The Apache Software Foundation has released a security advisory to address a vulnerabilities (CVE-2023-42794, CVE-2023-42795, CVE-2023-44487, CVE-2023-45648) in multiple versions of Tomcat. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition and information disclosure on the targeted system. Apache fixed vulnerability in Apache Tomcat versions 8.5.94, 9.0.81, 10.1.14, 11.0.0-M12.

Detailed information on vulnerability and updates can be found in Apache’s security advisories – apache.org.