Lucene search
Veracode Vulnerability DatabaseVERACODE:5751HistoryJan 26, 2018 - 2:31 a.m.
Directory Traversal
2018-01-2602:31:10
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
23
0.001 Low
EPSS
Percentile
26.1%
wildfly-undertow is vulnerable to directory traversal attacks. The application does not handle pathing properly, allowing a malicious user to pass a URL to gain access to sensitive information on the system.
| CPE | Name | Operator | Version |
|---|---|---|---|
| wildfly: undertow | le | 11.0.0.Final | |
| wildfly: undertow | le | 11.0.0.Final |
References
access.redhat.com/errata/RHSA-2018:1247
access.redhat.com/errata/RHSA-2018:1248
access.redhat.com/errata/RHSA-2018:1249
access.redhat.com/errata/RHSA-2018:1251
access.redhat.com/errata/RHSA-2018:2938
access.redhat.com/security/cve/CVE-2018-1047
bugzilla.redhat.com/show_bug.cgi?id=1528361
github.com/wildfly/wildfly/pull/10748
issues.jboss.org/browse/WFLY-9620
Related
redhatcve
redhatcve
CVE-2018-1047
2018-01-24 20:21:35
osv
osv
Improper Input Validation in org.wildfly:wildfly-undertow
2018-10-19 16:55:35
CVE-2018-1047
2018-01-24 23:29:00
github
github
Improper Input Validation in org.wildfly:wildfly-undertow
2018-10-19 16:55:35
cvelist
cvelist
CVE-2018-1047
2018-01-24 23:00:00
veracode
veracode
Directory Traversal
2019-01-15 09:21:36
ubuntucve
ubuntucve
CVE-2018-1047
2018-01-24 00:00:00
cve
cve
CVE-2018-1047
2018-01-24 23:29:00
prion
prion
Path traversal
2018-01-24 23:29:00
nvd
nvd
CVE-2018-1047
2018-01-24 23:29:00
redhat
redhat
nessus
nessus