CF2018 Tomcat version 9.0.21 vulnerability

Greetings,

We are running CF18 enterprise(latest update 10) on Windows server.  Tomcat version 9.0.21.0. Java version 11.0.3.

Our security team informed us about following vulnerability after Nessus scan on CF server:

Plugin ID: 133845 Port: www (8500/tcp)

Plugin Output:

  Installed version : 9.0.21
  Fixed version     : 9.0.31


Plugin Description:
The version of Tomcat installed on the remote host is prior to 7.0.100, 8.x
prior to 8.5.51, or 9.x prior to 9.0.31. It is, therefore, affected by multiple
vulnerabilities.

  - An HTTP request smuggling vulnerability exists in Tomcat due to mishandling
Transfer-Encoding headers     behind a reverse proxy. An unauthenticated, remote
attacker can exploit this, via crafted HTTP requests,     to cause unintended
HTTP requests to reach the back-end. (CVE-2019-17569)

  - An HTTP request smuggling vulnerability exists in Tomcat due to bad
end-of-line (EOL) parsing that allowed     some invalid HTTP headers to be
parsed as valid. An unauthenticated, remote attacker can exploit this, via   
crafted HTTP requests, to cause unintended HTTP requests to reach the back-end.
(CVE-2020-1935)

  - An arbitrary file read vulnerability exists in Tomcat's Apache JServ
Protocol (AJP) due to an     implementation defect. A remote, unauthenticated
attacker could exploit this to access files which, under     normal conditions,
would be restricted. If the Tomcat instance supports file uploads, the
vulnerability     could also be leveraged to achieve remote code execution.
(CVE-2020-1938)

Note that Nessus has not tested for this issue but has instead relied only on
the application's self-reported version number.

Any recommendations on resolving this issue. Do we need to contact Adobe CF support on this issue?

Regards,

Simon