Affected by CVE-2021-42340
|CVE||CVSS Base Score||GITSIR's Rating||Product Name||Affected Version|
|CVE-2021-42340||Not Available||Not Available||Apache Tomcat||Apache Tomcat 10.1.0-M1 to 10.1.0-M5
Apache Tomcat 10.0.0-M1 to 10.0.11
Apache Tomcat 9.0.40 to 9.0.53
Apache Tomcat 8.5.60 to 8.5.71
Release : 21.2
The solution is to upgrade tomcat to either :
User story US782605 has been created for upgrading Tomcat to 9.0.54. It will be part of 21.2.6 if no issues observed during testing.
Note : This document is published in Nov-2021, it will updated once the upgrade is done.