leon8693 opened a new issue, #8531: URL: https://github.com/apache/rocketmq/issues/8531
### Is Your Feature Request Related to a Problem? 公司安全扫描出Rocketmq 5.3.0 最新版本中有tomcat-embed-core-8.5.46.jar 属于漏洞范围 详细信息如下 tomcat-embed-core 安装包路径: /home/rocketmq/rocketmq-5.3.0/lib/tomcat-embed-core-8.5.46.jar 当前版本: 8.5.46 存在漏洞版本: >=8.5.7,<8.5.64 修复版本: 8.5.64 参考链接 https://avd.aliyun.com/detail?id=AVD-2024-21733 现在用的是 apache/rocketmq:5.3.0 镜像 但是在 rocketmq-all-5.3.0-bin-release.zip 文件中 同样存在 ### Describe the Solution You'd Like 希望临时和永久的解决办法 1. 有什么办法临时解决 2. 能否下个版本固定升级到无漏洞版本 ### Describe Alternatives You've Considered 我暂时没办法 ### Additional Context _No response_ -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: commits-unsubscr...@rocketmq.apache.org.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
