UBUNTU-CVE-2024-52318
Advisory lineage Upstream: 1 Downstream: 0
Upstream
Published: 18 Nov 2024, 13:15
Last modified:18 Jul 2025, 17:01
Vulnerability Summary
Overall Risk (default)
low
24/100 CVSS Score
6.1 MEDIUM
3.1 (osv_ubuntu)
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected
Timeline
18 Nov 2024, 13:15
Published
Vulnerability first disclosed
18 Jul 2025, 17:01
Last Modified
Vulnerability information updated
Description
Incorrect object recycling and reuse vulnerability in Apache Tomcat. This issue affects Apache Tomcat: 11.0.0, 10.1.31, 9.0.96. Users are recommended to upgrade to version 11.0.1, 10.1.32 or 9.0.97, which fixes the issue.
CVSS Metrics
- v3.1•MEDIUM•Score: 6.1CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Affected Systems
- ubuntu•tomcat10
all
- ubuntu•tomcat6
all
- ubuntu•tomcat7
all
- ubuntu•tomcat8
all
- ubuntu•tomcat9
all | all | all | all
References (5)
- https://ubuntu.com/security/CVE-2024-52318
- https://www.cve.org/CVERecord?id=CVE-2024-52318
- https://lists.apache.org/thread/co243cw1nlh6p521c5265cm839wkqdp9
- https://github.com/apache/tomcat/commit/be8e32143a3159e78fe5463d09bb8e1b33bf2b1f
- https://github.com/apache/tomcat/commit/9813c5dd3259183f659bbb83312a5cf673cc1ebf