CRITICAL🇵🇱 Wersja polska

CVE-2026-53434

CVSS 9.1pub. 2026-06-29upd. 2026-07-02

Detection of Error Condition Without Action vulnerability in Apache Tomcat when configuring CRLs for a FFM based connector. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M7 through 10.1.55, from 9.0.83 through 9.0.118. Users are recommended to upgrade to version 11.0.23, 10.1.56 or 9.0.119, which fixes the issue.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
  • Apache Tomcat

    APP
    Apache
    9.0.83 – 9.0.119 (bez)10.1.0 – 10.1.56 (bez)11.0.0 – 11.0.23 (bez)
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2025-24813CRITICAL9.8⚠ KEVPL ✓ten sam produkt

Apache Tomcat: Path Equivalence prowadzący do RCE i ujawnienia danych

CVE-2020-1938CRITICAL9.8⚠ KEVten sam produkt

When using the Apache JServ Protocol (AJP), care must be taken when trusting incoming connections to Apache To...

CVE-2016-8735CRITICAL9.8⚠ KEVten sam produkt

Remote code execution is possible with Apache Tomcat before 6.0.48, 7.x before 7.0.73, 8.x before 8.0.39, 8.5....

CVE-2026-55276CRITICAL9.1ten sam produkt

Always-Incorrect Control Flow Implementation vulnerability in Apache Tomcat meant that special roles and empty...

CVE-2026-41293CRITICAL9.8PL ✓ten sam produkt

Nieprawidłowa walidacja danych wejściowych w Apache Tomcat (RCE/Critical)