Vulmon Recent Vulnerabilities Product List Research Posts Trends Blog About Contact

ALASTOMCAT8.5-2023-010

Related Vulnerabilities: CVE-2020-17527   CVE-2021-24122  

While investigating bug 64830 it was discovered that Apache Tomcat 10.0.0-M1 to 10.0.0-M9, 9.0.0-M1 to 9.0.39 and 8.5.0 to 8.5.59 could re-use an HTTP request header value from the previous stream received on an HTTP/2 connection for the request associated with the subsequent stream. While this would most likely lead to an error and the closure of the HTTP/2 connection, it is possible that information could leak between requests. (CVE-2020-17527) When serving resources from a network location using the NTFS file system, Apache Tomcat versions 10.0.0-M1 to 10.0.0-M9, 9.0.0.M1 to 9.0.39, 8.5.0 to 8.5.59 and 7.0.0 to 7.0.106 were susceptible to JSP source code disclosure in some configurations. The root cause was the unexpected behaviour of the JRE API File.getCanonicalPath() which in turn was caused by the inconsistent behaviour of the Windows API (FindFirstFileW) in some circumstances. (CVE-2021-24122)

Source

ALASTOMCAT8.5-2023-010

Amazon Linux 2 Security Advisory: ALASTOMCAT8.5-2023-010
Advisory Release Date: 2023-08-21 20:58 Pacific
Advisory Updated Date: 2023-09-25 21:58 Pacific
Severity: Medium
Issue Overview:

While investigating bug 64830 it was discovered that Apache Tomcat 10.0.0-M1 to 10.0.0-M9, 9.0.0-M1 to 9.0.39 and 8.5.0 to 8.5.59 could re-use an HTTP request header value from the previous stream received on an HTTP/2 connection for the request associated with the subsequent stream. While this would most likely lead to an error and the closure of the HTTP/2 connection, it is possible that information could leak between requests. (CVE-2020-17527)

When serving resources from a network location using the NTFS file system, Apache Tomcat versions 10.0.0-M1 to 10.0.0-M9, 9.0.0.M1 to 9.0.39, 8.5.0 to 8.5.59 and 7.0.0 to 7.0.106 were susceptible to JSP source code disclosure in some configurations. The root cause was the unexpected behaviour of the JRE API File.getCanonicalPath() which in turn was caused by the inconsistent behaviour of the Windows API (FindFirstFileW) in some circumstances. (CVE-2021-24122)


Affected Packages:

tomcat


Issue Correction:
Run yum update tomcat to update your system.

New Packages:
noarch:
    tomcat-8.5.60-1.amzn2.noarch
    tomcat-admin-webapps-8.5.60-1.amzn2.noarch
    tomcat-docs-webapp-8.5.60-1.amzn2.noarch
    tomcat-javadoc-8.5.60-1.amzn2.noarch
    tomcat-jsvc-8.5.60-1.amzn2.noarch
    tomcat-jsp-2.3-api-8.5.60-1.amzn2.noarch
    tomcat-lib-8.5.60-1.amzn2.noarch
    tomcat-servlet-3.1-api-8.5.60-1.amzn2.noarch
    tomcat-el-3.0-api-8.5.60-1.amzn2.noarch
    tomcat-webapps-8.5.60-1.amzn2.noarch

src:
    tomcat-8.5.60-1.amzn2.src

Additional References

Red Hat: CVE-2020-17527, CVE-2021-24122

Mitre: CVE-2020-17527, CVE-2021-24122

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Product List Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started