Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages technologies. Security Fix: * tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources * tomcat: Late application of security constraints can lead to resource exposure for unauthorised users * tomcat: Insecure defaults in CORS filter enable "supportsCredentia ...