Description
java/org/apache/catalina/core/AsyncContextImpl.java in Apache Tomcat 7.x before 7.0.40 does not properly handle the throwing of a RuntimeException in an AsyncListener in an application, which allows context-dependent attackers to obtain sensitive request information intended for other applications in opportunistic circumstances via an application that records the requests that it processes.
Remediation
References
Related Vulnerabilities
MySQL CVE-2018-2784 Vulnerability (CVE-2018-2784)
WordPress Plugin Database for Contact Form 7, WPforms, Elementor forms Cross-Site Scripting (1.2.0)
MySQL Numeric Errors Vulnerability (CVE-2016-2105)
WordPress Plugin Donation Block For PayPal Unspecified Vulnerability (1.0.0)
OpenSSL NULL Pointer Dereference Vulnerability (CVE-2023-0401)