Skip to main content

Apache Tomcat Sensitive Information Disclosure Vulnerability

Last Update Date: 4 Dec 2020 10:45 Release Date: 4 Dec 2020 2212 Views

RISK: Medium Risk

TYPE: Servers - Web Servers

TYPE: Web Servers

A vulnerability was identified in Apache Tomcat, a remote attacker could exploit this vulnerability to trigger Sensitive Information Disclosure on the targeted system.


  • Information Disclosure

System / Technologies affected

  • Apache Tomcat 10.0.0-M1 - 10.0.0-M9
  • Apache Tomcat 9.0.0.M5 - 9.0.39
  • Apache Tomcat 8.5.1 - 8.5.59



 Before installation of the software, please visit the vendor web-site for more details.


    Update to

  • Apache Tomcat 10.0.0-M10 or later
  • Apache Tomcat 9.0.40 or later
  • Apache Tomcat 8.5.60 or later


Vulnerability Identifier


Related Link