Bug#891929: CVE-2018-1047: information disclosure of arbitrary local files

Fri, 02 Mar 2018 09:52:00 -0800 

Source: undertow
Version: 1.4.8-1+deb9u1
Severity: grave
Tags: security
Forwarded: https://issues.jboss.org/browse/WFLY-9620

A flaw was found in Wildfly 9.x. A path traversal vulnerability
through the
org.wildfly.extension.undertow.deployment.ServletResourceManager.getResource
method could lead to information disclosure of arbitrary local files.

Upstream bug:

https://issues.jboss.org/browse/WFLY-9620

Reply via email to