{
  "threat_severity" : "Moderate",
  "public_date" : "2026-05-12T15:17:56Z",
  "bugzilla" : {
    "description" : "tomcat-coyote: Apache Tomcat: Information disclosure due to HTTP Authentication Header exposure during WebSocket authentication.",
    "id" : "2476516",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2476516"
  },
  "cvss3" : {
    "cvss3_base_score" : "6.5",
    "cvss3_scoring_vector" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
    "status" : "verified"
  },
  "cwe" : "CWE-201",
  "details" : [ "Exposure of HTTP Authentication Header to unexpected hosts during WebSocket authentication vulnerability in Apache Tomcat.\nThis issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.21, from 10.1.0-M1 through 10.1.54, from 9.0.2 through 9.0.117, from 8.5.24 through 8.5.100, from 7.0.83 through 7.0.109.\nUsers are recommended to upgrade to version 11.0.22, 10.1.55 or 9.0.118, which fix the issue.", "A flaw was found in Apache Tomcat. During WebSocket authentication, the HTTP Authentication Header can be exposed to unexpected hosts. This vulnerability leads to information disclosure, potentially allowing an attacker to gain access to sensitive authentication credentials." ],
  "affected_release" : [ {
    "product_name" : "Red Hat Hardened Images",
    "release_date" : "2026-05-05T00:00:00Z",
    "advisory" : "RHSA-2026:13745",
    "cpe" : "cpe:/a:redhat:hummingbird:1",
    "package" : "tomcat11-main-11.0.22-0.1.hum1"
  }, {
    "product_name" : "Red Hat Hardened Images",
    "release_date" : "2026-05-12T00:00:00Z",
    "advisory" : "RHSA-2026:16528",
    "cpe" : "cpe:/a:redhat:hummingbird:1",
    "package" : "tomcat10-main-10.1.55-1.hum1"
  } ],
  "package_state" : [ {
    "product_name" : "Red Hat Certificate System 10",
    "fix_state" : "Under investigation",
    "package_name" : "redhat-pki:10/jss",
    "cpe" : "cpe:/a:redhat:certificate_system:10"
  }, {
    "product_name" : "Red Hat Enterprise Linux 10",
    "fix_state" : "Fix deferred",
    "package_name" : "jss",
    "cpe" : "cpe:/o:redhat:enterprise_linux:10"
  }, {
    "product_name" : "Red Hat Enterprise Linux 10",
    "fix_state" : "Fix deferred",
    "package_name" : "mod_proxy_cluster",
    "cpe" : "cpe:/o:redhat:enterprise_linux:10"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "fix_state" : "Fix deferred",
    "package_name" : "jss",
    "cpe" : "cpe:/o:redhat:enterprise_linux:9"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "fix_state" : "Fix deferred",
    "package_name" : "mod_proxy_cluster",
    "cpe" : "cpe:/o:redhat:enterprise_linux:9"
  }, {
    "product_name" : "Red Hat Fuse 7",
    "fix_state" : "Under investigation",
    "package_name" : "tomcat-coyote",
    "cpe" : "cpe:/a:redhat:jboss_fuse:7"
  }, {
    "product_name" : "Red Hat JBoss Core Services",
    "fix_state" : "Under investigation",
    "package_name" : "jbcs-httpd24-mod_cluster-native",
    "cpe" : "cpe:/a:redhat:jboss_core_services:1"
  }, {
    "product_name" : "Red Hat JBoss Core Services",
    "fix_state" : "Under investigation",
    "package_name" : "jbcs-httpd24-mod_proxy_cluster",
    "cpe" : "cpe:/a:redhat:jboss_core_services:1"
  }, {
    "product_name" : "Red Hat JBoss Enterprise Application Platform Expansion Pack",
    "fix_state" : "Under investigation",
    "package_name" : "tomcat-coyote",
    "cpe" : "cpe:/a:redhat:jbosseapxp"
  }, {
    "product_name" : "Red Hat JBoss Web Server 5",
    "fix_state" : "Under investigation",
    "package_name" : "jws5-mod_cluster",
    "cpe" : "cpe:/a:redhat:jboss_enterprise_web_server:5"
  }, {
    "product_name" : "Red Hat JBoss Web Server 5",
    "fix_state" : "Under investigation",
    "package_name" : "tomcat-coyote",
    "cpe" : "cpe:/a:redhat:jboss_enterprise_web_server:5"
  }, {
    "product_name" : "Red Hat JBoss Web Server 6",
    "fix_state" : "Under investigation",
    "package_name" : "jws6-mod_cluster",
    "cpe" : "cpe:/a:redhat:jboss_enterprise_web_server:6"
  }, {
    "product_name" : "Red Hat JBoss Web Server 6",
    "fix_state" : "Affected",
    "package_name" : "tomcat-coyote",
    "cpe" : "cpe:/a:redhat:jboss_enterprise_web_server:6"
  }, {
    "product_name" : "Red Hat OpenShift Dev Spaces",
    "fix_state" : "Fix deferred",
    "package_name" : "devspaces/server-rhel9",
    "cpe" : "cpe:/a:redhat:openshift_devspaces:3"
  }, {
    "product_name" : "Red Hat Process Automation 7",
    "fix_state" : "Under investigation",
    "package_name" : "tomcat-coyote",
    "cpe" : "cpe:/a:redhat:jboss_enterprise_bpms_platform:7"
  }, {
    "product_name" : "Red Hat Single Sign-On 7",
    "fix_state" : "Under investigation",
    "package_name" : "tomcat-coyote",
    "cpe" : "cpe:/a:redhat:red_hat_single_sign_on:7"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2026-42498\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-42498\nhttps://lists.apache.org/thread/n61zwf75jrv09rz90j4jssncm244bwdb" ],
  "name" : "CVE-2026-42498",
  "csaw" : false
}