Description

While investigating bug 64830 it was discovered that Apache Tomcat 10.0.0-M1 to 10.0.0-M9, 9.0.0-M1 to 9.0.39 and 8.5.0 to 8.5.59 could re-use an HTTP request header value from the previous stream received on an HTTP/2 connection for the request associated with the subsequent stream. While this would most likely lead to an error and the closure of the HTTP/2 connection, it is possible that information could leak between requests.

Remediation

References

CVE-2020-17527

Related Vulnerabilities

WordPress Plugin iThemes Security (formerly Better WP Security) Cross-Site Scripting (3.2.4)

WordPress 4.2.x Multiple Vulnerabilities (4.2 - 4.2.27)

MediaWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-6333)

PHP Permissions, Privileges, and Access Controls Vulnerability (CVE-2008-7002)

MediaWiki Incorrect Permission Assignment for Critical Resource Vulnerability (CVE-2020-35625)

Severity

High

Classification

CVE-2020-17527 CWE-200 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Tags

Missing Update Known Vulnerabilities