Spring4Shell-POC icon indicating copy to clipboard operation
Spring4Shell-POC copied to clipboard
verified publisher icon lunasec-io

Disabling tomcat Valve to prevent from Spring4Shell vulnerability (CVE-2022-22965).

Open kaushikjeet opened this issue 3 years ago • 2 comments

Disabling tomcat Valve to prevent from Spring4Shell vulnerability (CVE-2022-22965).

kaushikjeet avatar Apr 06 '22 13:04 kaushikjeet

CLA assistant check
Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution.
You have signed the CLA already but the status is still pending? Let us recheck it.

CLAassistant avatar Apr 06 '22 13:04 CLAassistant

thanks for this! it is cool to see another way of preventing this vulnerability. Unfortunately we want this to stay an intentionally vulnerable application, so we don't want to prevent this from being able to be exploited lol

If you want to update the readme to propose this code snippet as a patch for the issue then I will accept this PR.

breadchris avatar Apr 19 '22 01:04 breadchris