CVE-2002-1148
Apache Tomcat Source Code Disclosure in maven/org.apache.tomcat/tomcat
Identifiers
GHSA-jxcv-v856-j5vg, CVE-2002-1148
Package Slug
maven/org.apache.tomcat/tomcat
Vulnerability
Apache Tomcat Source Code Disclosure
Description
The default servlet (org.apache.catalina.servlets.DefaultServlet) in Tomcat 4.0.4 and 4.1.10 and earlier allows remote attackers to read source code for server files via a direct request to the servlet.
Affected Versions
All versions starting from 4.0.0 up to 4.0.4, all versions starting from 4.1.0 up to 4.1.10
Solution
Upgrade to versions 4.0.5, 4.1.12 or above.
Last Modified
2024-02-13
| source |