CVE-2017-5651

Priority
Description
In Apache Tomcat 9.0.0.M1 to 9.0.0.M18 and 8.5.0 to 8.5.12, the refactoring
of the HTTP connectors introduced a regression in the send file processing.
If the send file processing completed quickly, it was possible for the
Processor to be added to the processor cache twice. This could result in
the same Processor being used for multiple requests which in turn could
lead to unexpected errors and/or response mix-up.
Notes
Package
Upstream:released (8.5.11-2)
Ubuntu 16.04 ESM:not-affected
Ubuntu 14.04 ESM:DNE
Patches:
Package
Upstream:needs-triage
Ubuntu 14.04 ESM:DNE
Patches:
More Information

Updated: 2022-04-13 13:01:14 UTC (commit f411bd370d482ef4385c4e751d121a4055fbc009)