A vulnerability was found in Apache Tomcat. Malicious users can exploit this vulnerability via specially crafted URI to bypass security restrictions.

Apache Tomcat 8.0.x
Apache Tomcat 8.5.x earlier than 8.5.34
Apache Tomcat 7.x earlier than 7.0.91
Apache Tomcat 9. earlier than 9.0.12

Update to the latest version

Apache Tomcat 7.x vulnerabilities
Apache Tomcat 8.x vulnerabilities
Apache Tomcat 9.x vulnerabilities