Your submission was sent successfully! Close

You have successfully unsubscribed! Close

CVE-2020-17527

Published: 3 December 2020

While investigating bug 64830 it was discovered that Apache Tomcat 10.0.0-M1 to 10.0.0-M9, 9.0.0-M1 to 9.0.39 and 8.5.0 to 8.5.59 could re-use an HTTP request header value from the previous stream received on an HTTP/2 connection for the request associated with the subsequent stream. While this would most likely lead to an error and the closure of the HTTP/2 connection, it is possible that information could leak between requests.

Priority

Medium

Cvss 3 Severity Score

7.5

Score breakdown

Status

Package Release Status
tomcat8
Launchpad, Ubuntu, Debian
bionic Needed

focal Does not exist

groovy Does not exist

hirsute Does not exist

impish Does not exist

jammy Does not exist

kinetic Does not exist

precise Does not exist

trusty Does not exist

upstream Needs triage

xenial Not vulnerable
(code not present)
tomcat9
Launchpad, Ubuntu, Debian
bionic
Released (9.0.16-3ubuntu0.18.04.2)
focal
Released (9.0.31-1ubuntu0.2)
groovy Ignored
(reached end-of-life)
hirsute Not vulnerable

impish Not vulnerable

jammy Not vulnerable

kinetic Not vulnerable

precise Does not exist

trusty Does not exist

upstream
Released (9.0.40-1)
xenial Does not exist

Severity score breakdown

Parameter Value
Base score 7.5
Attack vector Network
Attack complexity Low
Privileges required None
User interaction None
Scope Unchanged
Confidentiality High
Integrity impact None
Availability impact None
Vector CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N