Apache Tomcat Vulnerability Security Update Advisory (CVE-2025-48989)

Aug 14 2025

Overview

Apache Tomcat(https://tomcat.apache.org/) has released a security update that addresses a vulnerability in its shipped products. Users of affected products are advised to update to the latest version.

Affected Products

Apache Tomcat 9.0.0.M1 – 9.0.107

Apache Tomcat 11.0.0-M1 – 11.0.9

Apache Tomcat 10.1.0-M1 – 10.1.43

Resolved Vulnerabilities

Denial of Service Attack Vulnerability in Apache Tomcat (CVE-2025-48989, CVSS 7.5)

Vulnerability Patches

Please follow the security advisory published on August 13, 2025 to update to the applicable version and the latest version.

Apache Tomcat 9.0.108

Apache Tomcat 11.0.10

Apache Tomcat 10.1.44

Referenced Sites

[1] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48989

[2] https://tomcat.apache.org/security

Apache Tomcat Vulnerability Security Update Advisory (CVE-2025-48989)

Overview

Affected Products

Resolved Vulnerabilities

Vulnerability Patches

Referenced Sites

Ivanti Product Security Update Advisory

Google Chrome Browser (139.0.7258.127/.128) Security Update Advisory

Overview

Affected Products

Resolved Vulnerabilities

Vulnerability Patches

Referenced Sites

Tags:

Ivanti Product Security Update Advisory

Google Chrome Browser (139.0.7258.127/.128) Security Update Advisory