CVE-2018-1047

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2018-1047
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2018-1047.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2018-1047
Aliases
Downstream
Published
2018-01-24T23:29:00.527Z
Modified
2025-11-14T05:29:41.489293Z
Severity
  • 5.5 (Medium) CVSS_V3 - CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N CVSS Calculator
Summary
[none]
Details

A flaw was found in Wildfly 9.x. A path traversal vulnerability through the org.wildfly.extension.undertow.deployment.ServletResourceManager.getResource method could lead to information disclosure of arbitrary local files.

References

Affected packages

Git / github.com/wildfly/wildfly

Affected ranges

Type
GIT
Repo
https://github.com/wildfly/wildfly
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
1299aae21ee19d2dc2f174b09b3d74e4faec7f9b
Last affected
1dd4c59a9f4d267583710fa324605e28bb35f73a
Last affected
1fadb169e89f1f7a6b16b1c398829dcd633bbb1c
Last affected
2320f4776a3bd3a6a7592209b207116607bd00c0
Last affected
270c8e07135cca2eba43e00727bad171822aff70
Last affected
286ec956ffd9ae730d960282b7a456fe649addcb
Last affected
2a1457307dbbc6c24111033c54f673f50da1666a
Last affected
3fbeffe9495e0a7073eedd4a5bfb3a1de6d8f201
Last affected
4b6828ba90ba25d1c0f126d9c6fcd24c38472ec3
Last affected
4fd7bffaf2ee73201910684f2674aa1bced7fe81
Last affected
56d0d601c396dcfca53e1fe1ab0322869f3e1dc3
Last affected
5f187399f3181045087e657b0b862dba58b67e6d
Last affected
80efb93b7cdb44b82efb212b1e18a9befff996d2
Last affected
89ba74569dbaafa2354d48d7586adf2d0887bc10
Last affected
8e8c168709dc8e2f8906782620646d26eca03eb9
Last affected
95fa2360ea2f698378c730d40eb3ee3812f271a9
Last affected
a831af819cf422642eaece9d75e3b0379c2017a7
Last affected
b1a6c1fe7b2cea0f00227508f0c733c0a8e62fe3
Last affected
b1ac71d52b504dbf740b13472b7c38852fa77eec
Last affected
b31edb322399608018e53d28df49b62cea042654
Last affected
bb382e0b0c80920ae33d9ef4bb568a28cc7e8477
Last affected
bee82ccf23eb87f2e9acf0a4e04b5ffa113f956b
Last affected
c3332cec0c9bc5dc57899c2ae7ba26dd0c627686
Last affected
d71e1b2ee97e6d4c9b9e648031b0c85187c42e58
Last affected
d8c1480bb58de0f632a1942e9e659be06bc59dad
Last affected
dd94d593ea684ed80e88f708d742f32cd321aec1
Last affected
ef9dac9eb5c1bacfd6ff10b313a6f272019febb7
Last affected
f52e8d79b9eff90b8c063e1c96d1c37be746c807

Affected versions

10.*

10.0.0.Alpha1
10.0.0.Alpha2
10.0.0.Alpha3
10.0.0.Alpha4
10.0.0.Alpha5
10.0.0.Alpha6
10.0.0.Beta1
10.0.0.Beta2
10.0.0.CR1
10.0.0.CR2
10.0.0.CR3
10.0.0.CR4
10.0.0.CR5
10.0.0.Final

11.*

11.0.0.Alpha1

7.*

7.0.0.Alpha1
7.0.0.Alpha1-final
7.0.0.Beta1-prerelease
7.0.0.Beta2
7.0.0.Beta2-prerelease
7.0.0.Beta3
7.0.0.CR1
7.0.0.Final
7.0.0.Final-prerelease
7.0.0.Final-prerelease2
7.0.0.Final-prerelease3
7.1.0.Alpha1
7.1.0.Beta1
7.1.0.CR1
7.1.0.Final
7.1.0.Final-prerelease
7.1.0.Final-prerelease2
7.1.1.Final
7.1.2-prerelease
7.1.2.Final
7.2.0.Final
7.2.0.Final-prerelease1

8.*

8.0.0.Alpha1
8.0.0.Alpha2
8.0.0.Alpha3
8.0.0.Alpha4
8.0.0.Beta1
8.0.0.CR1
8.0.0.Final
8.1.0.CR1
8.1.0.CR2

9.*

9.0.0.Beta1
9.0.0.Beta2
9.0.0.CR1
9.0.0.CR2
9.0.0.Final
9.0.1.Final
9.0.2.Final

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2018-1047.json"