The Apache Software Foundation has released security updates to address vulnerabilities in Tomcat versions 7.0.94, 8.5.40, and 9.0.19. It is recommended that you take the necessary precautions by ensuring your Apache software is always updated.
CVE-2019-0232 Apache Tomcat Remote Code Execution on Windows
Affected versions: Apache Tomcat 9.0.0.M1 to 9.0.17
Apache Tomcat 8.5.0 to 8.5.39, Apache Tomcat 7.0.0 to 7.0.93.
Mitigations: Users of the affected versions are asked to apply one of the following mitigations:
For more information on the Apache Tomcat updates you can follow the url:
The Guyana National CIRT recommends users and administration to review these updates and to apply them where necessary.
Apache Releases security Updates for Apache Tomcat (US-Cert)