Apache · Apache Tomcat · CVE-2025-52434
Name of the Vulnerable Software and Affected Versions:
Apache Tomcat versions 9.0.0.M1 through 9.0.106
Description:
A race condition exists due to concurrent execution using a shared resource with improper synchronization when using the APR/Native connector. This issue is particularly noticeable with client-initiated closes of HTTP/2 connections.
Recommendations:
Upgrade to version 9.0.107 to resolve the issue.