Get Live Help
CVE-2022-29885 is for the environments using Tomcat clustering. Foglight does not use Tomcat clustering; therefore it is not affected.
CVE-2022-42252 applies if Tomcat is configured to ignore invalid HTTP headers by setting rejectIllegalHeader to false. Foglight has rejectIllegalHeader as true which is the default value in Tomcat 9; therefore, Foglight is not affected.