The Apache Software Foundation has released security updates to
address vulnerabilities in Apache Tomcat versions 9.0.0.M9 to 9.0.9,
8.5.0 to 8.5.31, 8.0.0.RC1 to 8.0.51, and 7.0.28 to 7.0.86. A remote
attacker could exploit one of these vulnerabilities to obtain sensitive
information.
NCCIC encourages users and administrators to review the Apache security advisories for CVE-2018-8037 and CVE-2018-1336 and apply the necessary updates