AVG-25 log
| Package | tomcat8 |
| Status | Fixed |
| Severity | Medium |
| Type | proxy injection |
| Affected | 8.0.36-1 |
| Fixed | 8.0.37-1 |
| Current | 8.5.100-2 [extra] |
| Ticket | None |
| Created | Wed Sep 21 11:36:29 2016 |
| Issue | Severity | Remote | Type | Description |
|---|---|---|---|---|
| CVE-2016-5388 | Medium | Yes | Proxy injection | It was discovered that tomcat used the value of the Proxy header from HTTP requests to initialize the HTTP_PROXY environment variable for CGI scripts, which... |
| Date | Advisory | Package | Type |
|---|---|---|---|
| 07 Sep 2016 | ASA-201609-7 | tomcat8 | proxy injection |