tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jayant Sane <>
Subject Question about a known security vulnerability
Date Thu, 08 Mar 2012 21:49:18 GMT


This is in regard to the security vulnerability "Tomcat WAR Deployment Directory Traversal
Flaw May Cause Files to Be Deleted" as detailed in
Per the above, versions 5.5.0-5.5.28, 6.0.0-6.0.20 and possibly earlier versions were affected. 
Question: Does this affect version 7.0.23 and/or has it been confirmed fixed for v7.0.23?

The website security test tool we use reports this issue being present even in Tomcat version
7.0.23 so wanted to know.  I
I was told that I cannot post this question to the email address meant for reporting undisclosed
security vulnerabilities and I understand. 
thanks in advance,Jayant 		 	   		  
To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message