suse · CVE-2016-8747

Quick triage

Priority: medium 公開: 2021-05-30 13:47:08 UTC Updated: 2026-04-18 15:57:08 UTC

参照: Official suse advisory, NVD, CVE.org · CVE 詳細

Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.

Tracker summary

CVE-2016-8747 severity moderate: SUSE including 12 source package names (tomcat, tomcat-admin-webapps, …), 27 product×package rows across 3 product lines (SUSE Linux Enterprise Server 12 SP1, SUSE Linux Enterprise Server 12 SP2, SUSE Linux Enterprise Server 12-LTSS): Known Not Affected 27.

Description:

An information disclosure issue was discovered in Apache Tomcat 8.5.7 to 8.5.9 and 9.0.0.M11 to 9.0.0.M15 in reverse-proxy configurations. Http11InputBuffer.java allows remote attackers to read data that was intended to be associated with a different request.

cvelogic Threat Intelligence