Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:maven/org.wildfly.core/wildfly-server@6.0.0.Alpha3
purl pkg:maven/org.wildfly.core/wildfly-server@6.0.0.Alpha3
Next non-vulnerable version 16.0.1.Final
Latest non-vulnerable version 28.0.0.Beta2
Risk 1.5
Vulnerabilities affecting this package (1)
Vulnerability Summary Fixed by
VCID-ppap-96ds-9ygc
Aliases:
CVE-2021-3644
GHSA-w88m-2936-rmxr
wildfly-core allows user with access to management interface to access vault expression, retrieve item from vault A flaw was found in wildfly-core in all versions. If a vault expression is in the form of a single attribute that contains multiple expressions, a user who was granted access to the management interface can potentially access a vault expression they should not be able to access and possibly retrieve the item which was stored in the vault. The highest threat from this vulnerability is data confidentiality and integrity.
16.0.1.Final
Affected by 0 other vulnerabilities.
17.0.0.Beta3
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (1)
Vulnerability Summary Aliases
VCID-f4hk-8zp4-9fd3 WildFly Core before version 6.0.0.Alpha3 does not properly validate file paths in .war archives, allowing for the extraction of crafted .war archives to overwrite arbitrary files. This is an instance of the 'Zip Slip' vulnerability. CVE-2018-10862
GHSA-w8r2-5j8x-x8j6

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-16T22:07:48.471108+00:00 GitLab Importer Affected by VCID-ppap-96ds-9ygc https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.wildfly.core/wildfly-server/CVE-2021-3644.yml 38.4.0
2026-04-16T21:51:08.992392+00:00 GitLab Importer Fixing VCID-f4hk-8zp4-9fd3 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.wildfly.core/wildfly-server/CVE-2018-10862.yml 38.4.0
2026-04-11T23:24:12.003715+00:00 GitLab Importer Affected by VCID-ppap-96ds-9ygc https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.wildfly.core/wildfly-server/CVE-2021-3644.yml 38.3.0
2026-04-11T23:07:14.465026+00:00 GitLab Importer Fixing VCID-f4hk-8zp4-9fd3 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.wildfly.core/wildfly-server/CVE-2018-10862.yml 38.3.0
2026-04-04T14:30:14.940242+00:00 GHSA Importer Fixing VCID-f4hk-8zp4-9fd3 https://github.com/advisories/GHSA-w8r2-5j8x-x8j6 38.1.0
2026-04-02T23:30:37.283398+00:00 GitLab Importer Affected by VCID-ppap-96ds-9ygc https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.wildfly.core/wildfly-server/CVE-2021-3644.yml 38.1.0
2026-04-02T23:15:25.985597+00:00 GitLab Importer Fixing VCID-f4hk-8zp4-9fd3 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.wildfly.core/wildfly-server/CVE-2018-10862.yml 38.1.0
2026-04-01T17:52:07.905304+00:00 GitLab Importer Affected by VCID-ppap-96ds-9ygc https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.wildfly.core/wildfly-server/CVE-2021-3644.yml 38.0.0
2026-04-01T13:08:54.383053+00:00 GithubOSV Importer Fixing VCID-f4hk-8zp4-9fd3 https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-w8r2-5j8x-x8j6/GHSA-w8r2-5j8x-x8j6.json 38.0.0
2026-04-01T12:50:33.256152+00:00 GitLab Importer Fixing VCID-f4hk-8zp4-9fd3 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.wildfly.core/wildfly-server/CVE-2018-10862.yml 38.0.0