## https://sploitus.com/exploit?id=4C9C935C-0331-5EBC-B511-F67CB06A0F89
# CVE-2020-1938 Tomcat AJP Ghostcat Analysis
This repository contains a Markdown analysis report for `CVE-2020-1938 (Ghostcat)` and the image assets used in the report.
## Contents
- Report: [`docs/report/CVE-2020-1938-Analysis-Report.md`](docs/report/CVE-2020-1938-Analysis-Report.md)
- Images: [`docs/images`](docs/images)
## Report Scope
The report is organized around:
- Vulnerability background
- Attack flow using a PoC
- Root cause analysis based on Tomcat source code
- Trigger conditions for file read and JSP execution
- Patch comparison between Tomcat `9.0.30` and `9.0.31`
## Repository Structure
```text
docs/
images/
report/
CVE-2020-1938-Analysis-Report.md
README.md
```
## Notes
- The report is written in Markdown.
- All referenced figures are stored under `docs/images`.
- Image links inside the report use relative paths so the document renders correctly on GitHub.