Knime Server 4.16.12 Apache Tomcat Vulnerability

Greetings all,
We are installing Knime server 4.16.12 which comes with Apache Tomcat version 9.0.89
Our vulnerability scanner has picked up a “Improper Handling of Exceptional Conditions” vulnerability with the solution to upgrade to Apache Tomcat version 9.0.90.
Can the Tomcat simply be updated to 9.0.90?

Thanks so much,

Yes, you can update Tomcat to a more recent version. Note that you only have to update if the encryption is done by KNIME Server itself and not some frontend proxy such as Apache httpd.
Internally we have already updated to 9.0.95 and will release new KNIME Server versions soon.

1 Like

Thanks Thor, much appreciated!

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.