Lucene search
Veracode Vulnerability DatabaseVERACODE:12774HistoryJan 15, 2019 - 9:21 a.m.
Directory Traversal
2019-01-1509:21:36
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
12
0.001 Low
EPSS
Percentile
26.1%
wildfly-undertow is vulnerable to directory traversal attacks. The application does not handle pathing properly, allowing a malicious user to pass a URL to gain access to sensitive information on the system.
References
access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/
access.redhat.com/errata/RHSA-2018:1247
access.redhat.com/errata/RHSA-2018:1248
access.redhat.com/errata/RHSA-2018:1249
access.redhat.com/errata/RHSA-2018:1251
access.redhat.com/errata/RHSA-2018:2938
access.redhat.com/security/cve/CVE-2018-1047
access.redhat.com/security/updates/classification/#important
bugzilla.redhat.com/show_bug.cgi?id=1528361
issues.jboss.org/browse/JBEAP-14135
issues.jboss.org/browse/WFLY-9620
Related
redhatcve
redhatcve
CVE-2018-1047
2018-01-24 20:21:35
osv
osv
Improper Input Validation in org.wildfly:wildfly-undertow
2018-10-19 16:55:35
CVE-2018-1047
2018-01-24 23:29:00
github
github
Improper Input Validation in org.wildfly:wildfly-undertow
2018-10-19 16:55:35
cvelist
cvelist
CVE-2018-1047
2018-01-24 23:00:00
veracode
veracode
Directory Traversal
2018-01-26 02:31:10
ubuntucve
ubuntucve
CVE-2018-1047
2018-01-24 00:00:00
cve
cve
CVE-2018-1047
2018-01-24 23:29:00
prion
prion
Path traversal
2018-01-24 23:29:00
nvd
nvd
CVE-2018-1047
2018-01-24 23:29:00
redhat
redhat
nessus
nessus