WEB APPLICATION VULNERABILITIES SCA (Software Composition Analysis)

CVE-2011-3375 Vulnerability in maven package org.apache.tomcat:coyote

Description

Apache Tomcat 6.0.30 through 6.0.33 and 7.x before 7.0.22 does not properly perform certain caching and recycling operations involving request objects, which allows remote attackers to obtain unintended read access to IP address and HTTP header information in opportunistic circumstances by reading TCP data.

Remediation

References

http://tomcat.apache.org/security-6.html

http://tomcat.apache.org/security-7.html

http://www.debian.org/security/2012/dsa-2401

Related Vulnerabilities

CVE-2013-4942 Vulnerability in npm package yui

CVE-2022-46686 Vulnerability in maven package io.jenkins.plugins:custom-build-properties

CVE-2017-4971 Vulnerability in maven package org.springframework.webflow:spring-webflow

CVE-2023-24441 Vulnerability in maven package org.jvnet.hudson.plugins:mstest

CVE-2019-17566 Vulnerability in maven package org.apache.xmlgraphics:batik-svgrasterizer

Severity

Critical

Classification

CWE-200

Tags

Vendor Advisory