Improper Input Validation vulnerability in Apache Tomcat. Incorrect error handling for some invalid HTTP priority headers resulted in incomplete clean-up of the failed request which created a memory leak. A large number of such requests could trigger an OutOfMemoryException resulting in a denial of service. This issue affects Apache Tomcat: from 9.0.76 through 9.0.102, from 10.1.10 through 10.1.39, from 11.0.0-M2 through 11.0.5. Users are recommended to upgrade to version 9.0.104, 10.1.40 or 11.0.6 which fix the issue.

The version of Tomcat installed on the remote host is prior to 9.0.104. It is, therefore, affected by multiple vulnerabilities as referenced in the fixed_in_apache_tomcat_9.0.104_security-9 advisory.

  - Improper Input Validation vulnerability in Apache Tomcat. Incorrect error handling for some invalid HTTP     priority headers resulted in incomplete clean-up of the failed request which created a memory leak. A     large number of such requests could trigger an OutOfMemoryException resulting in a denial of service. This     issue affects Apache Tomcat: from 9.0.76 through 9.0.102, from 10.1.10 through 10.1.39, from 11.0.0-M2     through 11.0.5. Users are recommended to upgrade to version 9.0.104, 10.1.40 or 11.0.6 which fix the     issue. (CVE-2025-31650)

  - Improper Neutralization of Escape, Meta, or Control Sequences vulnerability in Apache Tomcat. For a subset     of unlikely rewrite rule configurations, it was possible for a specially crafted request to bypass some     rewrite rules. If those rewrite rules effectively enforced security constraints, those constraints could     be bypassed. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.5, from 10.1.0-M1 through     10.1.39, from 9.0.0.M1 through 9.0.102. Users are recommended to upgrade to version [FIXED_VERSION], which     fixes the issue. (CVE-2025-31651)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The version of Tomcat installed on the remote host is prior to 10.1.40. It is, therefore, affected by multiple vulnerabilities as referenced in the fixed_in_apache_tomcat_10.1.40_security-10 advisory.

  - Improper Input Validation vulnerability in Apache Tomcat. Incorrect error handling for some invalid HTTP     priority headers resulted in incomplete clean-up of the failed request which created a memory leak. A     large number of such requests could trigger an OutOfMemoryException resulting in a denial of service. This     issue affects Apache Tomcat: from 9.0.76 through 9.0.102, from 10.1.10 through 10.1.39, from 11.0.0-M2     through 11.0.5. Users are recommended to upgrade to version 9.0.104, 10.1.40 or 11.0.6 which fix the     issue. (CVE-2025-31650)

  - Improper Neutralization of Escape, Meta, or Control Sequences vulnerability in Apache Tomcat. For a subset     of unlikely rewrite rule configurations, it was possible for a specially crafted request to bypass some     rewrite rules. If those rewrite rules effectively enforced security constraints, those constraints could     be bypassed. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.5, from 10.1.0-M1 through     10.1.39, from 9.0.0.M1 through 9.0.102. Users are recommended to upgrade to version [FIXED_VERSION], which     fixes the issue. (CVE-2025-31651)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The version of Tomcat installed on the remote host is prior to 11.0.6. It is, therefore, affected by multiple vulnerabilities as referenced in the fixed_in_apache_tomcat_11.0.6_security-11 advisory.

  - Improper Input Validation vulnerability in Apache Tomcat. Incorrect error handling for some invalid HTTP     priority headers resulted in incomplete clean-up of the failed request which created a memory leak. A     large number of such requests could trigger an OutOfMemoryException resulting in a denial of service. This     issue affects Apache Tomcat: from 9.0.76 through 9.0.102, from 10.1.10 through 10.1.39, from 11.0.0-M2     through 11.0.5. Users are recommended to upgrade to version 9.0.104, 10.1.40 or 11.0.6 which fix the     issue. (CVE-2025-31650)

  - Improper Neutralization of Escape, Meta, or Control Sequences vulnerability in Apache Tomcat. For a subset     of unlikely rewrite rule configurations, it was possible for a specially crafted request to bypass some     rewrite rules. If those rewrite rules effectively enforced security constraints, those constraints could     be bypassed. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.5, from 10.1.0-M1 through     10.1.39, from 9.0.0.M1 through 9.0.102. Users are recommended to upgrade to version [FIXED_VERSION], which     fixes the issue. (CVE-2025-31651)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

ID	Name	Product	Family	Severity
235034	Apache Tomcat 9.0.0.M1 < 9.0.104 multiple vulnerabilities	Nessus	Web Servers	high
235033	Apache Tomcat 10.1.0.M1 < 10.1.40 multiple vulnerabilities	Nessus	Web Servers	high
235032	Apache Tomcat 11.0.0.M1 < 11.0.6 multiple vulnerabilities	Nessus	Web Servers	high

Detections

Analytics

CVE-2025-31650

high

Tenable Plugins

high

high

high