WildFly Core before version 6.0.0.Alpha3 does not properly validate file paths in .war archives, allowing for the extraction of crafted .war archives to overwrite arbitrary files. This is an instance of the 'Zip Slip' vulnerability.
Metrics
Affected Vendors & Products
References
History
Fri, 23 Aug 2024 05:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
CPEs | cpe:/a:redhat:jboss_enterprise_application_platform:7.1::el7 |
MITRE
Status: PUBLISHED
Assigner: redhat
Published: 2018-07-27T14:00:00
Updated: 2024-08-05T07:46:47.486Z
Reserved: 2018-05-09T00:00:00
Link: CVE-2018-10862
Vulnrichment
No data.
NVD
Status : Modified
Published: 2018-07-27T14:29:00.300
Modified: 2024-11-21T03:42:10.053
Link: CVE-2018-10862
Redhat