CVE-2025-31651 is a critical vulnerability in Apache Tomcat with a CVSS score of 9.8. This vulnerability allows for a bypass of security constraints due to improper neutralization of escape, meta, or control sequences. Specifically, under a subset of unlikely rewrite rule configurations, attackers can exploit this flaw by sending specially crafted requests to the server. The consequences of this vulnerability can be severe, as it compromises the integrity and confidentiality of the affected systems.
Organizations using Apache Tomcat should be aware that this vulnerability affects versions from 11.0.0-M1 through 11.0.5, 10.1.0-M1 through 10.1.39, and 9.0.0.M1 through 9.0.102. It is also known to affect older versions, including those that have reached end-of-life. Given the critical nature of this vulnerability and its potential to be exploited, it is imperative that organizations prioritize patching immediately.
Although a public proof of concept has been confirmed on GitHub, organizations must remain vigilant in their defenses. The potential for exploitation is high, emphasizing the necessity for timely remediation and enhanced security measures.
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.
.webp)