Sanket Shelar created RANGER-4421: ------------------------------------- Summary: Ranger - Upgrade Tomcat to 8.5.93/9.0.80 due to CVE-2023-41080 Key: RANGER-4421 URL: https://issues.apache.org/jira/browse/RANGER-4421 Project: Ranger Issue Type: Task Components: Ranger Reporter: Sanket Shelar Assignee: Sanket Shelar
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in FORM authentication feature Apache Tomcat.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M10, from 10.1.0-M1 through 10.0.12, from 9.0.0-M1 through 9.0.79 and from 8.5.0 through 8.5.92. The vulnerability is limited to the ROOT (default) web application. CVSSv3 Score:- 6.1(Medium) [https://nvd.nist.gov/vuln/detail/CVE-2023-41080] -- This message was sent by Atlassian Jira (v8.20.10#820010)