[jira] [Resolved] (RANGER-4421) Ranger - Upgrade Tomcat to 8.5.93/9.0.80 due to CVE-2023-41080

Pradeep Agrawal (Jira) Fri, 22 Sep 2023 00:14:57 -0700


     [ 
https://issues.apache.org/jira/browse/RANGER-4421?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Pradeep Agrawal resolved RANGER-4421.
-------------------------------------
    Resolution: Fixed

https://github.com/apache/ranger/commit/0b8eb1c15338de978adc5b80e92b39eb410d37d2

> Ranger - Upgrade Tomcat to 8.5.93/9.0.80 due to CVE-2023-41080
> --------------------------------------------------------------
>
>                 Key: RANGER-4421
>                 URL: https://issues.apache.org/jira/browse/RANGER-4421
>             Project: Ranger
>          Issue Type: Task
>          Components: Ranger
>            Reporter: Sanket Shelar
>            Assignee: Sanket Shelar
>            Priority: Major
>         Attachments: 0001-RANGER-4421.patch
>
>
> URL Redirection to Untrusted Site ('Open Redirect') vulnerability in FORM 
> authentication feature Apache Tomcat.This issue affects Apache Tomcat: from 
> 11.0.0-M1 through 11.0.0-M10, from 10.1.0-M1 through 10.0.12, from 9.0.0-M1 
> through 9.0.79 and from 8.5.0 through 8.5.92. The vulnerability is limited to 
> the ROOT (default) web application.
> CVSSv3 Score:- 6.1(Medium)
> [https://nvd.nist.gov/vuln/detail/CVE-2023-41080]



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Resolved] (RANGER-4421) Ranger - Upgrade Tomcat to 8.5.93/9.0.80 due to CVE-2023-41080

Reply via email to