CVE-2001-0590

EPSS 48.3%

Apache Tomcat Allows Source Disclosure

發布日:2022/4/30修改日:2023/11/8

描述

Apache Software Foundation Tomcat Servlet prior to 3.2.2 allows a remote attacker to read the source code to arbitrary 'jsp' files via a malformed URL request which does not end with an HTTP protocol specification (i.e. HTTP/1.0).

受影響套件(1)

Maven/org.apache.tomcat:tomcat-servlet-apifrom 0, < 3.2.2

參考連結(3)

ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2001-0590
WEBhttps://exchange.xforce.ibmcloud.com/vulnerabilities/6971
WEBhttps://web.archive.org/web/20020711002734/http://archives.neohapsis.com/archives/bugtraq/2001-04/0031.html