Bug#891929: CVE-2018-1047: information disclosure of arbitrary local files

Markus Koschany Fri, 02 Mar 2018 09:52:09 -0800

Source: undertow
Version: 1.4.8-1+deb9u1
Severity: grave
Tags: security
Forwarded: https://issues.jboss.org/browse/WFLY-9620


A flaw was found in Wildfly 9.x. A path traversal vulnerability
through the
org.wildfly.extension.undertow.deployment.ServletResourceManager.getResource
method could lead to information disclosure of arbitrary local files.

Upstream bug:

https://issues.jboss.org/browse/WFLY-9620

__
This is the maintainer address of Debian's Java team
<http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-java-maintainers>. 
Please use
debian-j...@lists.debian.org for discussions and questions.

Bug#891929: CVE-2018-1047: information disclosure of arbitrary local files

Reply via email to