Description
Apache Tomcat 6.0.30 through 6.0.33 and 7.x before 7.0.22 does not properly perform certain caching and recycling operations involving request objects, which allows remote attackers to obtain unintended read access to IP address and HTTP header information in opportunistic circumstances by reading TCP data.
Remediation
References
Related Vulnerabilities
Roundcube Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-5383)
Cherokee Out-of-bounds Write Vulnerability (CVE-2019-20800)
WordPress Plugin PI Button includes Backdoor [Only if downloaded via the vendor website] (3.3.3)
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-0211)