Lhotari

**Name of the Vulnerable Software and Affected Versions** Eclipse Vert.x versions 3.4.x through 3.9.4 Eclipse Vert.x versions 4.0.0.milestone1 through 4.0.0.Beta3 **Description** The issue arises from the StaticHandler in Eclipse Vert.x not correctly processing back slashes on Windows Operating systems. This allows an attacker to escape the webroot folder to the current working directory. **Recommendations** For Eclipse Vert.x versions 3.4.x through 3.9.4, consider disabling the StaticHandler until a patch is available. For Eclipse Vert.x versions 4.0.0.milestone1 through 4.0.0.Beta3, consider disabling the StaticHandler until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.