CVE-2018-9117

Source
https://cve.org/CVERecord?id=CVE-2018-9117
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-9117.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2018-9117
Published
2018-03-29T07:29:00.370Z
Modified
2026-07-08T18:18:10.170790Z
Severity
  • 5.3 (Medium) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N CVSS Calculator
Summary
[none]
Details

WireMock before 2.16.0 contains a vulnerability that allows a remote unauthenticated attacker to access local files beyond the application directory via a specially crafted XML request, aka Directory Traversal.

References

Affected packages

Git / github.com/holomekc/wiremock

Affected ranges

Type
GIT
Repo
https://github.com/holomekc/wiremock
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
Database specific
{
    "cpe": "cpe:2.3:a:wiremock:wiremock:*:*:*:*:*:*:*:*",
    "extracted_events": [
        {
            "introduced": "0"
        },
        {
            "fixed": "2.16.0"
        }
    ],
    "source": "CPE_RANGE"
}

Affected versions

1.*
1.33
1.36
1.37
1.38
1.39
1.40
1.41
1.42
1.43
1.44
1.46
1.47
1.48
1.49
1.50
1.51
1.52
1.52-beta
1.53
1.54
1.55
1.56
1.57
1.58
2.*
2.1.10
2.1.2-rc1
2.1.3-rc2
2.1.4-rc3
2.1.5-rc4
2.1.6
2.1.7
2.1.8
2.1.9
2.10.0
2.10.1
2.11.0
2.12.0
2.13.0
2.14.0
2.15.0
2.2.1
2.2.2
2.3.1
2.4.1
2.5.0
2.6.0
2.7.0
2.7.1
2.8.0
2.9.0
release-1.*
release-1.14
release-1.25
Other
untagged-4e03592d74721087f03c
untagged-bdf8e8f86ab0c597e274

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-9117.json"

Git / github.com/wiremock/wiremock

Affected ranges

Type
GIT
Repo
https://github.com/wiremock/wiremock
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
Database specific
{
    "cpe": "cpe:2.3:a:wiremock:wiremock:*:*:*:*:*:*:*:*",
    "extracted_events": [
        {
            "introduced": "0"
        },
        {
            "fixed": "2.16.0"
        }
    ],
    "source": "CPE_RANGE"
}

Affected versions

1.*
1.33
1.36
1.37
1.38
1.39
1.40
1.41
1.42
1.43
1.44
1.46
1.47
1.48
1.49
1.50
1.51
1.52
1.52-beta
1.53
1.54
1.55
1.56
1.57
1.58
2.*
2.1.10
2.1.2-rc1
2.1.3-rc2
2.1.4-rc3
2.1.5-rc4
2.1.6
2.1.7
2.1.8
2.1.9
2.10.0
2.10.1
2.11.0
2.12.0
2.13.0
2.14.0
2.15.0
2.2.1
2.2.2
2.3.1
2.4.1
2.5.0
2.6.0
2.7.0
2.7.1
2.8.0
2.9.0
release-1.*
release-1.14
release-1.25

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-9117.json"