Описание
The doRead method in Apache Tomcat 4.1.32 through 4.1.34 and 5.5.10 through 5.5.20 does not return a -1 to indicate when a certain error condition has occurred, which can cause Tomcat to send POST content from one request to a different request.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | not-affected | 4.1.31-4 |
| devel | DNE | |
| gutsy | DNE | |
| hardy | DNE | |
| intrepid | DNE | |
| upstream | needs-triage |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | not-affected | 5.5.26-5ubuntu1 |
| gutsy | not-affected | 5.5.25-1ubuntu1 |
| hardy | not-affected | 5.5.25-5ubuntu1.1 |
| intrepid | not-affected | 5.5.26-3ubuntu3 |
| upstream | needs-triage |
Показывать по
Ссылки на источники
EPSS
2.6 Low
CVSS2
Связанные уязвимости
The doRead method in Apache Tomcat 4.1.32 through 4.1.34 and 5.5.10 through 5.5.20 does not return a -1 to indicate when a certain error condition has occurred, which can cause Tomcat to send POST content from one request to a different request.
The doRead method in Apache Tomcat 4.1.32 through 4.1.34 and 5.5.10 through 5.5.20 does not return a -1 to indicate when a certain error condition has occurred, which can cause Tomcat to send POST content from one request to a different request.
The doRead method in Apache Tomcat 4.1.32 through 4.1.34 and 5.5.10 th ...
EPSS
2.6 Low
CVSS2