Share
## https://sploitus.com/exploit?id=4C9C935C-0331-5EBC-B511-F67CB06A0F89
# CVE-2020-1938 Tomcat AJP Ghostcat Analysis

This repository contains a Markdown analysis report for `CVE-2020-1938 (Ghostcat)` and the image assets used in the report.

## Contents

- Report: [`docs/report/CVE-2020-1938-Analysis-Report.md`](docs/report/CVE-2020-1938-Analysis-Report.md)
- Images: [`docs/images`](docs/images)

## Report Scope

The report is organized around:

- Vulnerability background
- Attack flow using a PoC
- Root cause analysis based on Tomcat source code
- Trigger conditions for file read and JSP execution
- Patch comparison between Tomcat `9.0.30` and `9.0.31`

## Repository Structure

```text
docs/
  images/
  report/
    CVE-2020-1938-Analysis-Report.md
README.md
```

## Notes

- The report is written in Markdown.
- All referenced figures are stored under `docs/images`.
- Image links inside the report use relative paths so the document renders correctly on GitHub.