Re: [SECURITY][CORRECTION] CVE-2020-17527 Apache Tomcat HTTP/2 Request header mix-up

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

Re: [SECURITY][CORRECTION] CVE-2020-17527 Apache Tomcat HTTP/2 Request header mix-up

markt
Please note the updated affected version information below.

Mark


On 03/12/2020 18:01, Mark Thomas wrote:
> CVE-2020-17527 Apache Tomcat HTTP/2 Request header mix-up
>
> Severity: Moderate
>
> Vendor: The Apache Software Foundation
>
> Versions Affected:
> Apache Tomcat 10.0.0-M1 to 10.0.0-M9
> Apache Tomcat 9.0.0.M5 to 9.0.39

This should be Apache Tomcat 9.0.0.M1 to 9.0.39

> Apache Tomcat 8.5.1 to 8.5.59

This should be Apache Tomcat 8.5.0 to 8.5.59


>
> Description:
> While investigating Bug 64830 it was discovered that Apache Tomcat could
>  re-use an HTTP request header value from the previous stream received
> on an HTTP/2 connection for the request associated with the subsequent
> stream. While this would most likely lead to an error and the closure of
> the HTTP/2 connection, it is possible that information could leak
> between requests.
>
> Mitigation:
> - Upgrade to Apache Tomcat 10.0.0-M10 or later
> - Upgrade to Apache Tomcat 9.0.40 or later
> - Upgrade to Apache Tomcat 8.5.60 or later
>
> Credit:
> This issue was identified by the Apache Tomcat Security Team.
>
> References:
> [1] http://tomcat.apache.org/security-10.html
> [2] http://tomcat.apache.org/security-9.html
> [3] http://tomcat.apache.org/security-8.html
>


---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]