rbeckman-nextgen
commented
4 years ago ROCKSOLID-3133
Imported Comment. Original Details: Author: christ Created: 2020-04-13T14:44:04.000-0700
Closed rbeckman-nextgen closed 4 years ago
rbeckman-nextgen
commented
4 years ago ROCKSOLID-3133
Imported Comment. Original Details: Author: christ Created: 2020-04-13T14:44:04.000-0700
In Eclipse Jetty Server, all 9.x versions, on webapps deployed using default Error Handling, when an intentionally bad query arrives that doesn't match a dynamic url-pattern, and is eventually handled by the DefaultServlet's static file serving, the bad characters can trigger a java.nio.file.InvalidPathException
[https://nvd.nist.gov/vuln/detail/CVE-2018-12536#vulnCurrentDescriptionTitle]
Imported Issue. Original Details: Jira Issue Key: MIRTH-4454 Reporter: narupley Created: 2019-09-19T13:28:45.000-0700