Apache Releases Security Updates for Apache Tomcat

Original release date: September 19, 2017

The Apache Foundation has released security updates to address vulnerabilities in Apache Tomcat. Exploitation of one of these vulnerabilities may allow a remote attacker to take control of an affected server. 

US-CERT encourages users and administrators to review the Apache advisories for CVE-2017-12615 and CVE-2017-12616 for more information and apply the necessary updates.


This product is provided subject to this Notification and this Privacy & Use policy.