EPSS
Percentile
25.3%
It was found that the explode function of the deployment utility in jboss-cli and console that allows extraction of files from an archive does not perform necessary validation for directory traversal. This can lead to remote code execution.
bugzilla.redhat.com/show_bug.cgi?id=1593527
www.cve.org/CVERecord?id=CVE-2018-10862 https://nvd.nist.gov/vuln/detail/CVE-2018-10862 https://snyk.io/research/zip-slip-vulnerability