Chapter 4. Security Fixes
This update includes fixes for the following security related issues:
ID | Impact | Summary |
---|---|---|
Important | hibernate-core: SQL injection vulnerability when both hibernate.use_sql_comments and JPQL String literals are used [jws-5] | |
Moderate | tomcat: Request mix-up with h2c [jws-5] | |
Low | Incomplete fix for CVE-2020-9484 (RCE via session persistence) [jws-5] |