We will be releasing an advisory on a security vulnerability that was reported to the Apache Software Foundation, specifically in Apache Tomcat. This issue is being tracked under CVE-2019-0232. The issue was discovered by Nightwatch Cybersecurity Research and reported to Apache via the EU FOSSA-2 project, hosted by Intrigri.
UPDATE: The advisory has been published here.
Related links:
Nightwatch Cybersecurity 
Is this source [ https://github.com/pyn3rd/CVE-2019-0232 ] a legitimate PoC for this vulnerability?
We are not able to comment on this until our advisory is published
[…] April 15, Nightwatch Cybersecurity published information on CVE-2019-0232, a remote code execution (RCE) vulnerability involving Apache Tomcat’s Common […]
[…] vulnerability was reported to the Apache Tomcat security team by researchers from Nightwatch Cybersecurity on 3rd March 2019 […]
[…] April 15, Nightwatch Cybersecurity published information on CVE-2019-0232, a remote code execution (RCE) vulnerability involving Apache Tomcat’s Common […]