spring-webmvc is vulnerable to directory traversal attack. The vulnerability exists due to the improper sanitization of the path values which allows valid Windows files to be served as static resources. This vulnerability only affects spring-webmvc running on Windows which allows serving files with the file:
locator, does not use Spring Security with versions patched for CVE-2018-1199
, and use Tomcat/WildFly as the server.
www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
www.securityfocus.com/bid/103699
access.redhat.com/errata/RHSA-2018:1320
access.redhat.com/errata/RHSA-2018:2669
access.redhat.com/errata/RHSA-2018:2939
jira.spring.io/browse/SPR-16616
pivotal.io/security/cve-2018-1271
www.oracle.com/security-alerts/cpujul2020.html
www.oracle.com/security-alerts/cpuoct2021.html
www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html
www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html