https://bugzilla.redhat.com/show_bug.cgi?id=1701056
--- Doc Text *updated* by RaTasha Tillery-Smith rtillery@redhat.com --- A flaw was discovered in Apache Tomcat, where a Java Runtime Environment can pass a command-line argument in the Windows operating system. The execution of arbitrary commands via Tomcat’s Common Gateway Interface (CGI) Servlet, allows an attacker to perform remote code execution.