Undertow Security Vulnerabilities - 2014

cve

CVE-2014-7816

Directory traversal vulnerability in JBoss Undertow 1.0.x before 1.0.17, 1.1.x before 1.1.0.CR5, and 1.2.x before 1.2.0.Beta3, when running on Windows, allows remote attackers to read arbitrary files via a .. (dot dot) in a resource URI.

6.6AI Score

0.046EPSS

2014-12-01 03:59 PM

184