Pardeep Kumar created TOMEE-2908:
------------------------------------
Summary: TomEE plus is affected by CVE-2020-7226 (BDSA-2020-2333)
vulnerability
Key: TOMEE-2908
URL: https://issues.apache.org/jira/browse/TOMEE-2908
Project: TomEE
Issue Type: Bug
Reporter: Pardeep Kumar
TomEE plus version is using the *cryptacular-1.0.jar* which is affected by
vulnerability CVE-2020-7226 (BDSA-2020-2333) with a CVSS score of 6.5 which
causes denial-of-service (DoS) due to the mismanagement of system memory
resources.
Please confirm if this vulnerability impacts version 7.0.7, 7.0.8, 7.1.2, and
7.1.3?
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
