Uploaded image for project: 'TomEE'
  1. TomEE
  2. TOMEE-2909

Impact of security vulnerability(CVE-2020-9484) on TOMEE plus (7.0.7)

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Closed
    • Major
    • Resolution: Fixed
    • None
    • 7.0.9
    • None
    • None

    Description

      TomEE plus (7.0.7) is using Apache Tomcat 8.5.50 version. Can you confirm if TomEE plus (7.0.7) is impacted by CVE-2020-9484 or BDSA-2020-1193?

      Solution - (Copied from BDSA record)
      Fixed in 10.0.0.M5 by this commit.

      The latest stable releases can be found here.

      http://tomcat.apache.org/security-10.html

      Advisories

      If impacted, can you please upgrade TOMEE plus(7.0.7) with fixed versions of Tomcat ?

      Attachments

        Activity

          People

            jgallimore Jonathan Gallimore
            tamminenih1261 Hariprasad tammineni
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: