virus logo FortiClient Vulnerability

Apache Tomcat CVE-2011-1475 Input Validation Bypass Vulnerability

description-logoDescription

Changes introduced to the HTTP BIO connector to support Servlet 3.0 asynchronous requests did not fully account for HTTP pipelining. As a result, when using HTTP pipelining a range of unexpected behaviours occurred including the mixing up of responses between requests. While the mix-up in responses was only observed between requests from the same user, a mix-up of responses for requests from different users may also be possible.

affected-products-logoAffected Applications

Apache Tomcat

CVE References

CVE-2011-1475

Other References

http://tomcat.apache.org/security.html
ID 54585
Created Jan 17, 2020
Description
Updated		 Dec 14, 2023
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon lightgray-background-circle-icon
Coverage FortiClient
OS Linux
Vendor Apache
Patch manual
Application Apache Tomcat