Kaspersky Threats — A página que você está procurando não foi encontrada.<br>Mas você pode ver nossas mais recentes vulnerabilidades e ameaças descritas.

Descrição

Multiple vulnerabilities were found in Apache Tomcat. Malicious users can exploit these vulnerabilities to obtain sensitive information, bypass security restrictions, execute arbitrary code.

Below is a complete list of vulnerabilities:

Configured cipher preference order not preserved vulnerability in Apache Tomcat can be exploited to obtain sensitive information.
Improper Input Validation vulnerability in Apache Tomcat can be exploited to bypass security restrictions.
Security vulnerability can be exploited to bypass security restrictions.
Padding Oracle vulnerability in Apache Tomcat can be exploited to obtain sensitive information.
Occasional URL redirection to untrusted Site (‘Open Redirect’) vulnerability in Apache Tomcat can be exploited to obtain sensitive information.
Inconsistent Interpretation of HTTP Requests (‘HTTP Request/Response Smuggling’) vulnerability in Apache Tomcat can be exploited to execute arbitrary code.

Comunicados originais

Fixed in Apache Tomcat 9.0.116

Exploração

Public exploits exist for this vulnerability.

Produtos relacionados

Apache-Tomcat

Lista de CVE

CVE-2026-24880
critical
CVE-2026-25854
high
CVE-2026-29129
critical
CVE-2026-29145
critical
CVE-2026-29146
critical
CVE-2026-32990
high

Saiba mais

Descubra as estatísticas das vulnerabilidades que se espalham em sua região statistics.securelist.com

Encontrou uma imprecisão na descrição desta vulnerabilidade? Avise-nos!