Upgrade Tomcat to fix CVE-2023-34981

XMLWordPrintable

    • 7
    • Severity 2 - Major
    • 4

      Issue Summary

      Apache Tomcat should be upgraded to 9.0.75+ or a later version to fix CVE-2023-34981

      Bamboo is not vulnerable to this issue as it does not bundle Apache Tomcat 9.0.74 on any of its releases.

      This is an informational ticket to inform customers about the underlying CVE.

      Environment

      • Bamboo 9

      Steps to Reproduce

      • Check the Apache Tomcat version on pom.xml or <bamboo-install>/bin/version.sh/bat

      Expected Results

      • Bamboo 9.x: apache-tomcat 9.0.75 or later

      Actual Results

      • Bamboo 9.x: apache-tomcat 9.0.74

            Assignee:
            Unassigned
            Reporter:
            Eduardo Alvarenga (Inactive)
            Votes:
            2 Vote for this issue
            Watchers:
            6 Start watching this issue

              Created:
              Updated:
              Resolved: