Security Alert (A23-10-10): Multiple Vulnerabilities in Apache Tomcat
11 October 2023
The Apache Software Foundation released a security update to address multiple vulnerabilities in the Apache Tomcat. A remote attacker could exploit the vulnerabilities by sending a specially crafted request to the affected systems.
Apache Tomcat 11.0.0-M1 to 11.0.0-M11
Apache Tomcat 10.1.0-M1 to 10.1.13
Apache Tomcat 9.0.0-M1 to 9.0.80
Apache Tomcat 8.5.0 to 8.5.93
Successful exploitation of the vulnerabilities could lead to denial of service, information disclosure or spoofing on an affected system.
The Apache Software Foundation has released new versions of the product to address the issue and they can be downloaded at the following URLs: