The version of Apache Tomcat installed on the remote host is 9.0.0.M1 to 9.0.14 or 8.5.0 to 8.5.37. It is, therefore, affected by a denial of service vulnerability due to streams kept open for requests that utilised the Servlet APIβs blocking I/O.
Note that the scanner has not attempted to exploit these issues but has instead relied only on the applicationβs self-reported version number.
No source data