Recently the following vulnerability has been published:
https://nvd.nist.gov/vuln/detail/CVE-2025-24813
As far as I can see, the latest 2.4 and 2.5 use 10.1.34 which is affected.
Can we please upgrade this version?
Hi,
In Jmix 2.5.1 we are going to update to Spring Boot 3.4.3 - it uses tomcat 10.1.36 where this vulnerability is fixed.
Regards,
Ivan