Uploaded image for project: 'WildFly'
  1. WildFly
  2. WFLY-4020

CVE-2014-7816 Information disclosure via directory traversal

    XMLWordPrintable

Details

    Description

      Directory traversal vulnerability allows access to arbitrary files. This can be triggered by using `dot dot` prefix to requested resource URI.

      Refer to CVE-2014-7816 for more information.

      Undertow issue is at UNDERTOW-338.

      Note that at the time of filing this is under embargo until instructed by the original reporter.

      Attachments

        Activity

          People

            sdouglas1@redhat.com Stuart Douglas
            abn_jira Arun Neelicattu (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: