The Apache Software Foundation has released security updates to address several vulnerabilities in its Tomcat application server. One of which could allow a remote attacker to obtain sensitive information. Another important vulnerability, tracked as CVE-2018-1336, in the. UTF-8 decoder that can lead to a denial-of-service (DoS) condition. Apache Tomcat is an open source web server and servlet system, which uses several Java EE specifications like Java Servlet, JavaServer Pages (JSP), Expression Language, and WebSocket.
Source: https://thehackernews.com/2018/07/apache-tomcat-server.html