A new security vulnerability has been discovered in Apache Tomcat’s CGI servlet implementation that could allow attackers to bypass configured security constraints under specific conditions. The vulnerability, designated CVE-2025-46701, was disclosed on May 29, 2025, and affects multiple versions of the popular Java application server. The flaw stems from improper handling of case sensitivity within […]
The post Apache Tomcat CGI Servlet Vulnerability Allows Security Constraint Bypass appeared first on Cyber Security News.
This article has been indexed from Cyber Security News