Apache Tomcat 10.1.8 Information Disclosure

The version of Apache Tomcat installed on the remote host is 8.5.88, 9.0.74, 10.1.8 or 11.0.0-M5. The fix for bug 66512 introduced a regression that was fixed as bug 66591. The regression meant that, if a response did not have any HTTP headers set, no AJP SENDHEADERS message would be sent which i...

Apache Tomcat 11.0.0-M5 Information Disclosure

The version of Apache Tomcat installed on the remote host is 8.5.88, 9.0.74, 10.1.8 or 11.0.0-M5. The fix for bug 66512 introduced a regression that was fixed as bug 66591. The regression meant that, if a response did not have any HTTP headers set, no AJP SENDHEADERS message would be sent which i...

Apache Tomcat 安全漏洞

Apache Tomcat is the United States Apache Apache Foundation of a lightweight Web application server. The program implements support for Servlets and JavaServer Page JSP. A security vulnerability exists in Apache Tomcat that stems from the presence of an information disclosure vulnerability...

PT-2023-4472 · Apache +1 · Apache Tomcat +1

Name of the Vulnerable Software and Affected Versions: Apache Tomcat versions 11.0.0-M5, 10.1.8, 9.0.74, and 8.5.88 Description: A regression in the fix for bug 66512 in Apache Tomcat meant that, if a response did not include any HTTP headers, no AJP SEND HEADERS message would be sent for the...

Fixed in Apache Tomcat 8.5.89

Important: Information disclosure CVE-2023-34981 The fix for bug 66512 introduced a regression that was fixed as bug 66591. The regression meant that, if a response did not have any HTTP headers set, no AJP SENDHEADERS message would be sent which in turn meant that at least one AJP based proxy...