An information disclosure issue exists in Apache Tomcat 8.5.7 to 8.5.9 and 9.0.0.M11 to 9.0.0.M15 in reverse-proxy configurations. Http11InputBuffer.java allows remote malicious users to read data that was intended to be associated with a different request.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apache tomcat 8.5.9 |
||
apache tomcat 8.5.7 |
||
apache tomcat 8.5.8 |
||
apache tomcat 9.0.0 |