{"id":"DSA-6120-1","summary":"tomcat10 - security update","modified":"2026-03-09T01:46:35.514080183Z","published":"2026-02-05T00:00:00Z","upstream":["CVE-2025-46701","CVE-2025-48976","CVE-2025-48988","CVE-2025-48989","CVE-2025-49125","CVE-2025-52520","CVE-2025-53506","CVE-2025-55668","CVE-2025-55752","CVE-2025-55754","CVE-2025-61795","CVE-2025-66614","CVE-2026-24733","CVE-2026-24734","DEBIAN-CVE-2025-46701","DEBIAN-CVE-2025-48976","DEBIAN-CVE-2025-48988","DEBIAN-CVE-2025-48989","DEBIAN-CVE-2025-49125","DEBIAN-CVE-2025-52520","DEBIAN-CVE-2025-53506","DEBIAN-CVE-2025-55668","DEBIAN-CVE-2025-55752","DEBIAN-CVE-2025-55754","DEBIAN-CVE-2025-61795","DEBIAN-CVE-2025-66614","DEBIAN-CVE-2026-24733","DEBIAN-CVE-2026-24734"],"affected":[{"package":{"name":"tomcat10","ecosystem":"Debian:12","purl":"pkg:deb/debian/tomcat10?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"10.1.52-1~deb12u1"}]}],"versions":["10.1.10-1","10.1.13-1","10.1.14-1","10.1.15-1","10.1.16-1","10.1.20-1","10.1.23-1","10.1.25-1","10.1.25-1~bpo12+1","10.1.25-2","10.1.30-1","10.1.30-1~bpo12+1","10.1.31-1","10.1.33-1","10.1.33-1~bpo12+1","10.1.34-0+deb12u1","10.1.34-0+deb12u2","10.1.34-1","10.1.35-1","10.1.40-1","10.1.40-1~bpo12+1","10.1.46-1","10.1.6-1","10.1.6-1+deb12u1","10.1.6-1+deb12u2","10.1.7-1","10.1.8-1","10.1.9-1"],"database_specific":{"source":"https://storage.googleapis.com/debian-osv/dsa-osv/DSA-6120-1.json"}},{"package":{"name":"tomcat10","ecosystem":"Debian:13","purl":"pkg:deb/debian/tomcat10?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"10.1.52-1~deb13u1"}]}],"versions":["10.1.40-1","10.1.46-1","10.1.52-1~deb12u1"],"database_specific":{"source":"https://storage.googleapis.com/debian-osv/dsa-osv/DSA-6120-1.json"}}],"schema_version":"1.7.3"}