You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@tomee.apache.org by "Guzman Castanedo (Jira)" <ji...@apache.org> on 2022/09/15 07:54:00 UTC
[jira] [Created] (TOMEE-4047) CVE-2022-29885 vulnerability on TomEE 7.0.9 version
Guzman Castanedo created TOMEE-4047:
---------------------------------------
Summary: CVE-2022-29885 vulnerability on TomEE 7.0.9 version
Key: TOMEE-4047
URL: https://issues.apache.org/jira/browse/TOMEE-4047
Project: TomEE
Issue Type: Bug
Affects Versions: 7.0.9
Reporter: Guzman Castanedo
Fix For: 7.0.10
Hello,
We are using TomEE 7.0.9 and we have found that this version is affected by CVE-2022-29885, because it uses internally tomcat 8.5.57.
The tomcat versions affected by this vulnerability are between 8.5.38 and 8.5.78.
It is planned to fix this issue on next TomEE 7.0 versions?
We have found the same problem in TomEE 7.1 version.
References:
* [https://nvd.nist.gov/vuln/detail/CVE-2022-29885]
Thank you very much.
Best regards.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)