AVG-25

Package tomcat8
Status Fixed
Severity Medium
Type proxy injection
Affected 8.0.36-1
Fixed 8.0.37-1
Current 8.0.47-1 [extra]
Ticket None
Created Wed Sep 21 11:36:29 2016
Issue Severity Remote Type Description
CVE-2016-5388 Medium Yes Proxy injection
It was discovered that tomcat used the value of the Proxy header from HTTP requests to initialize the HTTP_PROXY environment variable for CGI scripts, which...
Date Advisory Package Description
07 Sep 2016 ASA-201609-7 tomcat8 proxy injection