AVG-25 log

Package tomcat8
Status Fixed
Severity Medium
Type proxy injection
Affected 8.0.36-1
Fixed 8.0.37-1
Current 8.5.100-1 [extra]
Ticket None
Created Wed Sep 21 11:36:29 2016
Issue Severity Remote Type Description
CVE-2016-5388 Medium Yes Proxy injection
It was discovered that tomcat used the value of the Proxy header from HTTP requests to initialize the HTTP_PROXY environment variable for CGI scripts, which...
Date Advisory Package Type
07 Sep 2016 ASA-201609-7 tomcat8 proxy injection