Apache Tomcat Archives - Security Affairs

Pierluigi Paganini March 17, 2025

Threat actors rapidly exploit new Apache Tomcat flaw following PoC release

Threat actors began exploiting a recently disclosed Apache Tomcat vulnerability immediately after the release of a PoC exploit code. A newly disclosed Apache Tomcat vulnerability, tracked as CVE-2025-24813, is being actively exploited just 30 hours after a public PoC was released. The issue is a path equivalence flaw in Apache Tomcat that allows remote code execution […]

Pierluigi Paganini December 24, 2024

Apache Foundation fixed a severe Tomcat vulnerability

The Apache Software Foundation fixed a Tomcat server software flaw that could lead to remote code execution under certain conditions. The Apache Software Foundation (ASF) addressed an important vulnerability, tracked as CVE-2024-56337, in its Tomcat server software. The researchers warn that exploiting this vulnerability could result in remote code execution under certain conditions. Apache Tomcat […]

Pierluigi Paganini March 03, 2020

Experts warn of mass scans for Apache Tomcat Ghostcat flaw

Experts warn of ongoing scans for Apache Tomcat servers affected by the Ghostcat flaw that could allow attackers to take over servers. Security experts are warning of ongoing scans for Apache Tomcat servers affected by the recently disclosed Ghostcat vulnerability CVE-2020-1938. The flaw affects all versions of Apache Tomcat, it could be exploited by attackers […]

Pierluigi Paganini February 28, 2020

All versions of Apache Tomcat are affected by the Ghostcat flaw

Ghostcat flaw affects all versions of Apache Tomcat and could be exploited by hackers to read configuration files or install backdoors on vulnerable servers. All versions of Apache Tomcat are affected by a vulnerability dubbed Ghostcat that could be exploited by attackers to read configuration files or install backdoors on vulnerable servers. The vulnerability, tracked as […]

Pierluigi Paganini July 25, 2018

Apache Software Foundation fixes important flaws in Apache Tomcat

The Apache Software Foundation has rolled out security updates for the Tomcat application server that address several flaws. The Apache Software Foundation has released security updates for the Tomcat application server that address several vulnerabilities, including issues that trigger a denial-of-service (DoS) condition or can lead to information disclosure. Apache Tomcat is an open-source Java Servlet Container that implements […]

Pierluigi Paganini October 11, 2016

Hurry up,fix the CVE-2016-5425 privilege escalation flaw in Apache Tomcat

The security research Dawid Golunski reported a Root Privilege Escalation in the Apache Tomcat (RedHat-based distros) tracked as CVE-2016-5425. Apache Tomcat packages provided by default repositories of RedHat-based distributions (i.e. CentOS, RedHat, OracleLinux, Fedora, etc.) create a tmpfiles.d configuration file with insecure permissions. The configuration file /usr/lib/tmpfiles.d/tomcat.conf could be modified by a member of the tomcat group or by a malicious […]

Apache Tomcat

Threat actors rapidly exploit new Apache Tomcat flaw following PoC release

Apache Foundation fixed a severe Tomcat vulnerability

Experts warn of mass scans for Apache Tomcat Ghostcat flaw

All versions of Apache Tomcat are affected by the Ghostcat flaw

Apache Software Foundation fixes important flaws in Apache Tomcat

Hurry up,fix the CVE-2016-5425 privilege escalation flaw in Apache Tomcat

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

SonicWall warns customers to reset credentials after MySonicWall backups were exposed

CVE-2025-10585 is the sixth actively exploited Chrome zero-day patched by Google in 2025

Jaguar Land Rover will extend its production halt into a third week following a cyberattack

China-linked APT41 targets government, think tanks, and academics tied to US-China trade and policy

Microsoft and Cloudflare teamed up to dismantle the RaccoonO365 phishing service

QUICK LINKS

Apache Tomcat

newsletter

Subscribe to my email list and stay up-to-date!

recent articles

Subscribe to my email list and stay
up-to-date!