On Mon, 2023-10-30 at 22:35 +0000, Marcelo Carvalho via FreeIPA-users wrote: > Hi Rob > > Thanks for helping out here. I was pulled sideways and I am > returning to this issue now. I am sorry. > > Vulnerability showing is "Apache Tomcat 9.0.0-M1 < 9.0.68 Request > Smuggling Vulnerability"
If this scanner gives you a CVE reference then look it up at https://access.redhat.com/security/cve/ If the vulnerability has been fixed in a backport, or if the scanner doesn't give you a CVE reference, then that is evidence that the scanner is garbage. -- Sam Morris <[email protected]> _______________________________________________ FreeIPA-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected] Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
