In Apache Tomcat 9.0.0.M1 to 9.0.0.M18 and 8.5.0 to 8.5.12, the refactoring of the HTTP connectors introduced a regression in the send file processing. If the send file processing completed quickly, it was possible for the Processor to be added to the processor cache twice. This could result in the same Processor being used for multiple requests which in turn could lead to unexpected errors and/or response mix-up.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
History
21 Nov 2024, 03:28
Type | Values Removed | Values Added |
---|---|---|
References | () http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html - | |
References | () http://www.securityfocus.com/bid/97544 - Third Party Advisory, VDB Entry | |
References | () http://www.securitytracker.com/id/1038219 - | |
References | () https://bz.apache.org/bugzilla/show_bug.cgi?id=60918 - Issue Tracking, Patch | |
References | () https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551%40%3Cdev.tomcat.apache.org%3E - | |
References | () https://lists.apache.org/thread.html/5c0e00fd31efc11e147bf99d0f03c00a734447d3b131ab0818644cdb%40%3Cdev.tomcat.apache.org%3E - | |
References | () https://lists.apache.org/thread.html/6694538826b87522fb723d2dcedd537e14ebe0a381d92e5525a531d8%40%3Cannounce.tomcat.apache.org%3E - | |
References | () https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3%40%3Cdev.tomcat.apache.org%3E - | |
References | () https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a%40%3Cdev.tomcat.apache.org%3E - | |
References | () https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc%40%3Cdev.tomcat.apache.org%3E - | |
References | () https://lists.apache.org/thread.html/eb6efa8d59c45a7a9eff94c4b925467d3b3fec8ba7697f3daa314b04%40%3Cdev.tomcat.apache.org%3E - | |
References | () https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d%40%3Cdev.tomcat.apache.org%3E - | |
References | () https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0%40%3Cdev.tomcat.apache.org%3E - | |
References | () https://security.gentoo.org/glsa/201705-09 - | |
References | () https://security.netapp.com/advisory/ntap-20180614-0001/ - |
07 Nov 2023, 02:49
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Information
Published : 2017-04-17 16:59
Updated : 2024-11-21 03:28
NVD link : CVE-2017-5651
Mitre link : CVE-2017-5651
CVE.ORG link : CVE-2017-5651
JSON object : View
Products Affected
apache
- tomcat
CWE