Known Vulnerabilities for Wildfly by Redhat
Listed below are 10 of the newest known vulnerabilities associated with "Wildfly" by "Redhat".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2022-1278 json | A flaw was found in WildFly, where an attacker can see deployment names, endpoints, and any other data the trace payload may ... | 7.5 - HIGH | 2022-09-13 | 2023-03-22 |
| CVE-2022-0866 json | This is a concurrency issue that can result in the wrong caller principal being returned from the session context of an EJB t... | 5.3 - MEDIUM | 2022-05-10 | 2022-05-18 |
| CVE-2021-3644 json | A flaw was found in wildfly-core in all versions. If a vault expression is in the form of a single attribute that contains mu... | 3.3 - LOW | 2022-08-26 | 2022-08-31 |
| CVE-2021-3536 json | A flaw was found in Wildfly in versions before 23.0.2.Final while creating a new role in domain mode via the admin console, i... | 4.8 - MEDIUM | 2021-05-20 | 2021-05-26 |
| CVE-2021-3503 json | A flaw was found in Wildfly where insufficient RBAC restrictions may lead to expose metrics data. The highest threat from thi... | 4.3 - MEDIUM | 2022-04-18 | 2022-10-25 |
| CVE-2020-27822 json | A flaw was found in Wildfly affecting versions 19.0.0.Final, 19.1.0.Final, 20.0.0.Final, 20.0.1.Final, and 21.0.0.Final. When... | 5.9 - MEDIUM | 2020-12-08 | 2020-12-14 |
| CVE-2020-25689 json | A memory leak flaw was found in WildFly in all versions up to 21.0.0.Final, where host-controller tries to reconnect in a loo... | 6.5 - MEDIUM | 2020-11-02 | 2023-02-12 |
| CVE-2020-25640 json | A flaw was discovered in WildFly before 21.0.0.Final where, Resource adapter logs plain text JMS password at warning level on... | 5.3 - MEDIUM | 2020-11-24 | 2023-11-07 |
| CVE-2020-14317 json | It was found that the issue for security flaw CVE-2019-3805 appeared again in a further version of JBoss Enterprise Applicati... | 5.5 - MEDIUM | 2021-06-02 | 2021-06-10 |
| CVE-2020-10740 json | A vulnerability was found in Wildfly in versions before 20.0.0.Final, where a remote deserialization attack is possible in th... | 7.5 - HIGH | 2020-06-22 | 2023-11-07 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Redhat | Wildfly | 9.0.2 | |||
| Application | Redhat | Wildfly | 9.0.1 | |||
| Application | Redhat | Wildfly | 9.0.0 | |||
| Application | Redhat | Wildfly | 9.0.0 | |||
| Application | Redhat | Wildfly | 9.0.0 | |||
| Application | Redhat | Wildfly | 9.0.0 | |||
| Application | Redhat | Wildfly | 9.0.0 | |||
| Application | Redhat | Wildfly | 9.0.0 | |||
| Application | Redhat | Wildfly | 8.2.1 | |||
| Application | Redhat | Wildfly | 8.1.0 | |||
| Application | Redhat | Wildfly | 8.1.0 | |||
| Application | Redhat | Wildfly | 8.1.0 | |||
| Application | Redhat | Wildfly | 8.0.0 | |||
| Application | Redhat | Wildfly | 8.0.0 | |||
| Application | Redhat | Wildfly | 8.0.0 | |||
| Application | Redhat | Wildfly | 8.0.0 | |||
| Application | Redhat | Wildfly | 8.0.0 | |||
| Application | Redhat | Wildfly | 8.0.0 | |||
| Application | Redhat | Wildfly | 8.0.0 | |||
| Application | Redhat | Wildfly | 7.2.5 |