https://bugzilla.redhat.com/show_bug.cgi?id=1857024
--- Comment #19 from Cedric Buissart 🐶 <cbuissar(a)redhat.com> ---
Statement:
Red Hat Certificate System 10.0 as well as Red Hat Enterprise Linux 8's
Identity Management, are using a vulnerable version of Tomcat, bundled into the
pki-servlet-engine component. However, there are no entry point for WebSockets,
and thus it is not possible to trigger the flaw in a supported setup. A future
update may fix the code.
--
You are receiving this mail because:
You are on the CC list for the bug.