SUSE-SU-2023:4423-1 -- SLES tomcatID: oval:org.secpod.oval:def:89051096 | Date: (C)2024-01-23 (M)2024-06-24 |
Class: PATCH | Family: unix |
This update for tomcat fixes the following issues: * CVE-2023-42795: Fixed a potential information leak due to insufficient cleanup . * CVE-2023-45648: Fixed a request smuggling issue due to an incorrect parsing of HTTP trailer headers . * CVE-2023-41080: Fixed URL Redirection to Untrusted Site vulnerability in FORM authentication feature .
Platform: |
SUSE Linux Enterprise Server 15 SP1 |