Guzman Castanedo created TOMEE-4047:
---------------------------------------
Summary: CVE-2022-29885 vulnerability on TomEE 7.0.9 version
Key: TOMEE-4047
URL: https://issues.apache.org/jira/browse/TOMEE-4047
Project: TomEE
Issue Type: Bug
Affects Versions: 7.0.9
Reporter: Guzman Castanedo
Fix For: 7.0.10
Hello,
We are using TomEE 7.0.9 and we have found that this version is affected by
CVE-2022-29885, because it uses internally tomcat 8.5.57.
The tomcat versions affected by this vulnerability are between 8.5.38 and
8.5.78.
It is planned to fix this issue on next TomEE 7.0 versions?
We have found the same problem in TomEE 7.1 version.
References:
* [https://nvd.nist.gov/vuln/detail/CVE-2022-29885]
Thank you very much.
Best regards.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)