vulnerability
Huawei EulerOS: CVE-2016-8745: tomcat security update
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:N/AC:L/Au:N/C:P/I:N/A:N) | Aug 10, 2017 | Jan 18, 2018 | May 5, 2025 |
Severity
5
CVSS
(AV:N/AC:L/Au:N/C:P/I:N/A:N)
Published
Aug 10, 2017
Added
Jan 18, 2018
Modified
May 5, 2025
Description
A bug was discovered in the error handling of the send file code for the NIO HTTP connector. This led to the current Processor object being added to the Processor cache multiple times allowing information leakage between requests including, and not limited to, session ID and the response body.
Solutions
huawei-euleros-2_0_sp2-upgrade-tomcathuawei-euleros-2_0_sp2-upgrade-tomcat-admin-webappshuawei-euleros-2_0_sp2-upgrade-tomcat-el-2.2-apihuawei-euleros-2_0_sp2-upgrade-tomcat-jsp-2.2-apihuawei-euleros-2_0_sp2-upgrade-tomcat-libhuawei-euleros-2_0_sp2-upgrade-tomcat-servlet-3.0-apihuawei-euleros-2_0_sp2-upgrade-tomcat-webapps
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.