|166906||Apache Tomcat 9.0.0-M1 < 9.0.68 Request Smuggling Vulnerability
Path : /spectrum/webtomcat/bin/
Installed version : 9.0.65 >>> should be 9.0.68
|166316||Oracle Java SE Multiple Vulnerabilities (October 2022 CPU)
Path : /spectrum/Install-Tools/jre11/
Installed version : 11.0.16 >>> should be 11.0.17
When is it planned to remediate the above findings?
Release : 22.2
Apache Tomcat 9.0.68 (US852890) is currently slated for Spectrum in NetOps 22.2.4.
While Spectrum still uses Java 8, there is a small part that uses Java 11. NetOps plans to upgrade to AdoptOpenJDK 11.0.17+8 (F129633) for the 22.2.5 release.