Revvity Signals, in partnership with Spotfire, is aware of a critical vulnerability (CVE-2025-24813) that has been identified in certain versions of Apache Tomcat. This vulnerability may allow remote attackers to execute arbitrary code or cause a denial of service (DoS) on affected systems.
To mitigate this vulnerability, update Tomcat by following the steps below:
Upgrading Apache Tomcat in Spotfire Server 14
- Users of Spotfire 14 and higher should upgrade to Apache Tomcat 10.1.35 or higher
- Users of Spotfire 12 and higher should upgrade to Apache Tomcat 9.0.99 or higher