{"id":"CVE-2018-9117","details":"WireMock before 2.16.0 contains a vulnerability that allows a remote unauthenticated attacker to access local files beyond the application directory via a specially crafted XML request, aka Directory Traversal.","modified":"2026-07-08T18:18:10.170790Z","published":"2018-03-29T07:29:00.370Z","references":[{"type":"WEB","url":"https://groups.google.com/forum/#%21topic/wiremock-user/PQ1UQzKZVl0"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/holomekc/wiremock","events":[{"introduced":"0"},{"fixed":"1329fba17238c8488079719662f534d8fd37ca8f"}],"database_specific":{"source":"CPE_RANGE","cpe":"cpe:2.3:a:wiremock:wiremock:*:*:*:*:*:*:*:*","extracted_events":[{"introduced":"0"},{"fixed":"2.16.0"}]}}],"versions":["2.10.0","2.15.0","2.14.0","2.13.0","2.11.0","2.12.0","2.10.1","untagged-bdf8e8f86ab0c597e274","untagged-4e03592d74721087f03c","2.9.0","2.8.0","2.7.0","2.7.1","2.6.0","2.5.0","2.4.1","2.3.1","2.2.2","2.2.1","2.1.10","2.1.9","2.1.8","2.1.7","2.1.6","2.1.5-rc4","2.1.4-rc3","2.1.3-rc2","2.1.2-rc1","1.58","1.57","1.56","1.55","1.54","1.53","1.52-beta","1.52","1.51","1.50","1.49","1.48","1.47","1.46","1.44","1.43","1.42","1.41","1.40","1.39","1.38","1.37","1.36","1.33","release-1.25","release-1.14"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-9117.json"}},{"ranges":[{"type":"GIT","repo":"https://github.com/wiremock/wiremock","events":[{"introduced":"0"},{"fixed":"1329fba17238c8488079719662f534d8fd37ca8f"}],"database_specific":{"source":"CPE_RANGE","cpe":"cpe:2.3:a:wiremock:wiremock:*:*:*:*:*:*:*:*","extracted_events":[{"introduced":"0"},{"fixed":"2.16.0"}]}}],"versions":["2.15.0","2.14.0","2.13.0","2.11.0","2.12.0","2.10.1","2.10.0","2.9.0","2.8.0","2.7.0","2.7.1","2.6.0","2.5.0","2.4.1","2.3.1","2.2.2","2.2.1","2.1.10","2.1.9","2.1.8","2.1.7","2.1.6","2.1.5-rc4","2.1.4-rc3","2.1.3-rc2","2.1.2-rc1","1.58","1.57","1.56","1.55","1.54","1.53","1.52-beta","1.52","1.51","1.50","1.49","1.48","1.47","1.46","1.44","1.43","1.42","1.41","1.40","1.39","1.38","1.37","1.36","1.33","release-1.25","release-1.14"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-9117.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}]}