# Security Updates on Vulnerabilities

## Desktop Central is not vulnerable to CVE 2020-17527

### Is Desktop Central vulnerable to this CVE?

**No**, **Desktop Central** is not vulnerable to **CVE-2020-17527** vulnerability. Read the document fully for further details.

### What was the issue?

Apache Tomcat could re-use an **HTTP** request header value from the previous stream received on an **HTTP/2** connection for the request associated with the subsequent stream. While this would most likely lead to an error and the closure of the **HTTP/2** connection, it is possible that information could leak between requests.

### Why Desktop Central is not vulnerable to this CVE?

**CVE-2020-17527** will not affect Desktop Central as **HTTP/2 requests** are not used.

### Future plan for Upgrade

Although **Desktop Central** is not vulnerable to this CVE, we'll be upgrading to the latest **Apache Tomcat** version during our regular third-party components upgrade cycle.