Apache Tomcat December Vulnerability Security Update Advisory

Dec 18 2024

Overview

Apache Tomcat(https://tomcat.apache.org/) has released a security update that addresses a vulnerability in its shipped products. Users of affected products are advised to update to the latest version.

Affected Products

Apache Tomcat 9.0.0.M1 – 9.0.97

Apache Tomcat 11.0.0-M1 – 11.0.1

Apache Tomcat 10.1.0-M1 – 10.1.33

Resolved Vulnerabilities

Denial of Service Attack Vulnerability in Apache Tomcat (CVE-2024-54677, CVSS 5.3)

Remote code execution vulnerability in Apache Tomcat (CVE-2024-50379, CVSS 9.8)

Vulnerability Patches

Please follow the security advisory published on December 17, 2024 to update to the applicable version and the latest version.

Apache Tomcat 9.0.98

Apache Tomcat 11.0.2

Apache Tomcat 10.1.34

Referenced Sites

[1] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50379

[2] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-54677

[3] https://tomcat.apache.org/security

Apache Tomcat December Vulnerability Security Update Advisory

Overview

Affected Products

Resolved Vulnerabilities

Vulnerability Patches

Referenced Sites

IBM Product Security Update Advisory

Cleo Product Security Update Advisory (CVE-2024-55956)

Overview

Affected Products

Resolved Vulnerabilities

Vulnerability Patches

Referenced Sites

Tags:

IBM Product Security Update Advisory

Cleo Product Security Update Advisory (CVE-2024-55956)