ALSA-2025:7497

Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies.

Security Fix(es):

• tomcat: Apache Tomcat: Authentication bypass when using Jakarta Authentication API (CVE-2024-52316)
• tomcat: Apache Tomcat: DoS in examples web application (CVE-2024-54677)
• tomcat: Potential RCE and/or information disclosure and/or information corruption with partial PUT (CVE-2025-24813)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.