CVE-2018-1323 Apache Tomcat JK ISAPI Connector path traversal
Severity: Important
Vendor: The Apache Software Foundation
Versions Affected:
- Apache Tomcat JK ISAPI Connector 1.2.0 to 1.2.42
Description
The IIS/ISAPI specific code that normalised the requested path before
matching it to the URI
The Apache Tomcat team announces the immediate availability of Apache
Tomcat 8.5.29.
Tomcat 8.x users should be using 8.5.x releases in preference to 8.0.x
releases.
Apache Tomcat 8 is an open source software implementation of the Java
Servlet, JavaServer Pages, Java Unified Expression Language,
