On 15/11/2017 19:05, Jason Liebig wrote:
> Hello, We are running Tomcat version 8.0.33 and we see numerous
> vulnerabilities from a scan of our companies MSI files related to
> vulnerabilities in Tomcat 8.0.33. We have found CVE's such as
> CVE-2016-3092 and CVE-2016-1240 we are trying to find out if Windows
> Server is affected or if these are exclusive to Linux. Can you
> confirm or point me in the direction of documentation that could help
> us identify if certain CVE's are affecting Windows 2016? Thanks.


CVE-2016-3092 - Windows is affected.

CVE-2016-1240 - This was a vulnerability in a subset of Linux
distributions. Windows was not affected. Nor was any distribution
obtained directly from the ASF.


To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Reply via email to