/pgjdbc/security/advisories/GHSA-98qh-xjc8-98pq https://nvd.nist.gov/vuln/detail/CVE-2026-42198 https://www.cve.org/CVERecord?id=CVE-2026-42198
org.springframework.boot:spring-boot	CVE-2026-40973	HIGH	3.4.7	4.0.6, 3.5.14	https://access.redhat.com/security/cve/CVE-2026-40973 https://github.com/spring-projects/spring-boot https://nvd.nist.gov/vuln/detail/CVE-2026-40973 https://spring.io/security/cve-2026-40973 https://www.cve.org/CVERecord?id=CVE-2026-40973
org.springframework.security:spring-security-core	CVE-2026-22751	MEDIUM	6.4.12	6.5.10, 7.0.5	https://access.redhat.com/security/cve/CVE-2026-22751 https://github.com/spring-projects/spring-security https://github.com/spring-projects/spring-security/commit/163772775036c4146815a5266874278c6f45f047 https://github.com/spring-projects/spring-security/commit/4187af38b251fc97fdf9949f7869618111e6e261 https://nvd.nist.gov/vuln/detail/CVE-2026-22751 https://spring.io/security/cve-2026-22751 https://www.cve.org/CVERecord?id=CVE-2026-22751
org.springframework.security:spring-security-core	CVE-2026-22746	LOW	6.4.12	6.5.10, 7.0.5	https://access.redhat.com/security/cve/CVE-2026-22746 https://github.com/spring-projects/spring-security https://nvd.nist.gov/vuln/detail/CVE-2026-22746 https://spring.io/security/cve-2026-22746 https://www.cve.org/CVERecord?id=CVE-2026-22746
org.springframework.security:spring-security-web	CVE-2026-22732	CRITICAL	6.4.12	6.5.9, 7.0.4	https://access.redhat.com/security/cve/CVE-2026-22732 https://github.com/spring-projects/spring-security https://nvd.nist.gov/vuln/detail/CVE-2026-22732 https://spring.io/security/cve-2026-22732 https://www.cve.org/CVERecord?id=CVE-2026-22732
org.springframework:spring-webflux	CVE-2026-22737	MEDIUM	6.2.12	7.0.6, 6.2.17	https://access.redhat.com/security/cve/CVE-2026-22737 https://github.com/spring-projects/spring-framework https://nvd.nist.gov/vuln/detail/CVE-2026-22737 https://spring.io/security/cve-2026-22737 https://www.cve.org/CVERecord?id=CVE-2026-22737
org.springframework:spring-webflux	CVE-2026-22745	MEDIUM	6.2.12	7.0.7, 6.2.18	https://access.redhat.com/security/cve/CVE-2026-22745 https://github.com/spring-projects/spring-framework https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L&version=3.1 https://nvd.nist.gov/vuln/detail/CVE-2026-22745 https://spring.io/security/cve-2026-22745 https://www.cve.org/CVERecord?id=CVE-2026-22745
org.springframework:spring-webflux	CVE-2026-22735	LOW	6.2.12	7.0.6, 6.2.17	https://access.redhat.com/security/cve/CVE-2026-22735 https://github.com/spring-projects/spring-framework https://nvd.nist.gov/vuln/detail/CVE-2026-22735 https://spring.io/security/cve-2026-22735 https://www.cve.org/CVERecord?id=CVE-2026-22735
org.springframework:spring-webflux	CVE-2026-22740	LOW	6.2.12	7.0.7, 6.2.18	https://access.redhat.com/security/cve/CVE-2026-22740 https://github.com/spring-projects/spring-framework https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H&version=3.1 https://nvd.nist.gov/vuln/detail/CVE-2026-22740 https://spring.io/security/cve-2026-22740 https://www.cve.org/CVERecord?id=CVE-2026-22740
org.springframework:spring-webflux	CVE-2026-22741	LOW	6.2.12	7.0.7, 6.2.18	https://access.redhat.com/security/cve/CVE-2026-22741 https://docs.spring.io/spring-framework/reference/web/webmvc/mvc-config/static-resources.html#page-title https://github.com/spring-projects/spring-framework https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L&version=3.1 https://nvd.nist.gov/vuln/detail/CVE-2026-22741 https://spring.io/security/cve-2026-22741 https://www.cve.org/CVERecord?id=CVE-2026-22741
org.springframework:spring-webmvc	CVE-2026-22737	MEDIUM	6.2.12	7.0.6, 6.2.17	https://access.redhat.com/security/cve/CVE-2026-22737 https://github.com/spring-projects/spring-framework https://nvd.nist.gov/vuln/detail/CVE-2026-22737 https://spring.io/security/cve-2026-22737 https://www.cve.org/CVERecord?id=CVE-2026-22737
org.springframework:spring-webmvc	CVE-2026-22745	MEDIUM	6.2.12	7.0.7, 6.2.18	https://access.redhat.com/security/cve/CVE-2026-22745 https://github.com/spring-projects/spring-framework https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L&version=3.1 https://nvd.nist.gov/vuln/detail/CVE-2026-22745 https://spring.io/security/cve-2026-22745 https://www.cve.org/CVERecord?id=CVE-2026-22745
org.springframework:spring-webmvc	CVE-2026-22735	LOW	6.2.12	7.0.6, 6.2.17	https://access.redhat.com/security/cve/CVE-2026-22735 https://github.com/spring-projects/spring-framework https://nvd.nist.gov/vuln/detail/CVE-2026-22735 https://spring.io/security/cve-2026-22735 https://www.cve.org/CVERecord?id=CVE-2026-22735
org.springframework:spring-webmvc	CVE-2026-22741	LOW	6.2.12	7.0.7, 6.2.18	https://access.redhat.com/security/cve/CVE-2026-22741 https://docs.spring.io/spring-framework/reference/web/webmvc/mvc-config/static-resources.html#page-title https://github.com/spring-projects/spring-framework https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L&version=3.1 https://nvd.nist.gov/vuln/detail/CVE-2026-22741 https://spring.io/security/cve-2026-22741 https://www.cve.org/CVERecord?id=CVE-2026-22741
No Misconfigurations found