CVE-2025-52520

For some unlikely configurations of multipart upload, an Integer Overflow vulnerability in Apache Tomcat could lead to a DoS via bypassing of size limits. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.8, from 10.1.0-M1 through 10.1.42, from 9.0.0.M1 through 9.0.106. Users are recommended to upgrade to version 11.0.9, 10.1.43 or 9.0.107, which fix the issue.

CVSS v3 7.5 HIGH

7.5^/10

CVSS v3 : HIGH

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://lists.apache.org/thread/trqq01bbxw6c92zx69kx2mw2qgmfy0o5	Mailing List Vendor Advisory Issue Tracking

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:apache:tomcat::::::::
	cpe:2.3:a:apache:tomcat::::::::
	cpe:2.3:a:apache:tomcat::::::::

History

29 Jul 2025, 18:36

Type	Values Removed	Values Added
CPE		cpe:2.3:a:apache:tomcat::::::::
First Time		Apache tomcat Apache
References	~~() https://lists.apache.org/thread/trqq01bbxw6c92zx69kx2mw2qgmfy0o5 -~~	() https://lists.apache.org/thread/trqq01bbxw6c92zx69kx2mw2qgmfy0o5 - Mailing List, Vendor Advisory, Issue Tracking

11 Jul 2025, 14:15

Type	Values Removed	Values Added
Summary		(es) En algunas configuraciones improbables de carga multiparte, una vulnerabilidad de desbordamiento de enteros en Apache Tomcat podría provocar un ataque de denegación de servicio (DoS) al eludir los límites de tamaño. Este problema afecta a Apache Tomcat: de 11.0.0-M1 a 11.0.8, de 10.1.0-M1 a 10.1.42, y de 9.0.0.M1 a 9.0.106. Se recomienda actualizar a las versiones 11.0.9, 10.1.43 o 9.0.107, que solucionan el problema.
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 7.5

10 Jul 2025, 19:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-07-10 19:15

Updated : 2025-07-29 18:36

NVD link : CVE-2025-52520

Mitre link : CVE-2025-52520

CVE.ORG link : CVE-2025-52520

JSON object : View

Products Affected

apache

tomcat

CWE

CWE-190

Integer Overflow or Wraparound

{"id": "CVE-2025-52520", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2025-07-10T19:15:25.570", "references": [{"url": "https://lists.apache.org/thread/trqq01bbxw6c92zx69kx2mw2qgmfy0o5", "tags": ["Mailing List", "Vendor Advisory", "Issue Tracking"], "source": "security@apache.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "security@apache.org", "description": [{"lang": "en", "value": "CWE-190"}]}], "descriptions": [{"lang": "en", "value": "For some unlikely configurations of multipart upload, an Integer Overflow vulnerability in Apache Tomcat could lead to a DoS via bypassing of size limits.\n\nThis issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.8, from 10.1.0-M1 through 10.1.42, from 9.0.0.M1 through 9.0.106.\n\nUsers are recommended to upgrade to version 11.0.9, 10.1.43 or 9.0.107, which fix the issue."}, {"lang": "es", "value": "En algunas configuraciones improbables de carga multiparte, una vulnerabilidad de desbordamiento de enteros en Apache Tomcat podr\u00eda provocar un ataque de denegaci\u00f3n de servicio (DoS) al eludir los l\u00edmites de tama\u00f1o. Este problema afecta a Apache Tomcat: de 11.0.0-M1 a 11.0.8, de 10.1.0-M1 a 10.1.42, y de 9.0.0.M1 a 9.0.106. Se recomienda actualizar a las versiones 11.0.9, 10.1.43 o 9.0.107, que solucionan el problema."}], "lastModified": "2025-07-29T18:36:26.800", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E068C4BE-B0A9-4C86-A03C-33089784EC21", "versionEndExcluding": "9.0.107", "versionStartIncluding": "9.0.0"}, {"criteria": "cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FCF8FCC4-CE15-4B52-91D8-9B90563F3F7F", "versionEndExcluding": "10.1.43", "versionStartIncluding": "10.1.0"}, {"criteria": "cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "52667567-7D5A-40AE-8C3B-4270A4BD059C", "versionEndExcluding": "11.0.9", "versionStartIncluding": "11.0.0"}], "operator": "OR"}]}], "sourceIdentifier": "security@apache.org"}