Red Hat · Wildfly · CVE-2018-1047
Name of the Vulnerable Software and Affected Versions:
Wildfly version 9.x
Description:
A flaw was found in Wildfly, where a path traversal vulnerability through the `org.wildfly.extension.undertow.deployment.ServletResourceManager.getResource` method could lead to information disclosure of arbitrary local files.
Recommendations:
For Wildfly version 9.x, consider restricting access to the `org.wildfly.extension.undertow.deployment.ServletResourceManager.getResource` method as a temporary workaround until a patch is available.