admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
cvelist/2021/25xxx/CVE-2021-25122.json

137 lines
6.3 KiB
JSON
Raw Normal View History

"-Synchronized-Data."
2021-01-14 17:02:20 +00:00
{
"CVE_data_meta": {
Two Tomcat issues public
2021-03-01 11:55:21 +00:00
"ASSIGNER": "security@apache.org",
"-Synchronized-Data."
2021-01-14 17:02:20 +00:00
"ID": "CVE-2021-25122",
Two Tomcat issues public
2021-03-01 11:55:21 +00:00
"STATE": "PUBLIC",
"TITLE": "Apache Tomcat h2c request mix-up"
"-Synchronized-Data."
2021-01-14 17:02:20 +00:00
},
Two Tomcat issues public
2021-03-01 11:55:21 +00:00
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Apache Tomcat",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "Apache Tomcat 10",
"version_value": "10.0.2"
},
{
"version_affected": "<",
"version_name": "Apache Tomcat 9",
"version_value": "9.0.42"
},
{
"version_affected": "<",
"version_name": "Apache Tomcat 8.5",
"version_value": "8.5.62"
}
]
}
}
]
},
"vendor_name": "Apache Software Foundation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"-Synchronized-Data."
2021-01-14 17:02:20 +00:00
"description": {
"description_data": [
{
"lang": "eng",
Two Tomcat issues public
2021-03-01 11:55:21 +00:00
"value": "When responding to new h2c connection requests, Apache Tomcat versions 10.0.0-M1 to 10.0.0, 9.0.0.M1 to 9.0.41 and 8.5.0 to 8.5.61 could duplicate request headers and a limited amount of request body from one request to another meaning user A and user B could both see the results of user A's request."
"-Synchronized-Data."
2021-01-14 17:02:20 +00:00
}
]
Two Tomcat issues public
2021-03-01 11:55:21 +00:00
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-200 Information Exposure"
}
]
}
]
},
"references": {
"reference_data": [
{
"-Synchronized-Data."
2021-03-01 13:00:49 +00:00
"refsource": "MISC",
"url": "https://lists.apache.org/thread.html/r7b95bc248603360501f18c8eb03bb6001ec0ee3296205b34b07105b7%40%3Cannounce.tomcat.apache.org%3E",
"name": "https://lists.apache.org/thread.html/r7b95bc248603360501f18c8eb03bb6001ec0ee3296205b34b07105b7%40%3Cannounce.tomcat.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[tomcat-announce] 20210301 [SECURITY] CVE-2021-25122 Apache Tomcat h2c request mix-up",
"url": "https://lists.apache.org/thread.html/r7b95bc248603360501f18c8eb03bb6001ec0ee3296205b34b07105b7@%3Cannounce.tomcat.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[tomcat-users] 20210301 [SECURITY] CVE-2021-25122 Apache Tomcat h2c request mix-up",
"url": "https://lists.apache.org/thread.html/r7b95bc248603360501f18c8eb03bb6001ec0ee3296205b34b07105b7@%3Cusers.tomcat.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[tomcat-dev] 20210301 [SECURITY] CVE-2021-25122 Apache Tomcat h2c request mix-up",
"url": "https://lists.apache.org/thread.html/r7b95bc248603360501f18c8eb03bb6001ec0ee3296205b34b07105b7@%3Cdev.tomcat.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[tomcat-dev] 20210301 svn commit: r1887027 - in /tomcat/site/trunk: docs/security-10.html docs/security-7.html docs/security-8.html docs/security-9.html xdocs/security-10.xml xdocs/security-7.xml xdocs/security-8.xml xdocs/security-9.xml",
"url": "https://lists.apache.org/thread.html/rf6d5d57b114678d8898005faef31e9fd6d7c981fcc4ccfc3bc272fc9@%3Cdev.tomcat.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[announce] 20210301 [SECURITY] CVE-2021-25122 Apache Tomcat h2c request mix-up",
"url": "https://lists.apache.org/thread.html/r7b95bc248603360501f18c8eb03bb6001ec0ee3296205b34b07105b7@%3Cannounce.apache.org%3E"
"-Synchronized-Data."
2021-03-01 16:00:43 +00:00
},
{
"refsource": "MLIST",
"name": "[oss-security] 20210301 CVE-2021-25122: Apache Tomcat h2c request mix-up",
"url": "http://www.openwall.com/lists/oss-security/2021/03/01/1"
"-Synchronized-Data."
2021-03-05 10:00:44 +00:00
},
{
"refsource": "MLIST",
"name": "[tomcat-users] 20210305 RE: [SECURITY] CVE-2021-25122 Apache Tomcat h2c request mix-up",
"url": "https://lists.apache.org/thread.html/rcd90bf36b1877e1310b87ecd14ed7bbb15da52b297efd9f0e7253a3b@%3Cusers.tomcat.apache.org%3E"
"-Synchronized-Data."
2021-03-05 12:00:44 +00:00
},
{
"refsource": "MLIST",
"name": "[tomcat-users] 20210305 Re: [SECURITY] CVE-2021-25122 Apache Tomcat h2c request mix-up",
"url": "https://lists.apache.org/thread.html/rd0463f9a5cbc02a485404c4b990f0da452e5ac5c237808edba11c947@%3Cusers.tomcat.apache.org%3E"
"-Synchronized-Data."
2021-03-16 08:00:42 +00:00
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20210316 [SECURITY] [DLA 2596-1] tomcat8 security update",
"url": "https://lists.debian.org/debian-lts-announce/2021/03/msg00018.html"
"-Synchronized-Data."
2021-04-09 09:00:40 +00:00
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20210409-0002/",
"url": "https://security.netapp.com/advisory/ntap-20210409-0002/"
"-Synchronized-Data."
2021-04-15 00:00:45 +00:00
},
{
"refsource": "DEBIAN",
"name": "DSA-4891",
"url": "https://www.debian.org/security/2021/dsa-4891"
Two Tomcat issues public
2021-03-01 11:55:21 +00:00
}
]
},
"source": {
"discovery": "UNKNOWN"
"-Synchronized-Data."
2021-01-14 17:02:20 +00:00
}
"-Synchronized-Data."
2021-03-01 13:00:49 +00:00
}
Reference in New Issue Copy Permalink