tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Leon Rosenberg <>
Subject CVE-2010-4476 - is it fixed or not?
Date Thu, 10 Feb 2011 23:03:59 GMT

short question, I read in the
that a possible DoS attack vulnerability has been fixed in Request
Does that mean that CVE-2010-4476 is
a) not an issue with 6.0.32++
b) not an issue unless the app uses Double.parseDouble
c) probably not in issue in tomcat, at least until someone finds out it is.


To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message