Jboss Wildfly Application Server@10.0.0 Security Vulnerabilities and Issues — Jboss Wildfly Application Server@10.0.0 CVE List

Lucene search

RedhatJboss Wildfly Application Server10.0.0

3 matches found

CVE•added 2018/01/24 11:29 p.m.•363 views

CVE-2018-1047

A flaw was found in Wildfly 9.x. A path traversal vulnerability through the org.wildfly.extension.undertow.deployment.ServletResourceManager.getResource method could lead to information disclosure of arbitrary local files.

5.5CVSS5.3AI score0.00245EPSS

CVE•added 2016/09/26 2:59 p.m.•177 views

CVE-2016-4993

CRLF injection vulnerability in the Undertow web server in WildFly 10.0.0, as used in Red Hat JBoss Enterprise Application Platform (EAP) 7.x before 7.0.2, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.

6.1CVSS6.3AI score0.00595EPSS

CVE•added 2016/04/01 7:59 p.m.•110 views

CVE-2016-0793

Incomplete blacklist vulnerability in the servlet filter restriction mechanism in WildFly (formerly JBoss Application Server) before 10.0.0.Final on Windows allows remote attackers to read the sensitive files in the (1) WEB-INF or (2) META-INF directory via a request that contains (a) lowercase or ...

7.5CVSS7.2AI score0.32173EPSS