Apache Releases Security Updates for Apache Tomcat

Original release date: July 23, 2018

The Apache Software Foundation has released security updates to address vulnerabilities in Apache Tomcat versions 9.0.0.M9 to 9.0.9, 8.5.0 to 8.5.31, 8.0.0.RC1 to 8.0.51, and 7.0.28 to 7.0.86. A remote attacker could exploit one of these vulnerabilities to obtain sensitive information.

NCCIC encourages users and administrators to review the Apache security advisories for CVE-2018-8037 and CVE-2018-1336 and apply the necessary updates.


This product is provided subject to this Notification and this Privacy & Use policy.