Lucene search

K
cvelistRedhatCVELIST:CVE-2015-5345
HistoryFeb 25, 2016 - 1:00 a.m.

CVE-2015-5345

2016-02-2501:00:00
redhat
www.cve.org
9

AI Score

6.8

Confidence

High

EPSS

0.005

Percentile

77.1%

The Mapper component in Apache Tomcat 6.x before 6.0.45, 7.x before 7.0.68, 8.x before 8.0.30, and 9.x before 9.0.0.M2 processes redirects before considering security constraints and Filters, which allows remote attackers to determine the existence of a directory via a URL that lacks a trailing / (slash) character.

References