Search for vulnerabilities
Vulnerability details: VCID-59vp-c676-dfa4
Vulnerability ID VCID-59vp-c676-dfa4
Aliases CVE-2025-46701
GHSA-h2fw-rfh5-95r3
Summary Improper Handling of Case Sensitivity vulnerability in Apache Tomcat's GCI servlet allows security constraint bypass of security constraints that apply to the pathInfo component of a URI mapped to the CGI servlet. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.6, from 10.1.0-M1 through 10.1.40, from 9.0.0.M1 through 9.0.104. Users are recommended to upgrade to version 11.0.7, 10.1.41 or 9.0.105, which fixes the issue.
Status Published
Exploitability 0.5
Weighted Severity 8.0
Risk 4.0
Affected and Fixed Packages Package Details
Weaknesses (3)
CWE-178 Improper Handling of Case Sensitivity
CWE-937 OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
CWE-1035 OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
System Score Found at
cvssv3 6.5 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-46701.json
epss 0.00027 https://api.first.org/data/v1/epss?cve=CVE-2025-46701
epss 0.00027 https://api.first.org/data/v1/epss?cve=CVE-2025-46701
epss 0.00027 https://api.first.org/data/v1/epss?cve=CVE-2025-46701
epss 0.00027 https://api.first.org/data/v1/epss?cve=CVE-2025-46701
epss 0.00028 https://api.first.org/data/v1/epss?cve=CVE-2025-46701
epss 0.00028 https://api.first.org/data/v1/epss?cve=CVE-2025-46701
epss 0.00028 https://api.first.org/data/v1/epss?cve=CVE-2025-46701
epss 0.00028 https://api.first.org/data/v1/epss?cve=CVE-2025-46701
epss 0.00028 https://api.first.org/data/v1/epss?cve=CVE-2025-46701
epss 0.00028 https://api.first.org/data/v1/epss?cve=CVE-2025-46701
epss 0.00028 https://api.first.org/data/v1/epss?cve=CVE-2025-46701
epss 0.00028 https://api.first.org/data/v1/epss?cve=CVE-2025-46701
epss 0.00028 https://api.first.org/data/v1/epss?cve=CVE-2025-46701
epss 0.00028 https://api.first.org/data/v1/epss?cve=CVE-2025-46701
epss 0.0003 https://api.first.org/data/v1/epss?cve=CVE-2025-46701
epss 0.0003 https://api.first.org/data/v1/epss?cve=CVE-2025-46701
epss 0.0003 https://api.first.org/data/v1/epss?cve=CVE-2025-46701
epss 0.0003 https://api.first.org/data/v1/epss?cve=CVE-2025-46701
epss 0.0003 https://api.first.org/data/v1/epss?cve=CVE-2025-46701
epss 0.0003 https://api.first.org/data/v1/epss?cve=CVE-2025-46701
epss 0.0003 https://api.first.org/data/v1/epss?cve=CVE-2025-46701
epss 0.0003 https://api.first.org/data/v1/epss?cve=CVE-2025-46701
epss 0.0003 https://api.first.org/data/v1/epss?cve=CVE-2025-46701
epss 0.0003 https://api.first.org/data/v1/epss?cve=CVE-2025-46701
epss 0.0003 https://api.first.org/data/v1/epss?cve=CVE-2025-46701
epss 0.0003 https://api.first.org/data/v1/epss?cve=CVE-2025-46701
epss 0.00036 https://api.first.org/data/v1/epss?cve=CVE-2025-46701
apache_tomcat Low https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-46701
cvssv3.1 6.5 https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv3.1_qr LOW https://github.com/advisories/GHSA-h2fw-rfh5-95r3
generic_textual LOW https://github.com/apache/tomcat
generic_textual LOW https://github.com/apache/tomcat/commit/0f01966eb60015d975525019e12a087f05ebf01a
generic_textual LOW https://github.com/apache/tomcat/commit/238d2aa54b99f91d1111467e2237d2244c64e558
generic_textual LOW https://github.com/apache/tomcat/commit/2c6800111e7d8d8d5403c07978ea9bff3db5a5a5
generic_textual LOW https://github.com/apache/tomcat/commit/8cb95ff03221067c511b3fa66d4f745bc4b0a605
generic_textual LOW https://github.com/apache/tomcat/commit/8df00018a252baa9497615d6420fb6c10466fa74
generic_textual LOW https://github.com/apache/tomcat/commit/fab7247d2f0e3a29d5daef565f829f383e10e5e2
cvssv3.1 7.3 https://lists.apache.org/thread/xhqqk9w5q45srcdqhogdk04lhdscv30j
generic_textual LOW https://lists.apache.org/thread/xhqqk9w5q45srcdqhogdk04lhdscv30j
ssvc Track https://lists.apache.org/thread/xhqqk9w5q45srcdqhogdk04lhdscv30j
generic_textual LOW https://nvd.nist.gov/vuln/detail/CVE-2025-46701
archlinux High https://security.archlinux.org/AVG-2888
archlinux High https://security.archlinux.org/AVG-2889
generic_textual LOW https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.41
generic_textual LOW https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.7
generic_textual LOW https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.105
generic_textual LOW http://www.openwall.com/lists/oss-security/2025/05/29/4
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-46701.json
https://api.first.org/data/v1/epss?cve=CVE-2025-46701
https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
https://github.com/apache/tomcat
https://github.com/apache/tomcat/commit/0f01966eb60015d975525019e12a087f05ebf01a
https://github.com/apache/tomcat/commit/238d2aa54b99f91d1111467e2237d2244c64e558
https://github.com/apache/tomcat/commit/2c6800111e7d8d8d5403c07978ea9bff3db5a5a5
https://github.com/apache/tomcat/commit/8cb95ff03221067c511b3fa66d4f745bc4b0a605
https://github.com/apache/tomcat/commit/8df00018a252baa9497615d6420fb6c10466fa74
https://github.com/apache/tomcat/commit/fab7247d2f0e3a29d5daef565f829f383e10e5e2
https://lists.apache.org/thread/xhqqk9w5q45srcdqhogdk04lhdscv30j
https://nvd.nist.gov/vuln/detail/CVE-2025-46701
https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.41
https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.7
https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.105
http://www.openwall.com/lists/oss-security/2025/05/29/4
1106820 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1106820
2369253 https://bugzilla.redhat.com/show_bug.cgi?id=2369253
AVG-2888 https://security.archlinux.org/AVG-2888
AVG-2889 https://security.archlinux.org/AVG-2889
cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*
CVE-2025-46701 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-46701
GHSA-h2fw-rfh5-95r3 https://github.com/advisories/GHSA-h2fw-rfh5-95r3
USN-7705-1 https://usn.ubuntu.com/7705-1/
No exploits are available.
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-46701.json
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L Found at https://lists.apache.org/thread/xhqqk9w5q45srcdqhogdk04lhdscv30j
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-30T14:58:21Z/ Found at https://lists.apache.org/thread/xhqqk9w5q45srcdqhogdk04lhdscv30j
Exploit Prediction Scoring System (EPSS)
Percentile 0.05692
EPSS Score 0.00027
Published At July 31, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2025-07-31T08:03:16.022439+00:00 Apache Tomcat Importer Import https://tomcat.apache.org/security-11.html 37.0.0