7.5

CVSS Score

3.0

-

CVSS Score

Basic Information

CVE ID

CVE-2016-6817

GHSA ID

GHSA-698c-2x4j-g9gq

EPSS Score

0.64064%

CWE

CWE-119

Published

5/14/2022

Updated

10/15/2024

KEV Status

Technology

Java

Basic Information

CVE ID

GHSA ID

EPSS Score

CWE

Published

Updated

KEV Status

Technology

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

CVE-2016-6817

CVE-2016-6817: Improper Restriction of Operations within the Bounds of a Memory Buffer in Apache Tomcat

The HTTP/2 header parser in Apache Tomcat 9.0.0.M1 to 9.0.0.M11 and 8.5.0 to 8.5.6 entered an infinite loop if a header was received that was larger than the available buffer. This made a denial of service attack possible.

(GitHub Advisory)

Miggo Vulnerability Database

→

CVE-2016-6817

CVE-2016-6817:

7.5

CVSS Score

3.0

-

CVSS Score

Basic Information

CVE ID

CVE-2016-6817

GHSA ID

GHSA-698c-2x4j-g9gq

EPSS Score

0.64064%

CWE

CWE-119

Published

5/14/2022

Updated

10/15/2024

KEV Status

Technology

Java

Basic Information

CVE ID

GHSA ID

EPSS Score

CWE

Published

Updated

KEV Status

Technology

Technical Details

CVSS Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
org.apache.tomcat:tomcat	maven	>= 9.0.0.M1, <= 9.0.0.M11	9.0.0.M12
org.apache.tomcat:tomcat	maven	>= 8.5.0, < 8.5.8	8.5.8

Technical Details

Vulnerability Intelligence
Miggo AI

Root Cause Analysis

The commit diff shows critical changes in Http2Parser.java's readHeaderPayload() method. The original implementation used a fixed 1024-byte buffer and a loop that subtracted 'payloadSize' without proper buffer expansion. This created an unreachable exit condition when headers exceeded buffer capacity. The patch introduces buffer expansion checks and dynamic resizing (via ByteBufferUtils.expand), confirming the vulnerability stemmed from improper buffer management in this function.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.

Reasoning

*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.

7.5

-

Basic Information

Basic Information

Concerned about an active attack path?

CVE-2016-6817: Improper Restriction of Operations within the Bounds of a Memory Buffer in Apache Tomcat

CVE-2016-6817:

7.5

-

Basic Information

Basic Information

Technical Details

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Vulnerability IntelligenceMiggo AI

Technical Details

Basic Information

Basic Information

7.5

7.5

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

CVE-2016-6817: Improper Restriction of Operations within the Bounds of a Memory Buffer in Apache Tomcat

Vulnerability Intelligence
Miggo AI

Vulnerability Intelligence
Miggo AI

Vulnerability Intelligence
Miggo AI