[ https://issues.apache.org/jira/browse/RANGER-4421?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Pradeep Agrawal updated RANGER-4421: ------------------------------------ Fix Version/s: 3.0.0 > Ranger - Upgrade Tomcat to 8.5.93/9.0.80 due to CVE-2023-41080 > -------------------------------------------------------------- > > Key: RANGER-4421 > URL: https://issues.apache.org/jira/browse/RANGER-4421 > Project: Ranger > Issue Type: Task > Components: Ranger > Reporter: Sanket Shelar > Assignee: Sanket Shelar > Priority: Major > Fix For: 3.0.0 > > Attachments: 0001-RANGER-4421.patch > > > URL Redirection to Untrusted Site ('Open Redirect') vulnerability in FORM > authentication feature Apache Tomcat.This issue affects Apache Tomcat: from > 11.0.0-M1 through 11.0.0-M10, from 10.1.0-M1 through 10.0.12, from 9.0.0-M1 > through 9.0.79 and from 8.5.0 through 8.5.92. The vulnerability is limited to > the ROOT (default) web application. > CVSSv3 Score:- 6.1(Medium) > [https://nvd.nist.gov/vuln/detail/CVE-2023-41080] -- This message was sent by Atlassian Jira (v8.20.10#820010)