PT-2024-29259 · Undertow · Undertow

Name of the Vulnerable Software and Affected Versions: Undertow affected versions not specified Description: A flaw was found in Undertow, where an HTTP request header value from a previous stream may be incorrectly reused for a request associated with a subsequent stream on the same HTTP/2...

AZL-7384 CVE-2020-17527 affecting package tomcat 9.0.39-6

While investigating bug 64830 it was discovered that Apache Tomcat 10.0.0-M1 to 10.0.0-M9, 9.0.0-M1 to 9.0.39 and 8.5.0 to 8.5.59 could re-use an HTTP request header value from the previous stream received on an HTTP/2 connection for the request associated with the subsequent stream. While this...