Database Install/Upgrade/Opatch (MOSC)

MOSC Banner

How to find a suitable patch for reported vulnerabilities in Apache Tomcat?

edited Jun 20, 2024 9:14AM in Database Install/Upgrade/Opatch (MOSC) Question

Hi,
I have successfully installed the following patches for Oracle Database 19c on Windows Server 2019 x64:
Windows Bundle Patch 36219938
OJVM 36199232


However, the vulnerabilities are still reported in the following component:

Apache Tomcat 8.5.0.0
"ORACLE_HOME\suptools\tfa\release\tfa_home\tomcat\lib\tomcat-juli.jar"

Here's a couple of the many CVEs related to tomcat-juli.jar:
CVE-2023-44487, CVE-2018-11784, CVE-2017-12617, CVE-2020-1938, CVE-2019-0232, CVE-2019-0199

But no information how to fix it :-(

Please, how can I find the necessary patch for the mentioned component?
Thank you.

Howdy, Stranger!

Log In

To view full details, sign in to My Oracle Support Community.

Register

Don't have a My Oracle Support Community account? Click here to get started.

Category Leaderboard

Top contributors this month

New to My Oracle Support Community? Visit our Welcome Center

MOSC Help Center