You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
When responding to new h2c connection requests, Apache Tomcat versions 10.0.0-M1 to 10.0.0, 9.0.0.M1 to 9.0.41 and through 8.5.61 could duplicate request headers and a limited amount of request body from one request to another meaning user A and user B could both see the results of user A's request.
Additional Info Attack vector: NETWORK Attack complexity: LOW Confidentiality impact: HIGH Availability impact: NONE Remediation Upgrade Recommendation: 9.0.68
The text was updated successfully, but these errors were encountered:
Checkmarx (SCA): Vulnerable Package
Vulnerability: Read More about CVE-2021-25122
Checkmarx Project: AaronZhouYu/TotallySecureApp
Repository URL: https://github.com/AaronZhouYu/TotallySecureApp
Branch: main
Scan ID: d9fa6dd5-d23b-4436-b75a-41a016305f39
When responding to new h2c connection requests, Apache Tomcat versions 10.0.0-M1 to 10.0.0, 9.0.0.M1 to 9.0.41 and through 8.5.61 could duplicate request headers and a limited amount of request body from one request to another meaning user A and user B could both see the results of user A's request.
Additional Info
Attack vector: NETWORK
Attack complexity: LOW
Confidentiality impact: HIGH
Availability impact: NONE
Remediation Upgrade Recommendation: 9.0.68
The text was updated successfully, but these errors were encountered: