The Apache Software Foundation has released a security advisory to address a vulnerability (CVE-2023-28709) in multiple versions of Tomcat. A remote attacker could exploit this vulnerability to trigger security restriction bypass and denial of service condition on the targeted system. Apache fixed vulnerability in Apache Tomcat versions 11.0.0-M5, 10.1.8, 9.0.74, 8.5.88.

Detailed information on vulnerability and updates can be found in Apache’s security advisories – apache.org.