CVE-2020-17527
HIGHApache Tomcat <10.0.0-M9, 9.0.39, 8.5.59 - Info Disclosure
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2020-17527. PoCs published by forse01.
AI-analyzed exploit summary The repository appears to be a stub or incomplete PoC for CVE-2020-17527, containing only standard Tomcat configuration files and no exploit code. The README is empty, and no offensive techniques are present.
Description
While investigating bug 64830 it was discovered that Apache Tomcat 10.0.0-M1 to 10.0.0-M9, 9.0.0-M1 to 9.0.39 and 8.5.0 to 8.5.59 could re-use an HTTP request header value from the previous stream received on an HTTP/2 connection for the request associated with the subsequent stream. While this would most likely lead to an error and the closure of the HTTP/2 connection, it is possible that information could leak between requests.
Exploits (1)
nomisec
STUB
2 stars
by forse01 · poc
https://github.com/forse01/CVE-2020-17527-Tomcat
The repository appears to be a stub or incomplete PoC for CVE-2020-17527, containing only standard Tomcat configuration files and no exploit code. The README is empty, and no offensive techniques are present.
Classification
Stub 90%
Attack Type
Other
Complexity
Trivial
Reliability
Theoretical
Target:
Apache Tomcat
No auth needed
Prerequisites:
None identified
devstral-2 · analyzed Feb 16, 2026
Full analysis →
References (24)
Core 24
Core References
Mailing List, Vendor Advisory x_refsource_misc
https://lists.apache.org/thread.html/rce5ac9a40173651d540babce59f6f3825f12c6d4e886ba00823b11e5%40%3Cannounce.tomcat.apache.org%3E
Mailing List mailing-list
x_refsource_mlist
https://lists.apache.org/thread.html/r8a227ac6a755a6406c1cc47dd48800e973d4cf13fe7fe68ac59c679c%40%3Cdev.tomcat.apache.org%3E
Mailing List mailing-list
x_refsource_mlist
https://lists.apache.org/thread.html/raa0e9ad388c1e6fd1e301b5e080f9439f64cb4178119a86a4801cc53%40%3Cdev.tomcat.apache.org%3E
Mailing List mailing-list
x_refsource_mlist
https://lists.apache.org/thread.html/rce5ac9a40173651d540babce59f6f3825f12c6d4e886ba00823b11e5%40%3Cannounce.apache.org%3E
Mailing List mailing-list
x_refsource_mlist
https://lists.apache.org/thread.html/rd5babd13d7a350b369b2f647b4dd32ce678af42f9aba5389df1ae6ca%40%3Cusers.tomcat.apache.org%3E
Mailing List, Third Party Advisory mailing-list
x_refsource_mlist
http://www.openwall.com/lists/oss-security/2020/12/03/3
Mailing List mailing-list
x_refsource_mlist
https://lists.apache.org/thread.html/rabbe6b3ae6a9795641d7a05c00d2378d5bbbe4240b7e20f09b092cce%40%3Cissues.guacamole.apache.org%3E
Mailing List mailing-list
x_refsource_mlist
https://lists.apache.org/thread.html/ra35c8d617b17d59f400112cebadec43ad379f98198b4a9726190d7ee%40%3Cissues.guacamole.apache.org%3E
Mailing List mailing-list
x_refsource_mlist
https://lists.apache.org/thread.html/r9fd47f1b03e9b41d16a5cf72659b533887267d3398d963c2fff3abfa%40%3Ccommits.tomee.apache.org%3E
Mailing List mailing-list
x_refsource_mlist
https://lists.apache.org/thread.html/r26a2a66339087fc37db3caf201e446d3e83b5cce314371e235ff1784%40%3Ccommits.tomee.apache.org%3E
Mailing List, Third Party Advisory mailing-list
x_refsource_mlist
https://lists.debian.org/debian-lts-announce/2020/12/msg00022.html
Third Party Advisory vendor-advisory
x_refsource_gentoo
https://security.gentoo.org/glsa/202012-23
Mailing List mailing-list
x_refsource_mlist
https://lists.apache.org/thread.html/rca833c6d42b7b9ce1563488c0929f29fcc95947d86e5e740258c8937%40%3Cdev.tomcat.apache.org%3E
Mailing List mailing-list
x_refsource_mlist
https://lists.apache.org/thread.html/ra9fcdb904dd2e2256ef90b3e4ced279cd464cb0ab63a6c64df5c010d%40%3Cannounce.apache.org%3E
Mailing List mailing-list
x_refsource_mlist
https://lists.apache.org/thread.html/r5a285242737ddef4d338236328aaaf3237183e1465a5efafd16b99ed%40%3Cdev.tomcat.apache.org%3E
Mailing List mailing-list
x_refsource_mlist
https://lists.apache.org/thread.html/ra9fcdb904dd2e2256ef90b3e4ced279cd464cb0ab63a6c64df5c010d%40%3Cannounce.tomcat.apache.org%3E
Mailing List mailing-list
x_refsource_mlist
https://lists.apache.org/thread.html/rbba08c4dcef3603e36276d49adda8eedbe458c5104314b4038f697e1%40%3Cusers.tomcat.apache.org%3E
Third Party Advisory vendor-advisory
x_refsource_debian
https://www.debian.org/security/2021/dsa-4835
Mailing List mailing-list
x_refsource_mlist
https://lists.apache.org/thread.html/r2d6e05c5ff96f8068a59dfdb3800e9ee8d4e36ce1971783c6e5f9b20%40%3Ccommits.tomee.apache.org%3E
Patch, Third Party Advisory x_refsource_misc
https://www.oracle.com/security-alerts/cpuApr2021.html
Third Party Advisory x_refsource_confirm
https://security.netapp.com/advisory/ntap-20201210-0003/
Patch, Third Party Advisory x_refsource_misc
https://www.oracle.com//security-alerts/cpujul2021.html
Patch, Third Party Advisory x_refsource_misc
https://www.oracle.com/security-alerts/cpujan2022.html
Patch, Third Party Advisory x_refsource_misc
https://www.oracle.com/security-alerts/cpuapr2022.html
Scores
CVSS v3
7.5
EPSS
0.2462
EPSS Percentile
97.6%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Details
CWE
CWE-200
Status
published
Products (20)
apache/tomcat
9.0.0 milestone10 (23 CPE variants)
apache/tomcat
9.0.35-3.39.1
apache/tomcat
9.0.35-3.57.3
apache/tomcat
9.0.36
apache/tomcat
9.0.37
apache/tomcat
9.0.38
apache/tomcat
9.0.39
apache/tomcat
10.0.0 milestone1 (9 CPE variants)
apache/tomcat
8.5.1 - 8.5.59
debian/debian_linux
9.0
... and 10 more
Published
Dec 03, 2020
Tracked Since
Feb 18, 2026