[SECURITY] CVE-2025-46701 Apache Tomcat - CGI security constraint bypass

CVE-2025-46701 Apache Tomcat - CGI security constraint bypass Severity: Low Vendor: The Apache Software Foundation Versions Affected: Apache Tomcat 11.0.0-M1 to 11.0.6 Apache Tomcat 10.1.0-M1 to 10.1.40 Apache Tomcat 9.0.0.M1 to 9.0.104 Description: When running on a case insensitive file syst

Re: Adding a CRL to certificate client authentication causes connector to stop responding to all requests having a client certificate.

Hello Chris, Were you able to replicate the error on your side? Best, Alex Sent using Zoho Mail On Thu, 22 May 2025 08:02:41 -0500 Christopher Schultz wrote --- Alex, On 5/21/25 9:01 PM, My Subs wrote: > Chris, > > > >> Is the client sending just their own cert

Re: adding new SSL certificate without restarting tomcat

On 29/05/2025 07:59, Ivano Luberti wrote: Thanks Chris, yes that's what I tried to explain from the beginning, sorry I wasn't clear enough. To summarize: there is no solution out of the box, I have to develop something. I will look into that. Just out of interest, what problem are you tryi

Re: adding new SSL certificate without restarting tomcat

Thanks Chris, yes that's what I tried to explain from the beginning, sorry I wasn't clear enough. To summarize: there is no solution out of the box, I have to develop something. I will look into that. Thanks everyone Il 28-May-25 14:43, Christopher Schultz ha scritto: Ivano, On 5/28/25 4: