[jira] [Assigned] (TOMEE-2908) TomEE plus is affected by CVE-2020-7226 (BDSA-2020-2333) vulnerability

Jonathan Gallimore (Jira) Tue, 13 Oct 2020 02:00:20 -0700


     [ 
https://issues.apache.org/jira/browse/TOMEE-2908?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Jonathan Gallimore reassigned TOMEE-2908:
-----------------------------------------

    Assignee: Jonathan Gallimore

> TomEE plus is affected by CVE-2020-7226 (BDSA-2020-2333) vulnerability
> ----------------------------------------------------------------------
>
>                 Key: TOMEE-2908
>                 URL: https://issues.apache.org/jira/browse/TOMEE-2908
>             Project: TomEE
>          Issue Type: Bug
>            Reporter: Pardeep Kumar
>            Assignee: Jonathan Gallimore
>            Priority: Major
>
> TomEE plus version is using the *cryptacular-1.0.jar* which is affected by 
> vulnerability CVE-2020-7226 (BDSA-2020-2333) with a CVSS score of 6.5 which 
> causes denial-of-service (DoS) due to the mismanagement of system memory 
> resources.
> Please confirm if this vulnerability impacts version 7.0.7, 7.0.8, 7.1.2, and 
> 7.1.3?



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Assigned] (TOMEE-2908) TomEE plus is affected by CVE-2020-7226 (BDSA-2020-2333) vulnerability

Reply via email to