FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2025-07-20 04:36:57 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
ef87346f-5dd0-11f0-beb2-ac5afc632ba3Apache Tomcat -- Multiple Vulnerabilities

security@apache.org reports:

A race condition on connection close could trigger a JVM crash when using the APR/Native connector leading to a DoS. This was particularly noticeable with client initiated closes of HTTP/2 connections.

An uncontrolled resource consumption vulnerability if an HTTP/2 client did not acknowledge the initial settings frame that reduces the maximum permitted concurrent streams could result in a DoS.

For some unlikely configurations of multipart upload, an Integer Overflow vulnerability could lead to a DoS via bypassing of size limits.


Discovery 2025-07-10
Entry 2025-07-10
Modified 2025-07-15
tomcat110
>= 11.0.0 lt 11.0.9

tomcat101
>= 10.1.0 lt 10.1.43

tomcat9
>= 9.0.0 lt 9.0.107

CVE-2025-52434
https://nvd.nist.gov/vuln/detail/CVE-2025-52434
CVE-2025-52520
https://nvd.nist.gov/vuln/detail/CVE-2025-52520
CVE-2025-53506
https://nvd.nist.gov/vuln/detail/CVE-2025-53506