Apache Tomcat – CVE-2021-25329 Incomplete fix for CVE-2020-9484 (RCE via session persistence)
The fix for CVE-2020-9484 was incomplete. When using a highly unlikely configuration edge case, the Tomcat instance was still vulnerable
Read MoreThe fix for CVE-2020-9484 was incomplete. When using a highly unlikely configuration edge case, the Tomcat instance was still vulnerable
Read More