[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-SUSE-SU-2026:1058-1":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T14:55:33.319Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":11,"aliases":12,"duplicate_of":9,"upstream":13,"downstream":100,"duplicates":101,"related":102,"reserved_at":9,"published_at":146,"modified_at":147,"state":9,"summary":148,"references_raw":150,"kevs":359,"epss":9,"epss_history":360,"metrics":361,"affected":362},"SUSE-SU-2026:1058-1","Security update for tomcat\n\nThis update for tomcat fixes the following issues:\n\nUpdate to Tomcat 9.0.115:\n\n- CVE-2025-48989: HTTP/2 protocol (including DNS over HTTPS) is vulnerable to 'MadeYouReset' DoS attack (bsc#1243895).\n- CVE-2025-52434: race condition on connection close when using the APR/Native connector could lead to a JVM crash\n  (bsc#1246389).\n- CVE-2025-53506: uncontrolled resource HTTP/2 client consumption vulnerability (bsc#1246318).\n- CVE-2025-66614: client certificate verification bypass due to virtual host mapping (bsc#1258371).\n- CVE-2026-24733: improper input validation on HTTP/0.9 requests (bsc#1258385).\n- CVE-2023-44487: Rapid reset attack (bsc#1216182).\n",null,[],[],[],[14,16,18,20,22,24,26,28,30,32,34,36,38,40,42,44,46,48,50,52,54,56,58,60,62,64,66,68,70,72,74,76,78,80,82,84,86,88,90,92,94,96,98],{"_key":15},"CVE-2020-13934",{"_key":17},"CVE-2020-13935",{"_key":19},"CVE-2020-13943",{"_key":21},"CVE-2020-17527",{"_key":23},"CVE-2021-24122",{"_key":25},"CVE-2021-25122",{"_key":27},"CVE-2021-25329",{"_key":29},"CVE-2021-30640",{"_key":31},"CVE-2021-33037",{"_key":33},"CVE-2021-41079",{"_key":35},"CVE-2021-43980",{"_key":37},"CVE-2022-23181",{"_key":39},"CVE-2022-42252",{"_key":41},"CVE-2023-24998",{"_key":43},"CVE-2023-28708",{"_key":45},"CVE-2023-28709",{"_key":47},"CVE-2023-41080",{"_key":49},"CVE-2023-42795",{"_key":51},"CVE-2023-44487",{"_key":53},"CVE-2023-45468",{"_key":55},"CVE-2023-46589",{"_key":57},"CVE-2024-21733",{"_key":59},"CVE-2024-23672",{"_key":61},"CVE-2024-24549",{"_key":63},"CVE-2024-34750",{"_key":65},"CVE-2024-38286",{"_key":67},"CVE-2024-50379",{"_key":69},"CVE-2024-52316",{"_key":71},"CVE-2024-54677",{"_key":73},"CVE-2025-24813",{"_key":75},"CVE-2025-31651",{"_key":77},"CVE-2025-46701",{"_key":79},"CVE-2025-48988",{"_key":81},"CVE-2025-48989",{"_key":83},"CVE-2025-49125",{"_key":85},"CVE-2025-52434",{"_key":87},"CVE-2025-52520",{"_key":89},"CVE-2025-53506",{"_key":91},"CVE-2025-55752",{"_key":93},"CVE-2025-55754",{"_key":95},"CVE-2025-61795",{"_key":97},"CVE-2025-66614",{"_key":99},"CVE-2026-24733",[],[],[103,104,105,106,107,108,109,110,111,112,113,114,115,116,117,118,119,120,121,122,123,124,125,126,127,128,129,130,131,132,133,134,135,136,137,138,139,140,141,142,143,144,145],{"_key":15},{"_key":17},{"_key":19},{"_key":21},{"_key":23},{"_key":25},{"_key":27},{"_key":29},{"_key":31},{"_key":33},{"_key":35},{"_key":37},{"_key":39},{"_key":41},{"_key":43},{"_key":45},{"_key":47},{"_key":49},{"_key":51},{"_key":53},{"_key":55},{"_key":57},{"_key":59},{"_key":61},{"_key":63},{"_key":65},{"_key":67},{"_key":69},{"_key":71},{"_key":73},{"_key":75},{"_key":77},{"_key":79},{"_key":81},{"_key":83},{"_key":85},{"_key":87},{"_key":89},{"_key":91},{"_key":93},{"_key":95},{"_key":97},{"_key":99},"2026-03-26T09:46:45Z","2026-03-27T08:48:24.814862Z",{"cisa_kev":149,"cisa_ransomware":149,"cisa_vendor":9,"epss_severity":9,"epss_score":9,"severity":9,"severity_score":9,"severity_version":9,"severity_source":9,"severity_vector":9,"severity_status":9},false,[151,157,162,166,170,174,178,182,186,191,195,199,203,207,211,215,219,223,227,231,235,239,243,247,251,255,259,263,267,271,275,279,283,287,291,295,299,303,307,311,315,319,323,327,331,335,339,343,347,351,355],{"url":152,"sources":153,"tags":155},"https://www.suse.com/support/update/announcement/2026/suse-su-20261058-1/",[154],"osv_suse",[156],"Advisory",{"url":158,"sources":159,"tags":160},"https://bugzilla.suse.com/1216182",[154],[161],"REPORT",{"url":163,"sources":164,"tags":165},"https://bugzilla.suse.com/1243895",[154],[161],{"url":167,"sources":168,"tags":169},"https://bugzilla.suse.com/1246318",[154],[161],{"url":171,"sources":172,"tags":173},"https://bugzilla.suse.com/1246389",[154],[161],{"url":175,"sources":176,"tags":177},"https://bugzilla.suse.com/1258371",[154],[161],{"url":179,"sources":180,"tags":181},"https://bugzilla.suse.com/1258385",[154],[161],{"url":183,"sources":184,"tags":185},"https://bugzilla.suse.com/1259224",[154],[161],{"url":187,"sources":188,"tags":189},"https://www.suse.com/security/cve/CVE-2020-13934",[154],[190],"WEB",{"url":192,"sources":193,"tags":194},"https://www.suse.com/security/cve/CVE-2020-13935",[154],[190],{"url":196,"sources":197,"tags":198},"https://www.suse.com/security/cve/CVE-2020-13943",[154],[190],{"url":200,"sources":201,"tags":202},"https://www.suse.com/security/cve/CVE-2020-17527",[154],[190],{"url":204,"sources":205,"tags":206},"https://www.suse.com/security/cve/CVE-2021-24122",[154],[190],{"url":208,"sources":209,"tags":210},"https://www.suse.com/security/cve/CVE-2021-25122",[154],[190],{"url":212,"sources":213,"tags":214},"https://www.suse.com/security/cve/CVE-2021-25329",[154],[190],{"url":216,"sources":217,"tags":218},"https://www.suse.com/security/cve/CVE-2021-30640",[154],[190],{"url":220,"sources":221,"tags":222},"https://www.suse.com/security/cve/CVE-2021-33037",[154],[190],{"url":224,"sources":225,"tags":226},"https://www.suse.com/security/cve/CVE-2021-41079",[154],[190],{"url":228,"sources":229,"tags":230},"https://www.suse.com/security/cve/CVE-2021-43980",[154],[190],{"url":232,"sources":233,"tags":234},"https://www.suse.com/security/cve/CVE-2022-23181",[154],[190],{"url":236,"sources":237,"tags":238},"https://www.suse.com/security/cve/CVE-2022-42252",[154],[190],{"url":240,"sources":241,"tags":242},"https://www.suse.com/security/cve/CVE-2023-24998",[154],[190],{"url":244,"sources":245,"tags":246},"https://www.suse.com/security/cve/CVE-2023-28708",[154],[190],{"url":248,"sources":249,"tags":250},"https://www.suse.com/security/cve/CVE-2023-28709",[154],[190],{"url":252,"sources":253,"tags":254},"https://www.suse.com/security/cve/CVE-2023-41080",[154],[190],{"url":256,"sources":257,"tags":258},"https://www.suse.com/security/cve/CVE-2023-42795",[154],[190],{"url":260,"sources":261,"tags":262},"https://www.suse.com/security/cve/CVE-2023-44487",[154],[190],{"url":264,"sources":265,"tags":266},"https://www.suse.com/security/cve/CVE-2023-45468",[154],[190],{"url":268,"sources":269,"tags":270},"https://www.suse.com/security/cve/CVE-2023-46589",[154],[190],{"url":272,"sources":273,"tags":274},"https://www.suse.com/security/cve/CVE-2024-21733",[154],[190],{"url":276,"sources":277,"tags":278},"https://www.suse.com/security/cve/CVE-2024-23672",[154],[190],{"url":280,"sources":281,"tags":282},"https://www.suse.com/security/cve/CVE-2024-24549",[154],[190],{"url":284,"sources":285,"tags":286},"https://www.suse.com/security/cve/CVE-2024-34750",[154],[190],{"url":288,"sources":289,"tags":290},"https://www.suse.com/security/cve/CVE-2024-38286",[154],[190],{"url":292,"sources":293,"tags":294},"https://www.suse.com/security/cve/CVE-2024-50379",[154],[190],{"url":296,"sources":297,"tags":298},"https://www.suse.com/security/cve/CVE-2024-52316",[154],[190],{"url":300,"sources":301,"tags":302},"https://www.suse.com/security/cve/CVE-2024-54677",[154],[190],{"url":304,"sources":305,"tags":306},"https://www.suse.com/security/cve/CVE-2025-24813",[154],[190],{"url":308,"sources":309,"tags":310},"https://www.suse.com/security/cve/CVE-2025-31651",[154],[190],{"url":312,"sources":313,"tags":314},"https://www.suse.com/security/cve/CVE-2025-46701",[154],[190],{"url":316,"sources":317,"tags":318},"https://www.suse.com/security/cve/CVE-2025-48988",[154],[190],{"url":320,"sources":321,"tags":322},"https://www.suse.com/security/cve/CVE-2025-48989",[154],[190],{"url":324,"sources":325,"tags":326},"https://www.suse.com/security/cve/CVE-2025-49125",[154],[190],{"url":328,"sources":329,"tags":330},"https://www.suse.com/security/cve/CVE-2025-52434",[154],[190],{"url":332,"sources":333,"tags":334},"https://www.suse.com/security/cve/CVE-2025-52520",[154],[190],{"url":336,"sources":337,"tags":338},"https://www.suse.com/security/cve/CVE-2025-53506",[154],[190],{"url":340,"sources":341,"tags":342},"https://www.suse.com/security/cve/CVE-2025-55752",[154],[190],{"url":344,"sources":345,"tags":346},"https://www.suse.com/security/cve/CVE-2025-55754",[154],[190],{"url":348,"sources":349,"tags":350},"https://www.suse.com/security/cve/CVE-2025-61795",[154],[190],{"url":352,"sources":353,"tags":354},"https://www.suse.com/security/cve/CVE-2025-66614",[154],[190],{"url":356,"sources":357,"tags":358},"https://www.suse.com/security/cve/CVE-2026-24733",[154],[190],[],[],[],[363,376],{"ecosystem":364,"name":365,"vendor":366,"product":367,"cpe_part":9,"purl_type":368,"purl_namespace":366,"purl_name":367,"source":9,"versions":369},"SUSE Linux Enterprise","tomcat","suse","tomcat&distro=SUSE Linux Enterprise Server 12 SP5-LTSS","rpm",[370],{"version":371,"is_range":372,"range_type":373,"version_start":9,"version_start_type":9,"version_end":374,"version_end_type":375,"fixed_in":9},"lt9_0_115_3_160_1",true,"ecosystem","9.0.115-3.160.1","excluding",{"ecosystem":364,"name":365,"vendor":366,"product":377,"cpe_part":9,"purl_type":368,"purl_namespace":366,"purl_name":377,"source":9,"versions":378},"tomcat&distro=SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",[379],{"version":371,"is_range":372,"range_type":373,"version_start":9,"version_start_type":9,"version_end":374,"version_end_type":375,"fixed_in":9}]