Description

A flaw was found in Wildfly 9.x. A path traversal vulnerability through the org.wildfly.extension.undertow.deployment.ServletResourceManager.getResource method could lead to information disclosure of arbitrary local files.

Remediation

References

CVE-2018-1047

Related Vulnerabilities

Drupal Core 8.8.x Security Bypass (8.8.0 - 8.8.9)

MySQL CVE-2018-3200 Vulnerability (CVE-2018-3200)

WordPress Plugin AskApache Firefox Adsense Cross-Site Request Forgery (3.0)

WordPress Plugin Easy WP SMTP Cross-Site Scripting (1.2.4)

Apache HTTP Server Server-Side Request Forgery (SSRF) Vulnerability (CVE-2024-40898)

Severity

Medium

Classification

CVE-2018-1047 CWE-22 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Tags

Missing Update Known Vulnerabilities