CVE-2021-33037
maven/org.apache.tomcat/tomcat-coyote
Inconsistent Interpretation of HTTP Requests (HTTP Request Smuggling)
Apache Tomcat does not correctly parse the HTTP transfer-encoding request header in some circumstances leading to the possibility to request smuggling when used with a reverse proxy.
All versions starting from 8.5.0 before 8.5.68, all versions starting from 9.0.0 before 9.0.48, all versions starting from 10.0.0 before 10.0.7
Upgrade to versions 8.5.68, 9.0.48, 10.0.7 or above.
2021-07-16
source |