Search for packages
| purl | pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@7.0.9 |
| Tags | Ghost |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-p378-4jg4-aaam
Aliases: CVE-2016-8745 GHSA-w3j5-q8f2-3cqq |
Information Exposure A bug in the error handling of the NIO HTTP connector in Apache Tomcat resulted in the current Processor object being added to the Processor cache multiple times. This in turn meant that the same Processor could be used for concurrent requests. Sharing a Processor can result in information leakage. |
Affected by 22 other vulnerabilities. Affected by 18 other vulnerabilities. Affected by 43 other vulnerabilities. Affected by 39 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2024-09-17T22:40:52.539351+00:00 | GitLab Importer | Affected by | VCID-p378-4jg4-aaam | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.tomcat.embed/tomcat-embed-core/CVE-2016-8745.yml | 34.0.1 |
| 2024-01-03T18:03:16.040227+00:00 | GitLab Importer | Affected by | VCID-p378-4jg4-aaam | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.tomcat.embed/tomcat-embed-core/CVE-2016-8745.yml | 34.0.0rc1 |