Improper Resource Shutdown or Release vulnerability in Apache Tomcat. If an error occurred (including exceeding limits) during the processing of a multipart upload, temporary copies of the uploaded parts written to disc were not cleaned up immediately but left for the garbage collection process to delete. Depending on JVM settings, application memory usage and application load, it was possible that space for the temporary copies of uploaded parts would be filled faster than GC cleared it, leading to a DoS. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.11, from 10.1.0-M1 through 10.1.46, from 9.0.0.M1 through 9.0.109. The following versions were EOL at the time the CVE was created but are known to be affected: 8.5.0 though 8.5.100. Other, older, EOL versions may also be affected. Users are recommended to upgrade to version 11.0.12 or later, 10.1.47 or later or 9.0.110 or later which fixes the issue.

opensuse openSUSE-SU-2025-20106-1: openSUSE 16 : Security update for tomcat11 (Important) (openSUSE-SU-2025-20106-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:4184-1 advisory.

    - CVE-2025-55752: Fixed directory traversal via rewrite with possible RCE if PUT is enabled (bsc#1252753)
    - CVE-2025-55754: Fixed improper neutralization of escape, meta, or control sequences vulnerability     (bsc#1252905)
    - CVE-2025-61795: Fixed denial of service due to temporary copies during the processing of multipart     upload (bsc#1252756)

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:4159-1 advisory.

    Update to Tomcat 9.0.111:

      - CVE-2025-55752: Fixed directory traversal via rewrite with possible RCE if PUT           is enabled (bsc#1252753)
      - CVE-2025-55754: Fixed improper neutralization of escape, meta, or control           sequences vulnerability (bsc#1252905)
      - CVE-2025-61795: Fixed denial of service due to temporary copies during           the processing of multipart upload (bsc#1252756)

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:4103-1 advisory.

    Update to Tomcat 10.1.48

     - CVE-2025-55752: Fixed directory traversal via rewrite with possible RCE if PUT           is enabled (bsc#1252753)
      - CVE-2025-55754: Fixed improper neutralization of escape, meta, or control           sequences vulnerability (bsc#1252905)
      - CVE-2025-61795: Fixed denial of service due to temporary copies during           the processing of multipart upload (bsc#1252756)

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:4086-1 advisory.

    Update to Tomcat 11.0.13

     - CVE-2025-55752: Fixed directory traversal via rewrite with possible RCE if PUT           is enabled (bsc#1252753)
      - CVE-2025-55754: Fixed improper neutralization of escape, meta, or control           sequences vulnerability (bsc#1252905)
      - CVE-2025-61795: Fixed denial of service due to temporary copies during           the processing of multipart upload (bsc#1252756)

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-1281 advisory.

    Relative Path Traversal vulnerability in Apache Tomcat.

    The fix for bug 60013 introduced a regression where the       rewritten URL was normalized before it was     decoded. This introduced the       possibility that, for rewrite rules that rewrite query parameters to     the       URL, an attacker could manipulate the request URI to bypass security       constraints including     the protection for /WEB-INF/ and /META-INF/. If PUT requests were also enabled then malicious files could     be uploaded leading to remote code execution. PUT requests are normally limited to trusted users and it is     considered unlikely that PUT requests would be enabled in conjunction with a rewrite that manipulated the     URI.



    This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.10, from 10.1.0-M1 through 10.1.44, from     9.0.0.M11 through 9.0.108.

    The following versions were EOL at the time the CVE was created but areknown to be affected: 8.5.6 though     8.5.100. Other, older, EOL versions may also be affected.Users are recommended to upgrade to version     11.0.11 or later, 10.1.45 or later or 9.0.109 or later, which fix the issue. (CVE-2025-55752)

    Improper Resource Shutdown or Release vulnerability in Apache Tomcat.

    If an error occurred (including exceeding limits) during the processing of a multipart upload, temporary     copies of the uploaded parts written to disc were not cleaned up immediately but left for the garbage     collection process to delete. Depending on JVM settings, application memory usage and application load, it     was possible that space for the temporary copies of uploaded parts would be filled faster than GC cleared     it, leading to a DoS.



    This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.11, from 10.1.0-M1 through 10.1.46, from     9.0.0.M1 through 9.0.109.

    The following versions were EOL at the time the CVE was created but areknown to be affected: 8.5.0 though     8.5.100. Other, older, EOL versions may also be affected.Users are recommended to upgrade to version     11.0.12 or later, 10.1.47 or later or 9.0.110 or later which fixes the issue. (CVE-2025-61795)

Tenable has extracted the preceding description block directly from the tested product security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-1280 advisory.

    Relative Path Traversal vulnerability in Apache Tomcat.

    The fix for bug 60013 introduced a regression where the       rewritten URL was normalized before it was     decoded. This introduced the       possibility that, for rewrite rules that rewrite query parameters to     the       URL, an attacker could manipulate the request URI to bypass security       constraints including     the protection for /WEB-INF/ and /META-INF/. If PUT requests were also enabled then malicious files could     be uploaded leading to remote code execution. PUT requests are normally limited to trusted users and it is     considered unlikely that PUT requests would be enabled in conjunction with a rewrite that manipulated the     URI.



    This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.10, from 10.1.0-M1 through 10.1.44, from     9.0.0.M11 through 9.0.108.

    The following versions were EOL at the time the CVE was created but areknown to be affected: 8.5.6 though     8.5.100. Other, older, EOL versions may also be affected.Users are recommended to upgrade to version     11.0.11 or later, 10.1.45 or later or 9.0.109 or later, which fix the issue. (CVE-2025-55752)

    Improper Resource Shutdown or Release vulnerability in Apache Tomcat.

    If an error occurred (including exceeding limits) during the processing of a multipart upload, temporary     copies of the uploaded parts written to disc were not cleaned up immediately but left for the garbage     collection process to delete. Depending on JVM settings, application memory usage and application load, it     was possible that space for the temporary copies of uploaded parts would be filled faster than GC cleared     it, leading to a DoS.



    This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.11, from 10.1.0-M1 through 10.1.46, from     9.0.0.M1 through 9.0.109.

    The following versions were EOL at the time the CVE was created but areknown to be affected: 8.5.0 though     8.5.100. Other, older, EOL versions may also be affected.Users are recommended to upgrade to version     11.0.12 or later, 10.1.47 or later or 9.0.110 or later which fixes the issue. (CVE-2025-61795)

Tenable has extracted the preceding description block directly from the tested product security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The version of tomcat installed on the remote host is prior to 7.0.76-10. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-3067 advisory.

    Improper Resource Shutdown or Release vulnerability in Apache Tomcat.

    If an error occurred (including exceeding limits) during the processing of a multipart upload, temporary     copies of the uploaded parts written to disc were not cleaned up immediately but left for the garbage     collection process to delete. Depending on JVM settings, application memory usage and application load, it     was possible that space for the temporary copies of uploaded parts would be filled faster than GC cleared     it, leading to a DoS.



    This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.11, from 10.1.0-M1 through 10.1.46, from     9.0.0.M1 through 9.0.109.

    The following versions were EOL at the time the CVE was created but areknown to be affected: 8.5.0 though     8.5.100. Other, older, EOL versions may also be affected.Users are recommended to upgrade to version     11.0.12 or later, 10.1.47 or later or 9.0.110 or later which fixes the issue. (CVE-2025-61795)

Tenable has extracted the preceding description block directly from the tested product security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of tomcat installed on the remote host is prior to 9.0.110-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2TOMCAT9-2025-023 advisory.

    Relative Path Traversal vulnerability in Apache Tomcat.

    The fix for bug 60013 introduced a regression where the       rewritten URL was normalized before it was     decoded. This introduced the       possibility that, for rewrite rules that rewrite query parameters to     the       URL, an attacker could manipulate the request URI to bypass security       constraints including     the protection for /WEB-INF/ and /META-INF/. If PUT requests were also enabled then malicious files could     be uploaded leading to remote code execution. PUT requests are normally limited to trusted users and it is     considered unlikely that PUT requests would be enabled in conjunction with a rewrite that manipulated the     URI.



    This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.10, from 10.1.0-M1 through 10.1.44, from     9.0.0.M11 through 9.0.108.

    The following versions were EOL at the time the CVE was created but areknown to be affected: 8.5.6 though     8.5.100. Other, older, EOL versions may also be affected.Users are recommended to upgrade to version     11.0.11 or later, 10.1.45 or later or 9.0.109 or later, which fix the issue. (CVE-2025-55752)

    Improper Resource Shutdown or Release vulnerability in Apache Tomcat.

    If an error occurred (including exceeding limits) during the processing of a multipart upload, temporary     copies of the uploaded parts written to disc were not cleaned up immediately but left for the garbage     collection process to delete. Depending on JVM settings, application memory usage and application load, it     was possible that space for the temporary copies of uploaded parts would be filled faster than GC cleared     it, leading to a DoS.



    This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.11, from 10.1.0-M1 through 10.1.46, from     9.0.0.M1 through 9.0.109.

    The following versions were EOL at the time the CVE was created but areknown to be affected: 8.5.0 though     8.5.100. Other, older, EOL versions may also be affected.Users are recommended to upgrade to version     11.0.12 or later, 10.1.47 or later or 9.0.110 or later which fixes the issue. (CVE-2025-61795)

Tenable has extracted the preceding description block directly from the tested product security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The version of Apache Tomcat installed on the remote host is 9.0.0-M1 prior to 9.0.110, 10.1.0-M1 prior to 10.1.47 or 11.0.0-M1 prior to 11.0.12. It is, therefore, affected by a denial of service vulnerability due to delayed cleaning of multipart upload temporary files.

Note that the scanner has not attempted to exploit these issues but has instead relied only on the application's self-reported version number.

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

  - Improper Resource Shutdown or Release vulnerability in Apache Tomcat. If an error occurred (including     exceeding limits) during the processing of a multipart upload, temporary copies of the uploaded parts     written to disc were not cleaned up immediately but left for the garbage collection process to delete.
    Depending on JVM settings, application memory usage and application load, it was possible that space for     the temporary copies of uploaded parts would be filled faster than GC cleared it, leading to a DoS. This     issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.11, from 10.1.0-M1 through 10.1.46, from 9.0.0.M1     through 9.0.109. The following versions were EOL at the time the CVE was created but are known to be     affected: 8.5.0 though 8.5.100. Other, older, EOL versions may also be affected. Users are recommended to     upgrade to version 11.0.12 or later, 10.1.47 or later or 9.0.110 or later which fixes the issue.
    (CVE-2025-61795)

Note that Nessus relies on the presence of the package as reported by the vendor.

The version of Tomcat installed on the remote host is prior to 11.0.12. It is, therefore, affected by a vulnerability as referenced in the fixed_in_apache_tomcat_11.0.12_security-11 advisory.

  - Improper Resource Shutdown or Release vulnerability in Apache Tomcat. If an error occurred (including     exceeding limits) during the processing of a multipart upload, temporary copies of the uploaded parts     written to disc were not cleaned up immediately but left for the garbage collection process to delete.
    Depending on JVM settings, application memory usage and application load, it was possible that space for     the temporary copies of uploaded parts would be filled faster than GC cleared it, leading to a DoS. This     issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.11, from 10.1.0-M1 through 10.1.46, from 9.0.0.M1     through 9.0.109. The following versions were EOL at the time the CVE was created but are known to be     affected: 8.5.0 though 8.5.100. Other, older, EOL versions may also be affected. Users are recommended to     upgrade to version 11.0.12 or later, 10.1.47 or later or 9.0.110 or later which fixes the issue.
    (CVE-2025-61795)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of Tomcat installed on the remote host is prior to 10.1.47. It is, therefore, affected by a vulnerability as referenced in the fixed_in_apache_tomcat_10.1.47_security-10 advisory.

  - Improper Resource Shutdown or Release vulnerability in Apache Tomcat. If an error occurred (including     exceeding limits) during the processing of a multipart upload, temporary copies of the uploaded parts     written to disc were not cleaned up immediately but left for the garbage collection process to delete.
    Depending on JVM settings, application memory usage and application load, it was possible that space for     the temporary copies of uploaded parts would be filled faster than GC cleared it, leading to a DoS. This     issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.11, from 10.1.0-M1 through 10.1.46, from 9.0.0.M1     through 9.0.109. The following versions were EOL at the time the CVE was created but are known to be     affected: 8.5.0 though 8.5.100. Other, older, EOL versions may also be affected. Users are recommended to     upgrade to version 11.0.12 or later, 10.1.47 or later or 9.0.110 or later which fixes the issue.
    (CVE-2025-61795)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of Tomcat installed on the remote host is prior to 9.0.110. It is, therefore, affected by a vulnerability as referenced in the fixed_in_apache_tomcat_9.0.110_security-9 advisory.

  - Improper Resource Shutdown or Release vulnerability in Apache Tomcat. If an error occurred (including     exceeding limits) during the processing of a multipart upload, temporary copies of the uploaded parts     written to disc were not cleaned up immediately but left for the garbage collection process to delete.
    Depending on JVM settings, application memory usage and application load, it was possible that space for     the temporary copies of uploaded parts would be filled faster than GC cleared it, leading to a DoS. This     issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.11, from 10.1.0-M1 through 10.1.46, from 9.0.0.M1     through 9.0.109. The following versions were EOL at the time the CVE was created but are known to be     affected: 8.5.0 though 8.5.100. Other, older, EOL versions may also be affected. Users are recommended to     upgrade to version 11.0.12 or later, 10.1.47 or later or 9.0.110 or later which fixes the issue.
    (CVE-2025-61795)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

ID	Name	Product	Family	Severity
276912	SUSE SLES12 Security Update : tomcat (SUSE-SU-2025:4184-1)	Nessus	SuSE Local Security Checks	high
276528	SUSE SLES15 / openSUSE 15 Security Update : tomcat (SUSE-SU-2025:4159-1)	Nessus	SuSE Local Security Checks	high
275491	SUSE SLES15 / openSUSE 15 Security Update : tomcat10 (SUSE-SU-2025:4103-1)	Nessus	SuSE Local Security Checks	high
275272	SUSE SLES15 / openSUSE 15 Security Update : tomcat11 (SUSE-SU-2025:4086-1)	Nessus	SuSE Local Security Checks	high
274699	Amazon Linux 2023 : tomcat9, tomcat9-admin-webapps, tomcat9-el-3.0-api (ALAS2023-2025-1281)	Nessus	Amazon Linux Local Security Checks	high
274659	Amazon Linux 2023 : tomcat10, tomcat10-admin-webapps, tomcat10-el-5.0-api (ALAS2023-2025-1280)	Nessus	Amazon Linux Local Security Checks	high
274653	Amazon Linux 2 : tomcat, --advisory ALAS2-2025-3067 (ALAS-2025-3067)	Nessus	Amazon Linux Local Security Checks	medium
274634	Amazon Linux 2 : tomcat, --advisory ALAS2TOMCAT9-2025-023 (ALASTOMCAT9-2025-023)	Nessus	Amazon Linux Local Security Checks	high
115023	Apache Tomcat 9.0.0-M1 < 9.0.110 Denial of Service	Web App Scanning	Component Vulnerability	medium
115022	Apache Tomcat 10.1.0-M1 < 10.1.47 Denial of Service	Web App Scanning	Component Vulnerability	medium
115021	Apache Tomcat 11.0.0-M1 < 11.0.12 Denial of Service	Web App Scanning	Component Vulnerability	medium
271822	Linux Distros Unpatched Vulnerability : CVE-2025-61795	Nessus	Misc.	medium
271696	Apache Tomcat 11.0.0.M1 < 11.0.12	Nessus	Web Servers	high
271695	Apache Tomcat 10.1.0.M1 < 10.1.47	Nessus	Web Servers	high
271694	Apache Tomcat 9.0.0.M1 < 9.0.110	Nessus	Web Servers	high

Detections

Analytics

CVE-2025-61795

medium

Tenable Plugins

Coming Soon

high

high

high

high

high

high

medium

high

medium

medium

medium

medium

high

high

high