https://bz.apache.org/bugzilla/show_bug.cgi?id=65517
--- Comment #4 from Mikko Suonio <mikko.suo...@gmail.com> --- I would like Tomcat developers to state clearly that this is not a valid vulnerability. This would make it easier for Tomcat users to dismiss the issue detected by vulnerability analysis of their software. Also, it would be excellent, if you could communicate these inaccuracies to NIST NVD. This might help to correct the CVE description faster and reduce the impact to Tomcat users. If this is not possible, users could point NIST staff to the issue description on Tomcat site and forums, if available. Thank you for the quick response. I do not understand why Tomcat was associated with this CVE. -- You are receiving this mail because: You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
