CVE-2022-25762 is a high-severity vulnerability that affects Apache Tomcat versions 8.5.0 to 8.5.75 and 9.0.0.M1 to 9.0.20. This vulnerability allows for a situation where a web application may send a WebSocket message concurrently with the WebSocket connection closing. This can lead to the application continuing to use the socket after it has been closed, resulting in data being returned to the wrong use and/or other errors.
The severity of this vulnerability is highlighted by a CVSS score of 8.6, indicating high risk. Organizations running affected versions of Apache Tomcat are at risk of data integrity issues, which could have severe implications for operational and data security.
As of now, there are no known exploits in the wild, but the potential for abuse exists given the nature of the vulnerability. Organizations should prioritize patching immediately to mitigate the risks associated with this vulnerability.
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.
.webp)