Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:maven/org.wildfly.core/wildfly-server@4.0.0.Alpha9
purl pkg:maven/org.wildfly.core/wildfly-server@4.0.0.Alpha9
Next non-vulnerable version 16.0.1.Final
Latest non-vulnerable version 28.0.0.Beta2
Risk 3.4
Vulnerabilities affecting this package (2)
Vulnerability Summary Fixed by
VCID-f4hk-8zp4-9fd3
Aliases:
CVE-2018-10862
GHSA-w8r2-5j8x-x8j6
WildFly Core before version 6.0.0.Alpha3 does not properly validate file paths in .war archives, allowing for the extraction of crafted .war archives to overwrite arbitrary files. This is an instance of the 'Zip Slip' vulnerability.
6.0.0.Alpha3
Affected by 1 other vulnerability.
VCID-ppap-96ds-9ygc
Aliases:
CVE-2021-3644
GHSA-w88m-2936-rmxr
wildfly-core allows user with access to management interface to access vault expression, retrieve item from vault A flaw was found in wildfly-core in all versions. If a vault expression is in the form of a single attribute that contains multiple expressions, a user who was granted access to the management interface can potentially access a vault expression they should not be able to access and possibly retrieve the item which was stored in the vault. The highest threat from this vulnerability is data confidentiality and integrity.
16.0.1.Final
Affected by 0 other vulnerabilities.
17.0.0.Beta3
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-16T22:07:48.396439+00:00 GitLab Importer Affected by VCID-ppap-96ds-9ygc https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.wildfly.core/wildfly-server/CVE-2021-3644.yml 38.4.0
2026-04-16T21:51:08.918572+00:00 GitLab Importer Affected by VCID-f4hk-8zp4-9fd3 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.wildfly.core/wildfly-server/CVE-2018-10862.yml 38.4.0
2026-04-11T23:24:11.924260+00:00 GitLab Importer Affected by VCID-ppap-96ds-9ygc https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.wildfly.core/wildfly-server/CVE-2021-3644.yml 38.3.0
2026-04-11T23:07:14.427619+00:00 GitLab Importer Affected by VCID-f4hk-8zp4-9fd3 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.wildfly.core/wildfly-server/CVE-2018-10862.yml 38.3.0
2026-04-02T23:30:37.209604+00:00 GitLab Importer Affected by VCID-ppap-96ds-9ygc https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.wildfly.core/wildfly-server/CVE-2021-3644.yml 38.1.0
2026-04-02T23:15:25.913725+00:00 GitLab Importer Affected by VCID-f4hk-8zp4-9fd3 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.wildfly.core/wildfly-server/CVE-2018-10862.yml 38.1.0
2026-04-01T17:52:07.825577+00:00 GitLab Importer Affected by VCID-ppap-96ds-9ygc https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.wildfly.core/wildfly-server/CVE-2021-3644.yml 38.0.0
2026-04-01T17:35:27.315700+00:00 GitLab Importer Affected by VCID-f4hk-8zp4-9fd3 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.wildfly.core/wildfly-server/CVE-2018-10862.yml 38.0.0