Shulou(Shulou.com)05/31 Report--

This article mainly explains "what to do when there is a security loophole in Tomcat". The content in the article is simple and clear, and it is easy to learn and understand. Please follow the editor's train of thought to study and learn "what to do when there is a security vulnerability in Tomcat".

In order to avoid the above vulnerabilities, there are two upgrade schemes:

Upgrade the Spring Boot version directly.

Manually upgrade the Tomcat version.

Upgrade Spring Cloud Edgware / Spring Boot 1.5.x

Edgware cannot resolve the problem by upgrading the Spring Boot version.

8.5.56

Org.apache.tomcat.embed

Tomcat-embed-core

${tomcat-embed.version}

Org.apache.tomcat.embed

Tomcat-embed-el

${tomcat-embed.version}

Org.apache.tomcat.embed

Tomcat-embed-websocket

${tomcat-embed.version}

Org.apache.tomcat

Tomcat-annotations-api

${tomcat-embed.version}

Upgrade Spring Cloud Finchley / Spring Boot 2.0.x

Finchley cannot resolve the problem by upgrading the Spring Boot version.

8.5.56

Org.apache.tomcat.embed

Tomcat-embed-core

${tomcat-embed.version}

Org.apache.tomcat.embed

Tomcat-embed-el

${tomcat-embed.version}

Org.apache.tomcat.embed

Tomcat-embed-websocket

${tomcat-embed.version}

Upgrade Spring Cloud Greenwich / Spring Boot 2.1.x1. Upgrade Spring Boot

Org.springframework.boot

Spring-boot-starter-parent

2.1.15.RELEASE

two。 Upgrade Tomcat

9.0.36

Org.apache.tomcat.embed

Tomcat-embed-core

${tomcat-embed.version}

Org.apache.tomcat.embed

Tomcat-embed-el

${tomcat-embed.version}

Org.apache.tomcat.embed

Tomcat-embed-websocket

${tomcat-embed.version}

Upgrade Spring Cloud Hoxton / Spring Boot 2.2.x1. Upgrade Spring Boot

Org.springframework.boot

Spring-boot-starter-parent

2.2.8.RELEASE

two。 Upgrade Tomcat

9.0.36

Org.apache.tomcat.embed

Tomcat-embed-core

${tomcat-embed.version}

Org.apache.tomcat.embed

Tomcat-embed-el

${tomcat-embed.version}

Org.apache.tomcat.embed

Tomcat-embed-websocket

${tomcat-embed.version}

Upgrade Spring Boot 2.3.x1. Upgrade Spring Boot

Org.springframework.boot

Spring-boot-starter-parent

2.3.1.RELEASE

two。 Upgrade Tomcat

9.0.36

Org.apache.tomcat.embed

Tomcat-embed-core

${tomcat-embed.version}

Org.apache.tomcat.embed

Tomcat-embed-websocket

${tomcat-embed.version}

Thank you for your reading, the above is the content of "what to do with security vulnerabilities in Tomcat". After the study of this article, I believe you have a deeper understanding of how to do security vulnerabilities in Tomcat, and the specific use needs to be verified in practice. Here is, the editor will push for you more related knowledge points of the article, welcome to follow!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.