Patch 2025.1.5 / CVEs CVE-2025-55752 & CVE-2025-55754

Two vulnerabilities CVE-2025-55752 and CVE-2025-55754 have been disclosed, affecting the Tomcat Web Application Server.

A version of Tomcat is included in the INFOMOTION Data Management Center package and used for the containerized and standalone deployment options. We are now releasing an updated version 2024.2.13 of Data Management Center that includes a patched version of Apache Tomcat.

Please note that this patch only secures containerized or standalone DMC deployments. When deployed within a custom Tomcat installation, that installation should be patched as well.
(since 2025.1.4)

Container Image: infomotiondmc.azurecr.io/dmc@sha256:6297c90cb72a67bcb6b1c8b8537b9f5bc82ff326292b73363d5ced718dd1b800

WAR File : https://dmcwiki.blob.core.windows.net/dmc-releases/2025.1.5/dmc.war (sha256: 49402986017c752e665d4d674427bc8279a76c86d60521d311d9fb12c19d568a)