We have received notification of a new CVE affecting Apache Tomcat -  CVE-2025-46701. He wants to know if/when the hotfix for version 9.0.105 will be released

Reference: https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.105

UIM 23.4 CU4

SECURITY VULNERABILITIES

The vulnerability CVE-2025-46701 specifically affects Tomcat's CGI servlet, allowing unauthorized access to restricted CGI resources by bypassing security constraints through URL case manipulation. Since UIM does not use CGI functionality, the CGI servlet is disabled by default in the UIM Wasp probe, and UIM is therefore not impacted by this vulnerability. However, Tomcat in UIM is being upgraded to version 9.0.105, which will be included in the upcoming UIM 23.4 CU5 release.

https://www.wiz.io/vulnerability-database/cve/cve-2025-46701