Moderate severityNVD Advisory· Published Jan 24, 2018· Updated Aug 5, 2024
CVE-2018-1047
CVE-2018-1047
Description
A flaw was found in Wildfly 9.x. A path traversal vulnerability through the org.wildfly.extension.undertow.deployment.ServletResourceManager.getResource method could lead to information disclosure of arbitrary local files.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Members only
The AI Insight narrative is available to signed-in members. Sign in or create a free account to read it.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
org.wildfly:wildfly-undertowMaven | < 12.0.0 | 12.0.0 |
Affected products
2- Red Hat, Inc./Wildflyv5Range: 9.x
Patches
Members only
Discovered fix commits and diffs is available to signed-in members. Sign in or create a free account to read it.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
10- access.redhat.com/errata/RHSA-2018:1247ghsavendor-advisoryx_refsource_REDHATWEB
- access.redhat.com/errata/RHSA-2018:1248ghsavendor-advisoryx_refsource_REDHATWEB
- access.redhat.com/errata/RHSA-2018:1249ghsavendor-advisoryx_refsource_REDHATWEB
- access.redhat.com/errata/RHSA-2018:1251ghsavendor-advisoryx_refsource_REDHATWEB
- access.redhat.com/errata/RHSA-2018:2938ghsavendor-advisoryx_refsource_REDHATWEB
- github.com/advisories/GHSA-fmr4-w67p-vh8xghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2018-1047ghsaADVISORY
- access.redhat.com/security/cve/CVE-2018-1047ghsaWEB
- bugzilla.redhat.com/show_bug.cgighsax_refsource_CONFIRMWEB
- issues.jboss.org/browse/WFLY-9620ghsax_refsource_CONFIRMWEB
News mentions
0No linked articles in our index yet.