Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Vert.x-Web is a set of building blocks for building web applications in the java programming language. When running vertx web applications that serve files using StaticHandler on Windows Operating Systems and Windows File Systems, if the mount point is a wildcard (*) then an attacker can exfiltrate any class path resource. When computing the relative path to locate the resource, in case of wildcards, the code: return "/" + rest; …