Security
Headlines
HeadlinesLatestCVEs

Headline

GHSA-r6j3-px5g-cq3x: Apache Tomcat Improper Input Validation vulnerability

Improper Input Validation vulnerability in Apache Tomcat.

Tomcat from 11.0.0-M1 through 11.0.0-M11, from 10.1.0-M1 through 10.1.13, from 9.0.0-M1 through 9.0.81 and from 8.5.0 through 8.5.93 did not correctly parse HTTP trailer headers. A specially crafted, invalid trailer header could cause Tomcat to treat a single request as multiple requests leading to the possibility of request smuggling when behind a reverse proxy.

Users are recommended to upgrade to version 11.0.0-M12 onwards, 10.1.14 onwards, 9.0.81 onwards or 8.5.94 onwards, which fix the issue.

ghsa
#vulnerability#apache#git#java#maven
  1. GitHub Advisory Database
  2. GitHub Reviewed
  3. CVE-2023-45648

Apache Tomcat Improper Input Validation vulnerability

Moderate severity GitHub Reviewed Published Oct 10, 2023 to the GitHub Advisory Database • Updated Oct 10, 2023

Package

maven org.apache.tomcat:tomcat (Maven)

Affected versions

>= 11.0.0-M1, < 11.0.0-M12

>= 10.1.0-M1, < 10.1.14

>= 9.0.0-M1, < 9.0.81

>= 8.5.0, < 8.5.94

Patched versions

11.0.0-M12

10.1.14

9.0.81

8.5.94

Published to the GitHub Advisory Database

Oct 10, 2023

Last updated

Oct 10, 2023

Related news

Ubuntu Security Notice USN-7106-1

Ubuntu Security Notice 7106-1 - It was discovered that Tomcat did not include the secure attribute for session cookies when using the RemoteIpFilter with requests from a reverse proxy. An attacker could possibly use this issue to leak sensitive information. It was discovered that Tomcat had a vulnerability in its FORM authentication feature, leading to an open redirect attack. An attacker could possibly use this issue to perform phishing attacks.

Red Hat Security Advisory 2024-4631-03

Red Hat Security Advisory 2024-4631-03 - Red Hat OpenShift Dev Spaces 3.15 has been released.

Red Hat Security Advisory 2023-6207-01

Red Hat Security Advisory 2023-6207-01 - Red Hat JBoss Web Server 5.7.6 zip release is now available for Red Hat Enterprise Linux 7, Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9, and Windows Server. Issues addressed include an information leakage vulnerability.

Red Hat Security Advisory 2023-6206-01

Red Hat Security Advisory 2023-6206-01 - An update is now available for Red Hat JBoss Web Server 5.7.6 on Red Hat Enterprise Linux versions 7, 8, and 9. Issues addressed include an information leakage vulnerability.

Debian Security Advisory 5522-1

Debian Linux Security Advisory 5522-1 - Several security vulnerabilities have been discovered in the Tomcat servlet and JSP engine.

CVE-2023-45648

Improper Input Validation vulnerability in Apache Tomcat.Tomcat from 11.0.0-M1 through 11.0.0-M11, from 10.1.0-M1 through 10.1.13, from 9.0.0-M1 through 9.0.81 and from 8.5.0 through 8.5.93 did not correctly parse HTTP trailer headers. A specially crafted, invalid trailer header could cause Tomcat to treat a single request as multiple requests leading to the possibility of request smuggling when behind a reverse proxy. Users are recommended to upgrade to version 11.0.0-M12 onwards, 10.1.14 onwards, 9.0.81 onwards or 8.5.94 onwards, which fix the issue.

CVE-2016-8735: Apache Tomcat® - Apache Tomcat 9 vulnerabilities

Remote code execution is possible with Apache Tomcat before 6.0.48, 7.x before 7.0.73, 8.x before 8.0.39, 8.5.x before 8.5.7, and 9.x before 9.0.0.M12 if JmxRemoteLifecycleListener is used and an attacker can reach JMX ports. The issue exists because this listener wasn't updated for consistency with the CVE-2016-3427 Oracle patch that affected credential types.

CVE-2016-6816: Apache Tomcat® - Apache Tomcat 9 vulnerabilities

The code in Apache Tomcat 9.0.0.M1 to 9.0.0.M11, 8.5.0 to 8.5.6, 8.0.0.RC1 to 8.0.38, 7.0.0 to 7.0.72, and 6.0.0 to 6.0.47 that parsed the HTTP request line permitted invalid characters. This could be exploited, in conjunction with a proxy that also permitted the invalid characters but with a different interpretation, to inject data into the HTTP response. By manipulating the HTTP response the attacker could poison a web-cache, perform an XSS attack and/or obtain sensitive information from requests other then their own.