Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:maven/org.wildfly/wildfly-undertow@11.0.0.Beta1
purl pkg:maven/org.wildfly/wildfly-undertow@11.0.0.Beta1
Next non-vulnerable version 12.0.0.Final
Latest non-vulnerable version 12.0.0.Final
Risk 3.9
Vulnerabilities affecting this package (1)
Vulnerability Summary Fixed by
VCID-zku3-qq4e-7fes
Aliases:
CVE-2018-1047
GHSA-fmr4-w67p-vh8x
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') A flaw was found in Wildfly 9.x. A path traversal vulnerability through the org.wildfly.extension.undertow.deployment.ServletResourceManager.getResource method could lead to information disclosure of arbitrary local files.
12.0.0.Final
Affected by 0 other vulnerabilities.
12.0.0
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (1)
Vulnerability Summary Aliases
VCID-tzmu-y1p4-8bac Uncontrolled Resource Consumption Undertow in Red Hat wildfly before version 11.0.0.Beta1 is vulnerable to a resource exhaustion resulting in a denial of service. Undertow keeps a cache of seen HTTP headers in persistent connections. It was found that this cache can easily exploited to fill memory with garbage, up to "max-headers" (default 200) * "max-header-size" (default 1MB) per active TCP connection. CVE-2016-9589
GHSA-p4xg-cpr9-vwvj

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-16T21:47:29.502852+00:00 GitLab Importer Fixing VCID-tzmu-y1p4-8bac https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.wildfly/wildfly-undertow/CVE-2016-9589.yml 38.4.0
2026-04-16T20:49:21.380086+00:00 GitLab Importer Affected by VCID-zku3-qq4e-7fes https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.wildfly/wildfly-undertow/CVE-2018-1047.yml 38.4.0
2026-04-11T23:03:19.398276+00:00 GitLab Importer Fixing VCID-tzmu-y1p4-8bac https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.wildfly/wildfly-undertow/CVE-2016-9589.yml 38.3.0
2026-04-11T22:00:24.954000+00:00 GitLab Importer Affected by VCID-zku3-qq4e-7fes https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.wildfly/wildfly-undertow/CVE-2018-1047.yml 38.3.0
2026-04-02T23:11:42.287553+00:00 GitLab Importer Fixing VCID-tzmu-y1p4-8bac https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.wildfly/wildfly-undertow/CVE-2016-9589.yml 38.1.0
2026-04-02T22:13:30.046389+00:00 GitLab Importer Affected by VCID-zku3-qq4e-7fes https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.wildfly/wildfly-undertow/CVE-2018-1047.yml 38.1.0
2026-04-01T16:30:53.608173+00:00 GitLab Importer Affected by VCID-zku3-qq4e-7fes https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.wildfly/wildfly-undertow/CVE-2018-1047.yml 38.0.0
2026-04-01T16:01:37.760011+00:00 GHSA Importer Fixing VCID-tzmu-y1p4-8bac https://github.com/advisories/GHSA-p4xg-cpr9-vwvj 38.0.0
2026-04-01T13:08:58.738017+00:00 GithubOSV Importer Fixing VCID-tzmu-y1p4-8bac https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-p4xg-cpr9-vwvj/GHSA-p4xg-cpr9-vwvj.json 38.0.0
2026-04-01T12:50:07.664820+00:00 GitLab Importer Fixing VCID-tzmu-y1p4-8bac https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.wildfly/wildfly-undertow/CVE-2016-9589.yml 38.0.0