A recently disclosed security flaw impacting Apache Tomcat has come under active exploitation in the wild following the release of a public proof-of-concept (PoC) a mere 30 hours after public disclosure. The vulnerability, tracked as CVE-2025-24813, affects the below versions -

Apache Tomcat 11.0.0-M1 to 11.0.2 Apache Tomcat 10.1.0-M1 to 10.1.34 Apache Tomcat 9.0.0-M1 to 9.0.98

It concerns a

  • drkt@lemmy.dbzer0.com
    link
    fedilink
    English
    arrow-up
    1
    ·
    22 hours ago

    I wonder if that has anything to do with the Tomcat test pages that have been showing up on my honeypot.