SUSE-SU-2025:4184-1

See a problem?
Please try reporting it to the source first.
Source
https://www.suse.com/support/update/announcement/2025/suse-su-20254184-1/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2025:4184-1.json
JSON Data
https://api.osv.dev/v1/vulns/SUSE-SU-2025:4184-1
Upstream
Related
Published
2025-11-24T07:56:52Z
Modified
2025-11-24T13:49:33.484301Z
Summary
Security update for tomcat
Details

This update for tomcat fixes the following issues:

  • CVE-2025-55752: Fixed directory traversal via rewrite with possible RCE if PUT is enabled (bsc#1252753)
  • CVE-2025-55754: Fixed improper neutralization of escape, meta, or control sequences vulnerability (bsc#1252905)
  • CVE-2025-61795: Fixed denial of service due to temporary copies during the processing of multipart upload (bsc#1252756)
References

Affected packages