Description
The AJP connector in Apache Tomcat 5.5.15 uses an incorrect length for chunks, which can cause a buffer over-read in the ajp_process_callback in mod_jk, which allows remote attackers to read portions of sensitive memory.
Remediation
References
Related Vulnerabilities
Grafana CVE-2022-39201 Vulnerability (CVE-2022-39201)
WordPress Plugin BJ Lazy Load Remote Code Execution (0.7.5)
XWiki Missing Authorization Vulnerability (CVE-2022-31167)
WordPress 4.8.x Multiple Vulnerabilities (4.8 - 4.8.10)
WordPress Plugin BetterDocs-Best Documentation & Knowledge Base Cross-Site Scripting (1.8.4)