The HTTP/2 implementation bypassed a number of security checks that prevented directory traversal attacks. It was therefore possible to bypass security constraints using an specially crafted URL.
Affected versions: 8.5.0 to 8.5.15
External References:
https://tomcat.apache.org/security-8.html