{"id":"GHSA-4gr9-99j3-vqxv","summary":"Apache Tomcat Directory Traversal","details":"Directory traversal vulnerability in source.jsp of Apache Tomcat before 3.1 allows remote attackers to read arbitrary files via a `..` (dot dot) in the argument to source.jsp.","aliases":["CVE-2000-1210"],"modified":"2023-11-08T03:56:44.488228Z","published":"2022-04-30T18:15:08Z","database_specific":{"github_reviewed_at":"2023-09-18T21:59:42Z","severity":"MODERATE","cwe_ids":["CWE-22"],"nvd_published_at":"2002-03-22T05:00:00Z","github_reviewed":true},"references":[{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2000-1210"},{"type":"WEB","url":"https://web.archive.org/web/20020818015647/http://www.iss.net/security_center/static/4205.php"},{"type":"WEB","url":"http://marc.info/?l=bugtraq&m=95371672300045&w=2"}],"affected":[{"package":{"name":"org.apache.tomcat:tomcat","ecosystem":"Maven","purl":"pkg:maven/org.apache.tomcat/tomcat"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"last_affected":"3.1"}]}],"database_specific":{"source":"https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/04/GHSA-4gr9-99j3-vqxv/GHSA-4gr9-99j3-vqxv.json"}}],"schema_version":"1.7.3"}