java/org/apache/catalina/core/AsyncContextImpl.java in Apache Tomcat 7.x before 7.0.40 does not properly handle the throwing of a RuntimeException in an AsyncListener in an application, which allows. Rated low severity (CVSS 2.6), this vulnerability is remotely exploitable. Public exploit code available.
Tomcat
Apache
Information Disclosure
Java
NVD
CVSS 2.0
2.6
EPSS
8.4%