Bleeping Computer

Apache fixes remote code execution bypass in Tomcat web server

Apache has released a security update to address an important vulnerability in Tomcat web server that could lead to an attacker achieving remote code execution. Apache Tomcat is an open-source web ...
heise online

Apache Tomcat: Attacks on critical security vulnerability ongoing

A serious security vulnerability in Apache Tomcat allows attackers to inject malicious code. Attackers are currently doing the same – high time for IT managers to apply the available security updates.