CVE-2000-1210: Apache Tomcat Directory Traversal

April 30, 2022 (updated September 18, 2023)

Directory traversal vulnerability in source.jsp of Apache Tomcat before 3.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the argument to source.jsp.

References

marc.info/?l=bugtraq&m=95371672300045&w=2
github.com/advisories/GHSA-4gr9-99j3-vqxv
nvd.nist.gov/vuln/detail/CVE-2000-1210
web.archive.org/web/20020818015647/http://www.iss.net/security_center/static/4205.php

Detect and mitigate CVE-2000-1210 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →