Search for vulnerabilities
Vulnerability details: VCID-ckkm-g4kc-tfbg
Vulnerability ID VCID-ckkm-g4kc-tfbg
Aliases CVE-2025-31650
GHSA-3p2h-wqq4-wf4h
Summary Improper Input Validation vulnerability in Apache Tomcat. Incorrect error handling for some invalid HTTP priority headers resulted in incomplete clean-up of the failed request which created a memory leak. A large number of such requests could trigger an OutOfMemoryException resulting in a denial of service. This issue affects Apache Tomcat: from 9.0.76 through 9.0.102, from 10.1.10 through 10.1.39, from 11.0.0-M2 through 11.0.5. Users are recommended to upgrade to version 9.0.104, 10.1.40 or 11.0.6 which fix the issue.
Status Published
Exploitability 2.0
Weighted Severity 8.0
Risk 10.0
Affected and Fixed Packages Package Details
Weaknesses (5)
CWE-460 Improper Cleanup on Thrown Exception
CWE-20 Improper Input Validation
CWE-459 Incomplete Cleanup
CWE-937 OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
CWE-1035 OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
System Score Found at
cvssv3 5.3 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-31650.json
cvssv3 7.5 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-31650.json
epss 0.00028 https://api.first.org/data/v1/epss?cve=CVE-2025-31650
epss 0.00028 https://api.first.org/data/v1/epss?cve=CVE-2025-31650
epss 0.00028 https://api.first.org/data/v1/epss?cve=CVE-2025-31650
epss 0.00028 https://api.first.org/data/v1/epss?cve=CVE-2025-31650
epss 0.00028 https://api.first.org/data/v1/epss?cve=CVE-2025-31650
epss 0.00034 https://api.first.org/data/v1/epss?cve=CVE-2025-31650
epss 0.00034 https://api.first.org/data/v1/epss?cve=CVE-2025-31650
epss 0.00135 https://api.first.org/data/v1/epss?cve=CVE-2025-31650
epss 0.00135 https://api.first.org/data/v1/epss?cve=CVE-2025-31650
epss 0.00135 https://api.first.org/data/v1/epss?cve=CVE-2025-31650
epss 0.00135 https://api.first.org/data/v1/epss?cve=CVE-2025-31650
epss 0.00135 https://api.first.org/data/v1/epss?cve=CVE-2025-31650
epss 0.00135 https://api.first.org/data/v1/epss?cve=CVE-2025-31650
epss 0.00135 https://api.first.org/data/v1/epss?cve=CVE-2025-31650
epss 0.00135 https://api.first.org/data/v1/epss?cve=CVE-2025-31650
epss 0.00135 https://api.first.org/data/v1/epss?cve=CVE-2025-31650
epss 0.00135 https://api.first.org/data/v1/epss?cve=CVE-2025-31650
epss 0.00135 https://api.first.org/data/v1/epss?cve=CVE-2025-31650
epss 0.00135 https://api.first.org/data/v1/epss?cve=CVE-2025-31650
epss 0.00135 https://api.first.org/data/v1/epss?cve=CVE-2025-31650
epss 0.00135 https://api.first.org/data/v1/epss?cve=CVE-2025-31650
epss 0.00135 https://api.first.org/data/v1/epss?cve=CVE-2025-31650
epss 0.00135 https://api.first.org/data/v1/epss?cve=CVE-2025-31650
epss 0.00151 https://api.first.org/data/v1/epss?cve=CVE-2025-31650
epss 0.00151 https://api.first.org/data/v1/epss?cve=CVE-2025-31650
epss 0.00151 https://api.first.org/data/v1/epss?cve=CVE-2025-31650
epss 0.00164 https://api.first.org/data/v1/epss?cve=CVE-2025-31650
epss 0.00164 https://api.first.org/data/v1/epss?cve=CVE-2025-31650
epss 0.00164 https://api.first.org/data/v1/epss?cve=CVE-2025-31650
epss 0.00164 https://api.first.org/data/v1/epss?cve=CVE-2025-31650
epss 0.00183 https://api.first.org/data/v1/epss?cve=CVE-2025-31650
epss 0.00183 https://api.first.org/data/v1/epss?cve=CVE-2025-31650
epss 0.00183 https://api.first.org/data/v1/epss?cve=CVE-2025-31650
epss 0.00188 https://api.first.org/data/v1/epss?cve=CVE-2025-31650
epss 0.00956 https://api.first.org/data/v1/epss?cve=CVE-2025-31650
epss 0.0337 https://api.first.org/data/v1/epss?cve=CVE-2025-31650
epss 0.0337 https://api.first.org/data/v1/epss?cve=CVE-2025-31650
epss 0.0337 https://api.first.org/data/v1/epss?cve=CVE-2025-31650
epss 0.0337 https://api.first.org/data/v1/epss?cve=CVE-2025-31650
epss 0.0337 https://api.first.org/data/v1/epss?cve=CVE-2025-31650
epss 0.0337 https://api.first.org/data/v1/epss?cve=CVE-2025-31650
epss 0.0337 https://api.first.org/data/v1/epss?cve=CVE-2025-31650
epss 0.0337 https://api.first.org/data/v1/epss?cve=CVE-2025-31650
epss 0.0337 https://api.first.org/data/v1/epss?cve=CVE-2025-31650
apache_tomcat Important https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-31650
cvssv3.1 7.5 https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv3.1_qr MODERATE https://github.com/advisories/GHSA-3p2h-wqq4-wf4h
generic_textual MODERATE https://github.com/apache/tomcat
generic_textual MODERATE https://github.com/apache/tomcat/commit/1eef1dc459c45f1e421d8bd25ef340fc1cc34edc
generic_textual MODERATE https://github.com/apache/tomcat/commit/40ae788c2e64d018b4e58cd4210bb96434d0100d
generic_textual MODERATE https://github.com/apache/tomcat/commit/75554da2fc5574862510ae6f0d7b3d78937f1d40
generic_textual MODERATE https://github.com/apache/tomcat/commit/8cc3b8fb3f2d8d4d6a757e014f19d1fafa948a60
generic_textual MODERATE https://github.com/apache/tomcat/commit/b7674782679e1514a0d154166b1d04d38aaac4a9
generic_textual MODERATE https://github.com/apache/tomcat/commit/b98e74f517b36929f4208506e5adad22cb767baa
generic_textual MODERATE https://github.com/apache/tomcat/commit/cba1a0fe1289ee7f5dd46c61c38d1e1ac5437bff
generic_textual MODERATE https://github.com/apache/tomcat/commit/ded0285b96b4d3f5560dfc8856ad5ec4a9b50ba9
generic_textual MODERATE https://github.com/apache/tomcat/commit/f619e6a05029538886d5a9d987925d573b5bb8c2
cvssv3.1 7.5 https://lists.apache.org/thread/j6zzk0y3yym9pzfzkq5vcyxzz0yzh826
generic_textual MODERATE https://lists.apache.org/thread/j6zzk0y3yym9pzfzkq5vcyxzz0yzh826
ssvc Track https://lists.apache.org/thread/j6zzk0y3yym9pzfzkq5vcyxzz0yzh826
cvssv3.1 7.5 https://nvd.nist.gov/vuln/detail/CVE-2025-31650
generic_textual MODERATE https://nvd.nist.gov/vuln/detail/CVE-2025-31650
archlinux High https://security.archlinux.org/AVG-2888
archlinux High https://security.archlinux.org/AVG-2889
generic_textual MODERATE https://tomcat.apache.org/security-10.html
generic_textual MODERATE https://tomcat.apache.org/security-11.html
generic_textual MODERATE https://tomcat.apache.org/security-9.html
generic_textual MODERATE http://www.openwall.com/lists/oss-security/2025/04/28/2
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-31650.json
https://api.first.org/data/v1/epss?cve=CVE-2025-31650
https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
https://github.com/apache/tomcat
https://github.com/apache/tomcat/commit/1eef1dc459c45f1e421d8bd25ef340fc1cc34edc
https://github.com/apache/tomcat/commit/40ae788c2e64d018b4e58cd4210bb96434d0100d
https://github.com/apache/tomcat/commit/75554da2fc5574862510ae6f0d7b3d78937f1d40
https://github.com/apache/tomcat/commit/8cc3b8fb3f2d8d4d6a757e014f19d1fafa948a60
https://github.com/apache/tomcat/commit/b7674782679e1514a0d154166b1d04d38aaac4a9
https://github.com/apache/tomcat/commit/b98e74f517b36929f4208506e5adad22cb767baa
https://github.com/apache/tomcat/commit/cba1a0fe1289ee7f5dd46c61c38d1e1ac5437bff
https://github.com/apache/tomcat/commit/ded0285b96b4d3f5560dfc8856ad5ec4a9b50ba9
https://github.com/apache/tomcat/commit/f619e6a05029538886d5a9d987925d573b5bb8c2
https://lists.apache.org/thread/j6zzk0y3yym9pzfzkq5vcyxzz0yzh826
https://tomcat.apache.org/security-10.html
https://tomcat.apache.org/security-11.html
https://tomcat.apache.org/security-9.html
http://www.openwall.com/lists/oss-security/2025/04/28/2
2362783 https://bugzilla.redhat.com/show_bug.cgi?id=2362783
AVG-2888 https://security.archlinux.org/AVG-2888
AVG-2889 https://security.archlinux.org/AVG-2889
cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:11.0.0:milestone10:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:11.0.0:milestone10:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:11.0.0:milestone11:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:11.0.0:milestone11:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:11.0.0:milestone12:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:11.0.0:milestone12:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:11.0.0:milestone13:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:11.0.0:milestone13:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:11.0.0:milestone14:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:11.0.0:milestone14:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:11.0.0:milestone15:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:11.0.0:milestone15:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:11.0.0:milestone16:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:11.0.0:milestone16:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:11.0.0:milestone17:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:11.0.0:milestone17:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:11.0.0:milestone18:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:11.0.0:milestone18:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:11.0.0:milestone19:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:11.0.0:milestone19:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:11.0.0:milestone2:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:11.0.0:milestone2:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:11.0.0:milestone20:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:11.0.0:milestone20:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:11.0.0:milestone21:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:11.0.0:milestone21:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:11.0.0:milestone22:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:11.0.0:milestone22:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:11.0.0:milestone23:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:11.0.0:milestone23:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:11.0.0:milestone24:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:11.0.0:milestone24:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:11.0.0:milestone25:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:11.0.0:milestone25:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:11.0.0:milestone3:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:11.0.0:milestone3:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:11.0.0:milestone4:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:11.0.0:milestone4:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:11.0.0:milestone5:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:11.0.0:milestone5:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:11.0.0:milestone6:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:11.0.0:milestone6:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:11.0.0:milestone7:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:11.0.0:milestone7:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:11.0.0:milestone8:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:11.0.0:milestone8:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:11.0.0:milestone9:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:11.0.0:milestone9:*:*:*:*:*:*
CVE-2025-31650 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-31650
CVE-2025-31650 Exploit https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/52318.py
CVE-2025-31650 https://nvd.nist.gov/vuln/detail/CVE-2025-31650
GHSA-3p2h-wqq4-wf4h https://github.com/advisories/GHSA-3p2h-wqq4-wf4h
RHSA-2025:3608 https://access.redhat.com/errata/RHSA-2025:3608
RHSA-2025:3609 https://access.redhat.com/errata/RHSA-2025:3609
RHSA-2025:4521 https://access.redhat.com/errata/RHSA-2025:4521
RHSA-2025:4522 https://access.redhat.com/errata/RHSA-2025:4522
Data source Exploit-DB
Date added June 5, 2025
Description Apache Tomcat 10.1.39 - Denial of Service (DoS)
Ransomware campaign use Unknown
Source publication date June 5, 2025
Exploit type remote
Platform multiple
Source update date June 5, 2025
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-31650.json
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-31650.json
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://lists.apache.org/thread/j6zzk0y3yym9pzfzkq5vcyxzz0yzh826
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-06T20:07:38Z/ Found at https://lists.apache.org/thread/j6zzk0y3yym9pzfzkq5vcyxzz0yzh826
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2025-31650
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.05993
EPSS Score 0.00028
Published At April 29, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2025-04-29T00:32:30.022465+00:00 Apache Tomcat Importer Import https://tomcat.apache.org/security-11.html 36.0.0