Improper Limitation of a Pathname to a Restricted Directory in Apache Tomcat
Moderate severity
GitHub Reviewed
Published
May 14, 2022
to the GitHub Advisory Database
•
Updated Mar 7, 2024
Package
Affected versions
= 9.0.0.M1
>= 8.0.0.RC1, < 8.0.30
>= 7.0.0, < 7.0.68
>= 6.0.0, < 6.0.45
Patched versions
9.0.0.M2
8.0.30
7.0.68
6.0.45
Description
Published by the National Vulnerability Database
Feb 25, 2016
Published to the GitHub Advisory Database
May 14, 2022
Reviewed
Jul 6, 2022
Last updated
Mar 7, 2024
Credits
-
sunSUNQ Analyst
The Mapper component in Apache Tomcat 6.x before 6.0.45, 7.x before 7.0.68, 8.x before 8.0.30, and 9.x before 9.0.0.M2 processes redirects before considering security constraints and Filters, which allows remote attackers to determine the existence of a directory via a URL that lacks a trailing / (slash) character.
References