Traversal directory vulnerability in webserver security

Affected versions: <=1.0.2 | CVSS: 7.8 | CVE-2015-1847

Posted on 31 Mar 2015 | 0 Comments


There recently was a bugfix for a vulnerability of the appserver’s web request/response interface. This vulnerability was present in versions prior to 1.0.3 and was exposed by the bundled webserver’s HTTP parsing library. The URI as coming from a web client was not normalized correctly... Read more