CVE-2025-31650

Improper Input Validation vulnerability in Apache Tomcat. Incorrect error handling for some invalid HTTP priority headers resulted in incomplete clean-up of the failed request which created a memory leak. A large number of such requests could trigger an OutOfMemoryException resulting in a denial of service. This issue affects Apache Tomcat: from 9.0.76 through 9.0.102, from 10.1.10 through 10.1.39, from 11.0.0-M2 through 11.0.5. Users are recommended to upgrade to version 9.0.104, 10.1.40 or 11.0.6 which fix the issue.

CVSS v3 7.5 HIGH

7.5^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://lists.apache.org/thread/j6zzk0y3yym9pzfzkq5vcyxzz0yzh826	Mailing List Vendor Advisory
http://www.openwall.com/lists/oss-security/2025/04/28/2	Mailing List Third Party Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:apache:tomcat::::::::
	cpe:2.3:a:apache:tomcat::::::::
	cpe:2.3:a:apache:tomcat::::::::
	cpe:2.3:a:apache:tomcat:11.0.0:milestone10::::::
	cpe:2.3:a:apache:tomcat:11.0.0:milestone11::::::
	cpe:2.3:a:apache:tomcat:11.0.0:milestone12::::::
	cpe:2.3:a:apache:tomcat:11.0.0:milestone13::::::
	cpe:2.3:a:apache:tomcat:11.0.0:milestone14::::::
	cpe:2.3:a:apache:tomcat:11.0.0:milestone15::::::
	cpe:2.3:a:apache:tomcat:11.0.0:milestone16::::::
	cpe:2.3:a:apache:tomcat:11.0.0:milestone17::::::
	cpe:2.3:a:apache:tomcat:11.0.0:milestone18::::::
	cpe:2.3:a:apache:tomcat:11.0.0:milestone19::::::
	cpe:2.3:a:apache:tomcat:11.0.0:milestone2::::::
	cpe:2.3:a:apache:tomcat:11.0.0:milestone20::::::
	cpe:2.3:a:apache:tomcat:11.0.0:milestone21::::::
	cpe:2.3:a:apache:tomcat:11.0.0:milestone22::::::
	cpe:2.3:a:apache:tomcat:11.0.0:milestone23::::::
	cpe:2.3:a:apache:tomcat:11.0.0:milestone24::::::
	cpe:2.3:a:apache:tomcat:11.0.0:milestone25::::::
	cpe:2.3:a:apache:tomcat:11.0.0:milestone3::::::
	cpe:2.3:a:apache:tomcat:11.0.0:milestone4::::::
	cpe:2.3:a:apache:tomcat:11.0.0:milestone5::::::
	cpe:2.3:a:apache:tomcat:11.0.0:milestone6::::::
	cpe:2.3:a:apache:tomcat:11.0.0:milestone7::::::
	cpe:2.3:a:apache:tomcat:11.0.0:milestone8::::::
	cpe:2.3:a:apache:tomcat:11.0.0:milestone9::::::

History

06 May 2025, 14:15

Type	Values Removed	Values Added
CWE	~~CWE-20~~

05 May 2025, 20:12

Type	Values Removed	Values Added
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 7.5
First Time		Apache Apache tomcat
CWE		CWE-459
References	~~() https://lists.apache.org/thread/j6zzk0y3yym9pzfzkq5vcyxzz0yzh826 -~~	() https://lists.apache.org/thread/j6zzk0y3yym9pzfzkq5vcyxzz0yzh826 - Mailing List, Vendor Advisory
References	~~() http://www.openwall.com/lists/oss-security/2025/04/28/2 -~~	() http://www.openwall.com/lists/oss-security/2025/04/28/2 - Mailing List, Third Party Advisory
CPE		cpe:2.3:a:apache:tomcat:11.0.0:milestone11:::::: cpe:2.3:a:apache:tomcat:11.0.0:milestone9:::::: cpe:2.3:a:apache:tomcat:11.0.0:milestone5:::::: cpe:2.3:a:apache:tomcat:11.0.0:milestone24:::::: cpe:2.3:a:apache:tomcat:11.0.0:milestone15:::::: cpe:2.3:a:apache:tomcat:11.0.0:milestone6:::::: cpe:2.3:a:apache:tomcat:11.0.0:milestone19:::::: cpe:2.3:a:apache:tomcat:11.0.0:milestone13:::::: cpe:2.3:a:apache:tomcat:11.0.0:milestone18:::::: cpe:2.3:a:apache:tomcat:11.0.0:milestone7:::::: cpe:2.3:a:apache:tomcat:::::::: cpe:2.3:a:apache:tomcat:11.0.0:milestone25:::::: cpe:2.3:a:apache:tomcat:11.0.0:milestone4:::::: cpe:2.3:a:apache:tomcat:11.0.0:milestone2:::::: cpe:2.3:a:apache:tomcat:11.0.0:milestone16:::::: cpe:2.3:a:apache:tomcat:11.0.0:milestone10:::::: cpe:2.3:a:apache:tomcat:11.0.0:milestone21:::::: cpe:2.3:a:apache:tomcat:11.0.0:milestone23:::::: cpe:2.3:a:apache:tomcat:11.0.0:milestone3:::::: cpe:2.3:a:apache:tomcat:11.0.0:milestone12:::::: cpe:2.3:a:apache:tomcat:11.0.0:milestone22:::::: cpe:2.3:a:apache:tomcat:11.0.0:milestone17:::::: cpe:2.3:a:apache:tomcat:11.0.0:milestone14:::::: cpe:2.3:a:apache:tomcat:11.0.0:milestone8:::::: cpe:2.3:a:apache:tomcat:11.0.0:milestone20::::::

29 Apr 2025, 13:52

Type	Values Removed	Values Added
Summary		(es) Vulnerabilidad de validación de entrada incorrecta en Apache Tomcat. La gestión incorrecta de errores en algunos encabezados de prioridad HTTP no válidos provocó una limpieza incompleta de la solicitud fallida, lo que generó una fuga de memoria. Un gran número de solicitudes de este tipo podría generar una excepción OutOfMemoryException, lo que resulta en una denegación de servicio. Este problema afecta a Apache Tomcat: de la 9.0.76 a la 9.0.102, de la 10.1.10 a la 10.1.39 y de la 11.0.0-M2 a la 11.0.5. Se recomienda actualizar a las versiones 9.0.104, 10.1.40 o 11.0.6, que solucionan el problema.

28 Apr 2025, 22:15

Type	Values Removed	Values Added
References		() http://www.openwall.com/lists/oss-security/2025/04/28/2 -

28 Apr 2025, 20:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-04-28 20:15

Updated : 2025-05-06 20:15

NVD link : CVE-2025-31650

Mitre link : CVE-2025-31650

CVE.ORG link : CVE-2025-31650

JSON object : View

Products Affected

apache

tomcat

CWE

CWE-459

Incomplete Cleanup

7.5 /10