[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

246852

 
 

909

 
 

194149

 
 

282

Paid content will be excluded from the download.


Download | Alert*
OVAL

CVE-2019-17569 -- tomcat7, tomcat9, tomcat8

ID: oval:org.secpod.oval:def:2005277Date: (C)2020-10-22   (M)2023-12-14
Class: VULNERABILITYFamily: unix




The refactoring present in Apache Tomcat 9.0.28 to 9.0.30, 8.5.48 to 8.5.50 and 7.0.98 to 7.0.99 introduced a regression. The result of the regression was that invalid Transfer-Encoding headers were incorrectly processed leading to a possibility of HTTP Request Smuggling if Tomcat was located behind a reverse proxy that incorrectly handled the invalid Transfer-Encoding header in a particular manner. Such a reverse proxy is considered unlikely.

Platform:
Debian 10.x
Debian 9.x
Product:
tomcat7
tomcat8
tomcat9
Reference:
CVE-2019-17569
CVE    1
CVE-2019-17569
CPE    5
cpe:/o:debian:debian_linux:10.x
cpe:/a:apache:tomcat9
cpe:/o:debian:debian_linux:9.x
cpe:/a:apache:tomcat8
...

© SecPod Technologies