← Back to CVE List

CVE-2021-25122

Published: 2021-03-01T12:15Z
Last Modified: 2024-11-21T05:54Z
Source: MITRE CVE List
License: MITRE-CVE-TOS
When responding to new h2c connection requests, Apache Tomcat versions 10.0.0-M1 to 10.0.0, 9.0.0.M1 to 9.0.41 and 8.5.0 to 8.5.61 could duplicate request headers and a limited amount of request body from one request to another meaning user A and user B could both see the results of user A's request. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt