I truly appreciate your swift response, Mark. Thank you so much!
On Thu, Dec 19, 2024 at 4:23 PM Mark Thomas wrote:
> On 19/12/2024 10:49, Thiru wrote:
> > Hello There,
> >
> > Good day!
> >
> > Could you kindly help clarify the following regarding CVE-2024-50379?
> >
> > In the default Tomcat
On 19/12/2024 10:49, Thiru wrote:
Hello There,
Good day!
Could you kindly help clarify the following regarding CVE-2024-50379?
In the default Tomcat setup, the readonly initialization parameter of the
DefaultServlet is not write-enabled, even for a case-insensitive file
system (Reference: http
Hello There,
Good day!
Could you kindly help clarify the following regarding CVE-2024-50379?
In the default Tomcat setup, the readonly initialization parameter of the
DefaultServlet is not write-enabled, even for a case-insensitive file
system (Reference: https://tomcat.apache.org/tomcat-9.0-doc
CVE-2024-50379 Apache Tomcat - RCE via write-enabled default servlet
Severity: Important
Vendor: The Apache Software Foundation
Versions Affected:
Apache Tomcat 11.0.0-M1 to 11.0.1
Apache Tomcat 10.1.0-M1 to 10.1.33
Apache Tomcat 9.0.0.M1 to 9.0.97
Description:
If the default servlet is write
