Apache Tomcat
Easy fix4 remedies
cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*, +1 more
Easy fix4 remedies
- >= 11.0.0-M1, <= 11.0.10
- >= 10.1.0-M1, <= 10.1.44
- >= 9.0.0.M11, <= 9.0.108
- >= 8.5.6, <= 8.5.100
Apache Tomcat Relative Path Traversal Vulnerability with Potential Remote Code Execution
Vulnerability
Patched
A relative path traversal vulnerability has been identified in Apache Tomcat versions 11.0.0-M1 prior to 11.0.10, 10.1.0-M1 prior to 10.1.44, and 9.0.0.M11 prior to 9.0.108. This vulnerability arises from a regression introduced by the fix for bug 60013, which normalized rewritten URLs before decoding them. As a result, an attacker could manipulate the request URI to bypass security constraints, particularly those protecting the /WEB-INF/ and /META-INF/ directories. If PUT requests were enabled, this could lead to the upload of malicious files and remote code execution, although it is generally unlikely for PUT requests to be allowed alongside such a URI-manipulating rewrite.
Impact
Exploitation of this vulnerability could result in unauthorized access to restricted directories and, if PUT requests are enabled, allow for remote code execution by uploading malicious files.
Remediation
Users are advised to upgrade to Apache Tomcat 11.0.11 or later, 10.1.45 or later, or 9.0.109 or later.
Added: Oct 27, 2025, 6:20 PM
Updated: Oct 27, 2025, 6:20 PM
Vulnerability Rating
Custom Algorithm
spread
8.8impact
7.5exploitability
5.4remediation
8.3relevance
0.8threat
0.0urgency
2.9incentive
1.7Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.