CVE-2025-31650 – Apache Tomcat Vulnerability

Severity

High

Analysis Summary

CVE-2025-31650

Apache Tomcat has a vulnerability in handling HTTP priority headers. When invalid headers are processed, the error handling fails to clean up requests properly. This creates a memory leak. If many such requests are sent, the system could run out of memory and stop working.

Impact

Denial of Service

Indicators of Compromise

CVE

CVE-2025-31650

Affected Vendors

Apache

Affected Products

Apache Tomcat - 10.1.10 - 10.1.39
Apache Tomcat - 11.0.0 - 11.0.5
Apache Tomcat - 9.0.76 - 9.0.102

Remediation

Upgrade to the latest version of Apache Tomcat, available from the Apache Security Advisory.

Apache Security Advisory

Multiple Dell PowerProtect Vulnerabilities

TAG-124: The Emerging Threat Behind Targeted Malware Campaigns – Active IOCs

CVE-2025-31650 – Apache Tomcat Vulnerability

Severity

High

Analysis Summary

Indicators of Compromise

CVE

Affected Vendors

Affected Products

Remediation

Security Operations Centers across the region

Saudi Arabia

UAE

Oman

Pakistan