Description:
Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies.
Security Fix(es):
* tomcat: Apache Tomcat: Authentication bypass when using Jakarta Authentication API (CVE-2024-52316)
* tomcat: Apache Tomcat: DoS in examples web application (CVE-2024-54677)
* tomcat: Potential RCE and/or information disclosure and/or information corruption with partial PUT (CVE-2025-24813)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Updated packages listed below:
Architecture |
Package |
Checksum |
noarch |
tomcat-webapps-10.1.36-1.el10_0.noarch.rpm |
682605cafa9b7e186e4df4817f9a73e5a5cdeee241b4d37a6c2a05931ec063c9 |
noarch |
tomcat-lib-10.1.36-1.el10_0.noarch.rpm |
7f26a0dd4e3b27353200bb5fceb97a24589de854d2b6487703652a54fc2762a8 |
noarch |
tomcat-admin-webapps-10.1.36-1.el10_0.noarch.rpm |
81fb1786c342a295dc1658ad036603afc58f45207b9f8fa70331434990e2547a |
noarch |
tomcat-el-5.0-api-10.1.36-1.el10_0.noarch.rpm |
9a1faab42410519a576de15d8fd0e7ee811e637bc4ef7a9680696cffe37d0a2e |
noarch |
tomcat-docs-webapp-10.1.36-1.el10_0.noarch.rpm |
aa2e8940747c61d410b95fa290e739d92f12bb8355f75cbc728b7fe0bc07a37a |
noarch |
tomcat-servlet-6.0-api-10.1.36-1.el10_0.noarch.rpm |
b061109bc255ff0bcf7fb962103896ed71afbbf5354f445fec6dabd962cafb9f |
noarch |
tomcat-10.1.36-1.el10_0.noarch.rpm |
c537f204e675fb99f007abe17e83de5cdfff94e2aa39ac4c96218794a1c9487f |
noarch |
tomcat-jsp-3.1-api-10.1.36-1.el10_0.noarch.rpm |
d274238c3adfe7b418bfaa6b5f9c672bb2116e388e0804063bb76ef5b75507b7 |