On 5/17/2011 5:46 AM, Mark Thomas wrote:
CVE-2011-1582 Apache Tomcat security constraint bypass
Description:
An error in the fixes for CVE-2011-1088/CVE-2011-1183 meant that
security constraints configured via annotations were ignored on the
first request to a Servlet. Subsequent requests were s
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
CVE-2011-1582 Apache Tomcat security constraint bypass
Severity: Important
Vendor: The Apache Software Foundation
Versions Affected:
- - Tomcat 7.0.12-7.0.13
- - Earlier versions are not affected
Description:
An error in the fixes for CVE-2011-1088