CVE ID : CVE-2025-53506
Published : July 10, 2025, 8:15 p.m. | 2 hours, 24 minutes ago
Description : Uncontrolled Resource Consumption vulnerability in Apache Tomcat if an HTTP/2 client did not acknowledge the initial settings frame that reduces the maximum permitted concurrent streams.
This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.8, from 10.1.0-M1 through 10.1.42, from 9.0.0.M1 through 9.0.106.
Users are recommended to upgrade to version 11.0.9, 10.1.43 or 9.0.107, which fix the issue.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
Source: Read More