Apache Tomcat Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) Vulnerability - CVE-2015-5345 - Vulnerability Database

Apache Tomcat Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) Vulnerability - CVE-2015-5345

Medium
Reference: CVE-2015-5345
Title: Apache Tomcat Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) Vulnerability
Overview:

The Mapper component in Apache Tomcat 6.x before 6.0.45 7.x before 7.0.68 8.x before 8.0.30 and 9.x before 9.0.0.M2 processes redirects before considering security constraints and Filters which allows remote attackers to determine the existence of a directory via a URL that lacks a trailing / (slash) character.