Vulnerabilities > Apache > Tomcat > 9.0.99

DATE CVE VULNERABILITY TITLE RISK
2025-04-28 CVE-2025-31650 Incomplete Cleanup vulnerability in Apache Tomcat
Improper Input Validation vulnerability in Apache Tomcat.
network
low complexity
apache CWE-459
7.5
7.5
2025-04-28 CVE-2025-31651 Improper Encoding or Escaping of Output vulnerability in Apache Tomcat
Improper Neutralization of Escape, Meta, or Control Sequences vulnerability in Apache Tomcat. For a subset of unlikely rewrite rule configurations, it was possible for a specially crafted request to bypass some rewrite rules.
network
low complexity
apache CWE-116
critical
 9.8
9.8