Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:29537
HistoryMar 02, 2021 - 3:14 a.m.

Information Disclosure

2021-03-0203:14:43
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
17
tomcat-coyote
vulnerability
information leakage
request mix-up
h2c connection
request headers
request body

EPSS

0.002

Percentile

60.0%

tomcat-coyote is vulnerable to information leakage. When responding to new h2c connection requests, a request mix-up occurs with h2c as the request headers and a limited amount of request body is duplicated from one request to another, resulting in the request being seen by another user.

References