AVG-23 log
| Package | tomcat7 |
| Status | Fixed |
| Severity | Medium |
| Type | proxy injection |
| Affected | 7.0.70-1 |
| Fixed | 7.0.72-1 |
| Current | Removed |
| Ticket | None |
| Created | Tue Sep 20 21:01:46 2016 |
| Issue | Severity | Remote | Type | Description |
|---|---|---|---|---|
| CVE-2016-5388 | Medium | Yes | Proxy injection | It was discovered that tomcat used the value of the Proxy header from HTTP requests to initialize the HTTP_PROXY environment variable for CGI scripts, which... |
| Date | Advisory | Package | Type |
|---|---|---|---|
| 22 Sep 2016 | ASA-201609-21 | tomcat7 | proxy injection |