springboot spring-boot-starter-tomcat contains vulnerability CVE-2019-17563

Frontier version of spring-boot-starter-tomcat is currently 2.2.5. This version contains a dependency of apache tomcat_tomcat-embed-core at rev level 9.0.27. This version of apache tomcat_tomcat-embed-core contains vulnerability CVE-2019-17563.

Comment From: wilkinsona

Spring Boot 2.2.5 uses Tomcat 9.0.31 by default.