From zerodayinitiative.com
Apache has released a security advisory to address a vulnerability in Apache Tomcat. An attacker could exploit this vulnerability to cause a denial-of-service condition.
The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Apache security advisory for CVE-2019-10072 and upgrade to the appropriate version.
Apache has issued an update to correct this vulnerability. More details can be found at:
http://tomcat.apache.org/security-9.html