mirror of
https://github.com/0xMarcio/cve.git
synced 2025-11-28 18:48:49 +00:00
1.9 KiB
1.9 KiB
CVE-2025-31650
Description
Improper Input Validation vulnerability in Apache Tomcat. Incorrect error handling for some invalid HTTP priority headers resulted in incomplete clean-up of the failed request which created a memory leak. A large number of such requests could trigger an OutOfMemoryException resulting in a denial of service.This issue affects Apache Tomcat: from 9.0.76 through 9.0.102, from 10.1.10 through 10.1.39, from 11.0.0-M2 through 11.0.5.The following versions were EOL at the time the CVE was created but are known to be affected: 8.5.90 though 8.5.100.Users are recommended to upgrade to version 9.0.104, 10.1.40 or 11.0.6 which fix the issue.
POC
Reference
No PoCs from references.
Github
- https://github.com/B1gN0Se/Tomcat-CVE-2025-31650
- https://github.com/PuddinCat/GithubRepoSpider
- https://github.com/absholi7ly/TomcatKiller-CVE-2025-31650
- https://github.com/assad12341/Dos-exploit-
- https://github.com/diegopacheco/Smith
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/obscura-cert/CVE-2025-31650
- https://github.com/plzheheplztrying/cve_monitor
- https://github.com/s-b-repo/rustsploit
- https://github.com/sattarbug/Analysis-of-TomcatKiller---CVE-2025-31650-Exploit-Tool
- https://github.com/tunahantekeoglu/CVE-2025-31650
- https://github.com/w4zu/Debian_security