VulnerableCode Package Details - pkg:maven/org.wildfly/wildfly-undertow@11.0.0.Final

Search for packages

Vulnerability	Summary	Fixed by
VCID-zku3-qq4e-7fes Aliases: CVE-2018-1047 GHSA-fmr4-w67p-vh8x	Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') A flaw was found in Wildfly 9.x. A path traversal vulnerability through the org.wildfly.extension.undertow.deployment.ServletResourceManager.getResource method could lead to information disclosure of arbitrary local files.	12.0.0.Final Affected by 0 other vulnerabilities. 12.0.0 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-zku3-qq4e-7fes
Aliases:
CVE-2018-1047
GHSA-fmr4-w67p-vh8x

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') A flaw was found in Wildfly 9.x. A path traversal vulnerability through the org.wildfly.extension.undertow.deployment.ServletResourceManager.getResource method could lead to information disclosure of arbitrary local files.

12.0.0.Final
Affected by 0 other vulnerabilities.

12.0.0
Affected by 0 other vulnerabilities.

Vulnerability	Summary	Aliases
VCID-ay2f-3xcv-dqdc	Improper Neutralization of CRLF Sequences in HTTP Headers CRLF injection vulnerability in the Undertow web server allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.	CVE-2016-4993 GHSA-qcqr-hcjq-whfq

Vulnerability

Summary

Aliases

VCID-ay2f-3xcv-dqdc

Improper Neutralization of CRLF Sequences in HTTP Headers CRLF injection vulnerability in the Undertow web server allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.

CVE-2016-4993
GHSA-qcqr-hcjq-whfq

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T20:49:21.386631+00:00	GitLab Importer	Affected by	VCID-zku3-qq4e-7fes	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.wildfly/wildfly-undertow/CVE-2018-1047.yml	38.4.0
2026-04-11T22:00:24.961949+00:00	GitLab Importer	Affected by	VCID-zku3-qq4e-7fes	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.wildfly/wildfly-undertow/CVE-2018-1047.yml	38.3.0
2026-04-04T14:31:04.329341+00:00	GHSA Importer	Fixing	VCID-ay2f-3xcv-dqdc	https://github.com/advisories/GHSA-qcqr-hcjq-whfq	38.1.0
2026-04-03T21:25:59.906633+00:00	GitLab Importer	Fixing	VCID-ay2f-3xcv-dqdc	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.wildfly/wildfly-undertow/CVE-2016-4993.yml	38.1.0
2026-04-02T22:13:30.052740+00:00	GitLab Importer	Affected by	VCID-zku3-qq4e-7fes	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.wildfly/wildfly-undertow/CVE-2018-1047.yml	38.1.0
2026-04-01T16:30:53.616521+00:00	GitLab Importer	Affected by	VCID-zku3-qq4e-7fes	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.wildfly/wildfly-undertow/CVE-2018-1047.yml	38.0.0
2026-04-01T13:08:04.790611+00:00	GithubOSV Importer	Fixing	VCID-ay2f-3xcv-dqdc	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-qcqr-hcjq-whfq/GHSA-qcqr-hcjq-whfq.json	38.0.0