The Apache Software Foundation has released a security advisory to address a vulnerability (CVE-2023-28708) in multiple versions of Tomcat. A remote attacker could exploit this vulnerability to trigger information disclosure on the targeted system. Apache fixed vulnerability in Apache Tomcat versions 11.0.0-M3, 10.1.6, 9.0.72, 8.5.86.

Detailed information on vulnerability and updates can be found in Apache’s security advisories – apache.org.