Chapter 4. Security Fixes
This update includes fixes for the following security related issues:
| ID | Impact | Summary |
|---|---|---|
| Important | hibernate-core: SQL injection vulnerability when both hibernate.use_sql_comments and JPQL String literals are used [jws-5] | |
| Moderate | tomcat: Request mix-up with h2c [jws-5] | |
| Low | Incomplete fix for CVE-2020-9484 (RCE via session persistence) [jws-5] |
