Apache Tomcat CVE-2016-8747 Information Disclosure Vulnerability
Description
The refactoring to make wider use of ByteBuffer introduced a regression that could cause information to leak between requests on the same connection. When running behind a reverse proxy, this could result in information leakage between users. All HTTP connector variants are affected but HTTP/2 and AJP are not affected.
Affected Applications
Apache Tomcat