The Mapper component in Apache Tomcat 6.x before 6.0.45, 7.x before 7.0.68, 8.x before 8.0.30, and 9.x before 9.0.0.M2 processes redirects before considering security constraints and Filters, which allows remote attackers to determine the existence of a directory via a URL that lacks a trailing / (slash) character.
lists.opensuse.org/opensuse-security-announce/2016-03/msg00047.html
lists.opensuse.org/opensuse-security-announce/2016-03/msg00069.html
lists.opensuse.org/opensuse-security-announce/2016-03/msg00082.html
lists.opensuse.org/opensuse-security-announce/2016-03/msg00085.html
marc.info/?l=bugtraq&m=145974991225029&w=2
packetstormsecurity.com/files/135892/Apache-Tomcat-Directory-Disclosure.html
rhn.redhat.com/errata/RHSA-2016-1089.html
rhn.redhat.com/errata/RHSA-2016-2045.html
rhn.redhat.com/errata/RHSA-2016-2599.html
seclists.org/bugtraq/2016/Feb/146
seclists.org/fulldisclosure/2016/Feb/122
svn.apache.org/viewvc?view=revision&revision=1715206
svn.apache.org/viewvc?view=revision&revision=1715207
svn.apache.org/viewvc?view=revision&revision=1715213
svn.apache.org/viewvc?view=revision&revision=1715216
svn.apache.org/viewvc?view=revision&revision=1716882
svn.apache.org/viewvc?view=revision&revision=1716894
svn.apache.org/viewvc?view=revision&revision=1717209
svn.apache.org/viewvc?view=revision&revision=1717212
svn.apache.org/viewvc?view=revision&revision=1717216
tomcat.apache.org/security-6.html
tomcat.apache.org/security-7.html
tomcat.apache.org/security-8.html
tomcat.apache.org/security-9.html
www.debian.org/security/2016/dsa-3530
www.debian.org/security/2016/dsa-3552
www.debian.org/security/2016/dsa-3609
www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html
www.qcsec.com/blog/CVE-2015-5345-apache-tomcat-vulnerability.html
www.securityfocus.com/bid/83328
www.securitytracker.com/id/1035071
www.ubuntu.com/usn/USN-3024-1
access.redhat.com/errata/RHSA-2016:1087
access.redhat.com/errata/RHSA-2016:1088
bto.bluecoat.com/security-advisory/sa118
bz.apache.org/bugzilla/show_bug.cgi?id=58765
h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05054964
h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150442
h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158626
kc.mcafee.com/corporate/index?page=content&id=SB10156
lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113%40%3Cdev.tomcat.apache.org%3E
lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b%40%3Cdev.tomcat.apache.org%3E
lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95%40%3Cdev.tomcat.apache.org%3E
lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb%40%3Cdev.tomcat.apache.org%3E
lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c%40%3Cdev.tomcat.apache.org%3E
lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b%40%3Cdev.tomcat.apache.org%3E
lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E
security.gentoo.org/glsa/201705-09
security.netapp.com/advisory/ntap-20180531-0001/