Control: severity -1 important
I am no longer sure undertow is affected. The issue is marked resolved
upstream and one of the fixing commits
https://github.com/wildfly/wildfly/pull/10748/files
indicates the bug was in WildFly's undertow extension but not in
Undertow itself. I keep this bug
Source: undertow
Version: 1.4.8-1+deb9u1
Severity: grave
Tags: security
Forwarded: https://issues.jboss.org/browse/WFLY-9620
A flaw was found in Wildfly 9.x. A path traversal vulnerability
through the
org.wildfly.extension.undertow.deployment.ServletResourceManager.getResource
method could lead
2 matches
Mail list logo