Just to confirm - I saw you incorporated fixes for that CVE into recent Tomcats.
Is there a setting in Server or Web.xml for these or do they need to be set programmatically within an application using the functions in Commons-FileUpload? Abt
- CVE2023-24998 configuration A Name
- Re: CVE2023-24998 configuration Mark Thomas
