Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Jboss EAP Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) Vulnerability - CVE-2018-10862 - Vulnerability Database
Jboss EAP

Jboss EAP Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) Vulnerability - CVE-2018-10862

Medium
Reference: CVE-2018-10862
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2018-10862
Title: Jboss EAP Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) Vulnerability
Overview:

WildFly Core before version 6.0.0.Alpha3 does not properly validate file paths in .war archives allowing for the extraction of crafted .war archives to overwrite arbitrary files. This is an instance of the 39Zip Slip39 vulnerability.