AVG-23

Package tomcat7
Status Fixed
Severity Medium
Type proxy injection
Affected 7.0.70-1
Fixed 7.0.72-1
Current 7.0.82-1 [extra]
Ticket None
Created Tue Sep 20 21:01:46 2016
Issue Severity Remote Type Description
CVE-2016-5388 Medium Yes Proxy injection
It was discovered that tomcat used the value of the Proxy header from HTTP requests to initialize the HTTP_PROXY environment variable for CGI scripts, which...
Date Advisory Package Description
22 Sep 2016 ASA-201609-21 tomcat7 proxy injection