Several vulnerabilities were discovered in the Tomcat servlet and JSP engine, which could result in code execution or denial of service.