Configured cipher preference order not preserved vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.16 through 11.0.18, from 10.1.51 through 10.1.52, from 9.0.114 through 9.0.115. Users are recommended to upgrade to version 11.0.20, 10.1.53 or 9.0.116, which fix the issue.
{
"binaries": [
{
"binary_version": "11.0.22-2ubuntu2~26.04.1",
"binary_name": "libtomcat11-embed-java"
},
{
"binary_version": "11.0.22-2ubuntu2~26.04.1",
"binary_name": "libtomcat11-java"
},
{
"binary_version": "11.0.22-2ubuntu2~26.04.1",
"binary_name": "tomcat11"
},
{
"binary_version": "11.0.22-2ubuntu2~26.04.1",
"binary_name": "tomcat11-admin"
},
{
"binary_version": "11.0.22-2ubuntu2~26.04.1",
"binary_name": "tomcat11-common"
},
{
"binary_version": "11.0.22-2ubuntu2~26.04.1",
"binary_name": "tomcat11-docs"
},
{
"binary_version": "11.0.22-2ubuntu2~26.04.1",
"binary_name": "tomcat11-examples"
},
{
"binary_version": "11.0.22-2ubuntu2~26.04.1",
"binary_name": "tomcat11-user"
}
]
}