- Home
- CVEs with nessus.description==The version of Apache Tomcat installed on the remote host is 8.5.7
or later but prior to 8.5.11. It is, therefore, affected by an
information disclosure vulnerability in the nextRequest() function in
Http11InputBuffer.java due to improper limits of a ByteBuffer being
set. An unauthenticated, remote attacker can exploit this to disclose
ByteBuffer data associated with a different request.
Note that Nessus has not attempted to exploit this issue but has
instead relied only on the application's self-reported version number.
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top