skip to content
Decrypt LOL

Get Cyber-Smart in Just 5 Minutes a Week

Decrypt delivers quick and insightful updates on cybersecurity. No spam, no data sharing—just the info you need to stay secure.

Read the latest edition

Apache Releases Update for Tomcat Security Vulnerability

/ 1 min read

🛠️ Apache addresses critical remote code execution vulnerability in Tomcat. Apache has released a security update for its Tomcat web server, fixing a significant vulnerability (CVE-2024-56337) that could allow remote code execution due to an incomplete patch from December. This issue affects various versions of Tomcat, specifically those running on case-insensitive file systems with default servlet write enabled. Users are advised to upgrade to the latest versions (11.0.2, 10.1.34, and 9.0.98) and implement additional configurations based on their Java version to mitigate risks. Future updates will include enhancements to automatically enforce safer configurations, further reducing the potential for exploitation.

Source
{entry.data.source.title}
Original