1. Critical Information Disclosure Flaw Found in Apache Tomcat JsonAccessLogValve — Patch to 9.0.116 Required
A high-severity information disclosure vulnerability has been identified in Apache Tomcat's JsonAccessLogValve component, stemming from improper encoding of logged data. The flaw allows an attacker to potentially access sensitive information through manipulated HTTP requests that exploit how access logs are formatted a...