Uploaded image for project: 'RHEL'
  1. RHEL
  2. RHEL-126222

Please backport upstream fix for CVE-2025-55752 [c9s]

Linking RHIVOS CVEs to...Migration: Automation ...RHELPRIO AssignedTeam ...SWIFT: POC ConversionSync from "Extern...XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Unresolved
    • Icon: Undefined Undefined
    • None
    • CentOS Stream 9
    • tomcat
    • None
    • None
    • None
    • rhel-sst-middleware
    • None
    • False
    • False
    • Hide

      None

      Show
      None
    • None
    • None
    • None
    • None
    • Unspecified
    • Unspecified
    • Unspecified
    • None

      What were you trying to do that didn't work?

      I'd like to request a backport of the upstream fix for CVE-2025-55752 (https://github.com/apache/tomcat/commit/fec06c610ed7466b401e29cc567a58aee5ed826a) as it can potentially lead to RCE.

      What is the impact of this issue to you?

      https://access.redhat.com/security/cve/cve-2025-55752 impacts the tomcat package in CentOS Stream 9

      Please provide the package NVR for which the bug is seen:

      tomcat-9.0.87-6.el9

      How reproducible is this bug?:

      always

              akrajcik@redhat.com Adam Krajcik
              dcavalca Davide Cavalca
              Adam Krajcik Adam Krajcik
              Matus Madzin Matus Madzin
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

                Created:
                Updated: