We have 9.9.1 LTS deployed using the zip. It has Tomcat 9.0.74 embedded. However this Tomcat version has a few vulnerability issues. Is there any plan to upgrade the embedded Tomcat with any future 9.9.x or 10.x releases? Thanks
Hi,
I’ve unlisted your topic since you’re reporting a vulnerability. Our responsible disclosure policy asks that you email security@sonarsource.com rather than making public posts. But I’ll let them know about this thread.
Ann