Apache Tomcat reserveWindowSize Denial-Of-Service Vulnerability

From zerodayinitiative.com

Apache has released a security advisory to address a vulnerability in Apache Tomcat. An attacker could exploit this vulnerability to cause a denial-of-service condition.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Apache security advisory for CVE-2019-10072 and upgrade to the appropriate version.

Apache has issued an update to correct this vulnerability. More details can be found at: 
http://tomcat.apache.org/security-9.html

Read more…