Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Disabling tomcat Valve to prevent from Spring4Shell vulnerability (CVE-2022-22965). #2

Open
wants to merge 1 commit into
base: master
Choose a base branch
from

Conversation

kaushikjeet
Copy link

Disabling tomcat Valve to prevent from Spring4Shell vulnerability (CVE-2022-22965).

@CLAassistant
Copy link

CLA assistant check
Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution.
You have signed the CLA already but the status is still pending? Let us recheck it.

@breadchris
Copy link

thanks for this! it is cool to see another way of preventing this vulnerability. Unfortunately we want this to stay an intentionally vulnerable application, so we don't want to prevent this from being able to be exploited lol

If you want to update the readme to propose this code snippet as a patch for the issue then I will accept this PR.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants