You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@tomee.apache.org by "Hariprasad tammineni (Jira)" <ji...@apache.org> on 2020/10/13 08:58:00 UTC
[jira] [Created] (TOMEE-2909) Impact of security
vulnerability(CVE-2020-9484) on TOMEE plus (7.0.7)
Hariprasad tammineni created TOMEE-2909:
-------------------------------------------
Summary: Impact of security vulnerability(CVE-2020-9484) on TOMEE plus (7.0.7)
Key: TOMEE-2909
URL: https://issues.apache.org/jira/browse/TOMEE-2909
Project: TomEE
Issue Type: Bug
Reporter: Hariprasad tammineni
TomEE plus (7.0.7) is using Apache Tomcat 8.5.50 version. Can you confirm if TomEE plus (7.0.7) is impacted by [CVE-2020-9484|https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9484]?
Apache Tomcat(8.5.51) addresses this vulnerability. Is there any scheduled release of TomEE plus(7.0.7) with this component ?
If impacted, can you please upgrade TOMEE plus(7.0.7) with fixed versions of Tomcat.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)