Free Edition No, Desktop Central is not vulnerable to CVE-2020-13934 vulnerability. Read the document fully for further details.
The h2c direct connection did not release the HTTP/1.1 processor after the upgrade to HTTP/2. An OutOfMemoryException could occur if the number of requests reach a particular target, leading to Denial of Service (DoS). This affects Apache Tomcat 8.5.1 to 8.5.56.
CVE-2020-13934 will not affect Desktop Central as HTTP/2 requests are not used.
Although the Desktop Central is not vulnerable to this CVE, we'll be upgrading to the latest Apache Tomcat version during our regular third-party components upgrade cycle.