Apache Tomcat 10.1.8 Information Disclosure

The version of Apache Tomcat installed on the remote host is 8.5.88, 9.0.74, 10.1.8 or 11.0.0-M5. The fix for bug 66512 introduced a regression that was fixed as bug 66591. The regression meant that, if a response did not have any HTTP headers set, no AJP SENDHEADERS message would be sent which i...

Apache Tomcat 11.0.0-M1 < 11.0.0-M6

The version of Tomcat installed on the remote host is prior to 11.0.0-M6. It is, therefore, affected by a vulnerability as referenced in the fixedinapachetomcat11.0.0-m6security-11 advisory. - A regression in the fix for bug 66512 in Apache Tomcat 11.0.0-M5, 10.1.8, 9.0.74 and 8.5.88 meant that, ...

PT-2023-4472 · Apache +1 · Apache Tomcat +1

Name of the Vulnerable Software and Affected Versions: Apache Tomcat versions 11.0.0-M5, 10.1.8, 9.0.74, and 8.5.88 Description: A regression in the fix for bug 66512 in Apache Tomcat meant that, if a response did not include any HTTP headers, no AJP SEND HEADERS message would be sent for the...