The Apache Software Foundation has released a security advisory to address a vulnerability (CVE-2022-23181) in multiple versions of Tomcat. A remote attacker could exploit this vulnerability to trigger elevation of privileges and remote code execution on the targeted system. Apache fixed vulnerability in Apache Tomcat versions 8.5.75, 9.0.58 and 10.0.16.

Detailed information on vulnerability and updates can be found in Apache’s security advisories – apache.org.