I’d like to know if the latest version of Tomcat 7 and Tomcat 8 are affected by CVE-2017-6056.
If so, when is the update to fix the vulnerability going to be released. I couldn’t find the reference on any of the vulnerabilities pages: https://tomcat.apache.org/security.html Thanks. PT