CVE-2014-7816 was assigned to a vulnerability in JBoss Undertow [1]. This flaw was reported by Roberto Soares of Conviso Application Security. Issue Description: It was discovered that Undertow, when running on Microsoft Windows, is vulnerable to a directory traversal flaw. A remote attacker could use this flaw to read arbitrary files that are accessible to the user running the Java process. Fixed Version(s): undertow 1.0.17.Final, undertow 1.2.0.Beta3, undertow 1.1.0.CR5 Victims Record: https://github.com/victims/victims-cve-db/blob/master/database/java/2014/7816.yaml References: https://issues.jboss.org/browse/UNDERTOW-338 https://issues.jboss.org/browse/WFLY-4020 https://bugzilla.redhat.com/CVE-2014-7816 https://access.redhat.com/security/cve/CVE-2014-7816 -- Arun Neelicattu / Red Hat Product Security