The Apache Tomcat® software is an open source implementation of the Java Servlet, JavaServer Pages, Java Expression Language and Java WebSocket technologies. The Java Servlet, JavaServer Pages, Java Expression Language and Java WebSocket specifications are developed under the Java Community Process.
The Apache Tomcat software is developed in an open and participatory environment and released under the Apache License version 2. The Apache Tomcat project is intended to be a collaboration of the best-of-breed developers from around the world. We invite you to participate in this open development project. To learn more about getting involved, click here.
Apache Tomcat software powers numerous large-scale, mission-critical web applications across a diverse range of industries and organizations. Some of these users and their stories are listed on the PoweredBy wiki page.
Apache Tomcat, Tomcat, Apache, the Apache feather, and the Apache Tomcat project logo are trademarks of the Apache Software Foundation.
Changelog Apache Tomcat 7.0.94
- 63206: Add a new attribute to
trueenables Tomcat to create the temporary upload location used by a Servlet if the location specified by the Servlet does not already exist. The default value is
- Change the default for the
enableCmdLineArgumentsparameter of the CGI servlet from
falseas additional hardening against CVE-2019-0232. (markt)
- When the CGI Servlet is configured with
enableCmdLineArgumentsset to true, limit the decoded form of the individual command line arguments to known safe values when running on Windows. This restriction may be relaxed by the use of the new initialisation parameter
cmdLineArgumentsDecoded. This is the fix for CVE-2019-0232. (markt)