VulnerableCode Package Details - pkg:maven/org.jboss.eap/wildfly-undertow@7.1.0.GA

Search for packages

Vulnerability	Summary	Fixed by
VCID-zx9t-54kg-aaam Aliases: CVE-2018-1048 GHSA-prfw-3qx6-g9xr	Path Traversal The AJP connector in undertow does not use the `ALLOW_ENCODED_SLASH` option and thus allow the the slash / anti-slash characters encoded in the url which may lead to path traversal and result in the information disclosure of arbitrary local files.	7.1.1.GA Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}

Vulnerability

Summary

Fixed by

VCID-zx9t-54kg-aaam
Aliases:
CVE-2018-1048
GHSA-prfw-3qx6-g9xr

Path Traversal The AJP connector in undertow does not use the `ALLOW_ENCODED_SLASH` option and thus allow the the slash / anti-slash characters encoded in the url which may lead to path traversal and result in the information disclosure of arbitrary local files.

7.1.1.GA
Affected by 1 other vulnerability.

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Vulnerability

Summary

Aliases

This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-01-17T02:31:07.076359+00:00	GHSA Importer	Affected by	VCID-zx9t-54kg-aaam	None	35.1.0
2024-09-18T09:11:24.058381+00:00	GithubOSV Importer	Affected by	VCID-zx9t-54kg-aaam	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-prfw-3qx6-g9xr/GHSA-prfw-3qx6-g9xr.json	34.0.1
2024-09-17T22:37:18.142903+00:00	GitLab Importer	Affected by	VCID-zx9t-54kg-aaam	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.jboss.eap/wildfly-undertow/CVE-2018-1048.yml	34.0.1
2024-09-17T22:04:34.076854+00:00	GHSA Importer	Affected by	VCID-zx9t-54kg-aaam	https://github.com/advisories/GHSA-prfw-3qx6-g9xr	34.0.1
2024-04-23T23:06:53.614518+00:00	GithubOSV Importer	Affected by	VCID-zx9t-54kg-aaam	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-prfw-3qx6-g9xr/GHSA-prfw-3qx6-g9xr.json	34.0.0rc4
2024-01-03T18:00:15.502198+00:00	GitLab Importer	Affected by	VCID-zx9t-54kg-aaam	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.jboss.eap/wildfly-undertow/CVE-2018-1048.yml	34.0.0rc1
2024-01-03T17:39:23.710864+00:00	GHSA Importer	Affected by	VCID-zx9t-54kg-aaam	https://github.com/advisories/GHSA-prfw-3qx6-g9xr	34.0.0rc1