Homepage
About Snyk

org.wildfly:wildfly-undertow@10.0.0.Alpha3 vulnerabilities

Go back to all versions of this package
Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the org.wildfly:wildfly-undertow package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for free
Vulnerability Vulnerable Version
  • M
Directory Traversal

org.wildfly:wildfly-undertow is an application that helps you build applications.

Affected versions of this package are vulnerable to Directory Traversal through the ServletResourceManager.getResource method which could lead to the disclosure of arbitrary local files.

How to fix Directory Traversal?

Upgrade org.wildfly:wildfly-undertow to version 12.0.0.Alpha1 or higher.

[,12.0.0.Alpha1)
  • H
Information Exposure

org.wildfly:wildfly-undertow Incomplete blacklist vulnerability in the servlet filter restriction mechanism in WildFly (formerly JBoss Application Server) before 10.0.0.Final on Windows allows remote attackers to read the sensitive files in the (1) WEB-INF or (2) META-INF directory via a request that contains (a) lowercase or (b) "meaningless" characters.

[,10.0.0.Final)
Go back to all versions of this package