Updated tomcat packages fix security vulnerabilities
Publication date: 27 Nov 2024Modification date: 27 Nov 2024
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-52316 , CVE-2024-52318
Description
Authentication bypass when using Jakarta Authentication API.
(CVE-2024-52316)
Incorrect JSP tag recycling leads to XSS. (CVE-2024-52318)
References
SRPMS
9/core
- tomcat-9.0.97-1.mga9