Security News

A serious vulnerability affecting Apache Tomcat can be exploited to read files from a server and in some cases even to achieve remote code execution. Chaitin says the vulnerability is related to the Apache JServ Protocol protocol, which is designed to improve performance by proxying inbound requests from a web server through to an application server.

If your web server is running on Apache Tomcat, you should immediately install the latest available version of the server application to prevent hackers from taking unauthorized control over it. Yes, that's possible because all versions of the Apache Tomcat released in the past 13 years have been found vulnerable to a new high-severity 'file read and inclusion bug'-which can be exploited in the default configuration.

The Apache Software Foundation (ASF) has released security updates to address several vulnerabilities in its Tomcat application server, one of which could allow a remote attacker to obtain...

The Apache Software Foundation informed users over the weekend that updates for the Tomcat application server address several vulnerabilities, including issues that can lead to information...

The Apache Tomcat team has recently patched several security vulnerabilities in Apache Tomcat, one of which could allow an unauthorised attacker to execute malicious code on affected servers...

Several vulnerabilities, including ones that allow remote attackers to execute arbitrary code, have been patched in recent weeks in Apache Tomcat. read more