REDHAT-BUG-1528361: Medium severity JBoss Wildfly vulnerability
A flaw was found in Wildfly 9.x. A patch traversal vulnerability through the org.wildfly.extension.undertow.deployment.ServletResourceManager.getResource method could lead to information disclosure of arbitrary local files.
Upstrea bug:
https://issues.jboss.org/browse/WFLY-9620
References:
https://developer.jboss.org/thread/276826
Affected Software
Event History
Frequently Asked Questions
What is the severity of REDHAT-BUG-1528361?
REDHAT-BUG-1528361 is classified as a high-severity vulnerability due to the potential for information disclosure.
How do I fix REDHAT-BUG-1528361?
To resolve REDHAT-BUG-1528361, it is recommended to upgrade to a patched version of Wildfly that addresses this vulnerability.
What versions of Wildfly are affected by REDHAT-BUG-1528361?
REDHAT-BUG-1528361 affects JBoss Wildfly versions starting from 9.0 and above.
What type of vulnerability is REDHAT-BUG-1528361?
REDHAT-BUG-1528361 is a patch traversal vulnerability that allows access to arbitrary local files.
What can be disclosed due to REDHAT-BUG-1528361?
REDHAT-BUG-1528361 can lead to the unintentional disclosure of sensitive information from local files.