Fedora Account System
Red Hat Associate
Red Hat Customer
Improper Handling of Case Sensitivity vulnerability in LockOutRealm in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.21, from 10.1.0-M1 through 10.1.54, from 9.0.0.M1 through 9.0.117, from 8.5.0 through 8.5.100, from 7.0.0 through 7.0.109. Older unsupported versions may also be affected. Users are recommended to upgrade to version 11.0.22, 10.1.55 or 9.0.118 which fix the issue.
This issue has been addressed in the following products: Red Hat JBoss Web Server 7.0.0 Via RHSA-2026:39189 https://access.redhat.com/errata/RHSA-2026:39189
This issue has been addressed in the following products: Red Hat JBoss Web Server 7.0 on RHEL 10 Red Hat JBoss Web Server 7.0 on RHEL 8 Red Hat JBoss Web Server 7.0 on RHEL 9 Via RHSA-2026:39188 https://access.redhat.com/errata/RHSA-2026:39188