
CVE-2020-1938: Ghostcat – Apache Tomcat AJP File Read/Inclusion Vulnerability - based2
https://www.tenable.com/blog/cve-2020-1938-ghostcat-apache-tomcat-ajp-file-readinclusion-vulnerability-cnvd-2020-10487
======
based2
[https://www.reddit.com/r/netsec/comments/f7antb/cve20201938_...](https://www.reddit.com/r/netsec/comments/f7antb/cve20201938_ajp_rce/)

[http://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tom...](http://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.31)

[http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tom...](http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.51)

[http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tom...](http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.100)

------
based2
[https://www.reddit.com/r/programming/comments/faw6l5/ghostca...](https://www.reddit.com/r/programming/comments/faw6l5/ghostcat_bug_impacts_all_apache_tomcat_versions/)

~~~
based2
[https://blog.sonatype.com/nexus-intelligence-insights-
whats-...](https://blog.sonatype.com/nexus-intelligence-insights-whats-in-a-
ghostcat-cve-2020-1938-apache-tomcat)

[https://devblogs.microsoft.com/java/addressing-ghostcat-
on-a...](https://devblogs.microsoft.com/java/addressing-ghostcat-on-
azure/?WT.mc_id=blog-reddit-abartolo)

