Do your applications use this vulnerable package?
20 Aug 2019
18 Jun 2013
How to fix?
org.apache.tomcat:catalina to version 6.0.39 or higher.
org.apache.tomcat:catalina is a Servlet Engine Core Classes and Standard implementations.
Affected versions of this package are vulnerable to Frame injection. Tomcat 6 is built with Java 5 which is known to generate Javadoc with a frame injection vulnerability.