Uploaded image for project: 'Optimization Framework'
  1. Optimization Framework
  2. OPTFRA-480

Fix tomcat-embed-core vulnerability

    XMLWordPrintable

Details

    • Task
    • Status: Closed
    • High
    • Resolution: Done
    • None
    • Dublin Release
    • CMSO
    • None

    Description

      Investigate and fix the tomcat-embed-core package vulnerability. The CGI Servlet in Apache Tomcat is vulnerable to Remote Code Execution.

      Until a fixed version is installed, the vulnerability can be mitigated by setting the CGI Servlet initialization parameter enableCmdLineArguments to false.

      Closing since this has been identified to be a false positive - please see Jerry's comments.

      Attachments

        Issue Links

          No reviews matched the request. Check your Options in the drop-down menu of this sections header.

          Activity

            People

              jf9860 Jerry Flood
              snarayanan Shankaranarayanan Puzhavakath Narayanan
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: