Threats Tagged 'cve-2025-55752'

Red Hat JBoss Web Server 6. 1. 3 includes important security fixes addressing multiple vulnerabilities in Apache Tomcat components. These include a directory traversal vulnerability with possible remote code execution (CVE-2025-55752), a denial of service vulnerability (CVE-2025-61795), and a bypass of rules in the Rewrite Valve (CVE-2025-31651). The update replaces version 6. 1. 2 and is available for Red Hat Enterprise Linux 8, 9, and 10. The advisory rates the security impact as Important. Users should apply this update to remediate the identified issues.

Red Hat JBoss Web Server 6. 1. 3 addresses multiple security vulnerabilities in Apache Tomcat components, including a directory traversal vulnerability with potential remote code execution (CVE-2025-55752), a denial of service issue (CVE-2025-61795), and a bypass of rules in the Rewrite Valve (CVE-2025-31651). These issues are fixed in this release, which replaces version 6. 1. 2. The update is rated as important by Red Hat Product Security.

Red Hat JBoss Web Server 5. 8. 6 includes important security fixes addressing multiple vulnerabilities in Apache Tomcat components. These include a denial-of-service attack via HTTP/2 control frames (CVE-2025-48989), a bypass of rules in the Rewrite Valve (CVE-2025-31651), and a directory traversal vulnerability with possible remote code execution (CVE-2025-55752). The update replaces version 5. 8. 5 and is rated with an Important security impact by Red Hat. Users should apply this update to mitigate these issues.

Red Hat JBoss Web Server 5. 8. 6 includes important security fixes addressing multiple vulnerabilities in Apache Tomcat components. These include a denial-of-service attack via HTTP/2 control frames (CVE-2025-48989), a bypass of rules in the Rewrite Valve (CVE-2025-31651), and a directory traversal vulnerability via rewrite that may lead to remote code execution (CVE-2025-55752). The update replaces version 5. 8. 5 and is available for Red Hat Enterprise Linux 7, 8, and 9. The advisory rates the security impact as Important and provides updated packages to remediate these issues.

Two security vulnerabilities have been identified in Apache Tomcat as packaged for Red Hat Enterprise Linux 9. 6 Extended Update Support. The first vulnerability (CVE-2025-31651) involves a bypass of rules in the Rewrite Valve component. The second vulnerability (CVE-2025-55752) involves a directory traversal via rewrite with possible remote code execution. Red Hat has released updated Tomcat packages to address these issues. The update is rated as having an Important security impact by Red Hat Product Security.

Two security vulnerabilities have been identified in Apache Tomcat as packaged by Red Hat Enterprise Linux 8. 8. The first (CVE-2025-31651) involves a bypass of rules in the Rewrite Valve component. The second (CVE-2025-55752) involves a directory traversal vulnerability via rewrite rules that could potentially lead to remote code execution. Red Hat has issued a security advisory and released updated Tomcat packages to address these issues.

Red Hat has issued a security advisory for Apache Tomcat addressing two vulnerabilities: a bypass of rules in the Rewrite Valve (CVE-2025-31651) and a directory traversal via rewrite with possible remote code execution (CVE-2025-55752). These issues affect Red Hat Enterprise Linux 9. 2 and related packages. The advisory rates the impact as Important and provides updated packages to remediate the vulnerabilities.

Two security vulnerabilities have been identified in Apache Tomcat as packaged in Red Hat Enterprise Linux 9. 4 Extended Update Support. The first vulnerability (CVE-2025-31651) involves a bypass of rules in the Rewrite Valve component. The second vulnerability (CVE-2025-55752) concerns a directory traversal issue via rewrite functionality that could potentially lead to remote code execution. Red Hat has issued security updates addressing these issues in Tomcat version 9. 0. 87-1. el9_4. 7. The update is rated as having an Important security impact by Red Hat Product Security.

Two security vulnerabilities have been identified in Apache Tomcat as packaged by Red Hat Enterprise Linux 8. These include a bypass of rules in the Rewrite Valve (CVE-2025-31651) and a directory traversal vulnerability via rewrite that may allow remote code execution (CVE-2025-55752). Red Hat has issued an important security update to address these issues in Tomcat version 9. 0. 87-1. el8_10. 7. The update is available for multiple architectures including x86_64, s390x, ppc64le, and aarch64. Users of affected Red Hat Enterprise Linux 8 versions should apply the update to mitigate these vulnerabilities.

Two security vulnerabilities affecting Apache Tomcat in Red Hat Enterprise Linux 9 have been addressed. The first (CVE-2025-31651) involves a bypass of rules in the Rewrite Valve. The second (CVE-2025-55752) involves a directory traversal vulnerability via rewrite that could potentially lead to remote code execution. Red Hat has released updated packages to fix these issues in Tomcat version 9. 0. 87-6. el9_7. 1 for multiple architectures. The update is rated as having an Important security impact by Red Hat Product Security.