The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of WildFly

WildFly: memory leak via Host Controller Connect Loop
An attacker can create a memory leak via Host Controller Connect Loop of WildFly, in order to trigger a denial of service...
CVE-2020-25689, VIGILANCE-VUL-33757, WFCORE-5105
WildFly OpenSSL: memory leak via HTTP Session End
An attacker can create a memory leak via HTTP Session End of WildFly OpenSSL, in order to trigger a denial of service...
CVE-2020-25644, RHBUG-1885485, RHSA-2020:4256-01, RHSA-2020:4257-01, RHSA-2020:4922-01, RHSA-2020:4923-01, RHSA-2020:4978-01, RHSA-2020:5340-01, RHSA-2020:5341-01, RHSA-2020:5342-01, RHSA-2020:5344-01, VIGILANCE-VUL-33574
WildFly: privilege escalation via Xerces XMLSchemaValidator use-grammar-pool-only
An attacker can bypass restrictions via Xerces XMLSchemaValidator use-grammar-pool-only of WildFly, in order to escalate his privileges...
CVE-2020-14338, RHBUG-1860054, RHSA-2020:4244-01, RHSA-2020:4245-01, RHSA-2020:4246-01, RHSA-2020:4247-01, RHSA-2020:4929-01, RHSA-2020:4930-01, RHSA-2020:4931-01, RHSA-2020:4932-01, VIGILANCE-VUL-33366
WildFly: privilege escalation via Security Manager
An attacker can bypass restrictions via Security Manager of WildFly, in order to escalate his privileges...
CVE-2019-14843, RHSA-2019:2973-01, RHSA-2019:2974-01, RHSA-2019:4018-01, RHSA-2019:4019-01, RHSA-2019:4020-01, RHSA-2019:4021-01, RHSA-2019:4040-01, RHSA-2019:4041-01, RHSA-2019:4042-01, RHSA-2019:4045-01, VIGILANCE-VUL-30542
Red Hat JBoss Enterprise Application Platform, WildFly: privilege escalation via ElytronManagedThread
An attacker can bypass restrictions via ElytronManagedThread of Red Hat JBoss Enterprise Application Platform, in order to escalate his privileges...
CVE-2019-3894, RHSA-2019:1106-01, RHSA-2019:1107-01, RHSA-2019:1108-01, RHSA-2019:1140-01, VIGILANCE-VUL-29228
WildFly: privilege escalation via PID File
An attacker can bypass restrictions via PID File of WildFly, in order to escalate his privileges...
CVE-2019-3805, RHSA-2019:1106-01, RHSA-2019:1107-01, RHSA-2019:1108-01, RHSA-2019:1140-01, VIGILANCE-VUL-29227
WildFly: Cross Site Scripting via JBoss Management Console
An attacker can trigger a Cross Site Scripting via JBoss Management Console of WildFly, in order to run JavaScript code in the context of the web site...
CVE-2018-10934, RHBUG-1615673, RHSA-2019:0362-01, RHSA-2019:0364-01, RHSA-2019:0365-01, RHSA-2019:0380-01, RHSA-2019:1159-01, RHSA-2019:1160-01, RHSA-2019:1161-01, RHSA-2019:1162-01, VIGILANCE-VUL-28538
WildFly: information disclosure via IIOP SSL Required
An attacker can bypass access restrictions to data via IIOP SSL Required of WildFly, in order to obtain sensitive information...
CVE-2018-14627, RHSA-2018:3527-01, RHSA-2018:3528-01, RHSA-2018:3529-01, RHSA-2018:3592-01, RHSA-2018:3593-01, RHSA-2018:3595-01, VIGILANCE-VUL-27147, WFLY-9107
WildFly: directory traversal
An attacker can traverse directories of WildFly, in order to create a file outside the service root path. This vulnerability is a member of the Zip Slip family (VIGILANCE-VUL-26357)...
1593527, CVE-2018-10862, RHSA-2018:2276-01, RHSA-2018:2277-01, RHSA-2018:2423-01, RHSA-2018:2424-01, RHSA-2018:2425-01, VIGILANCE-VUL-26853, WFCORE-3938
WildFly: directory traversal
An attacker can traverse directories of WildFly, in order to read a file outside the service root path...
CVE-2018-1047, RHSA-2018:1247-01, RHSA-2018:1248-01, RHSA-2018:1249-01, RHSA-2018:1251-01, VIGILANCE-VUL-25151, WFLY-9620
Our database contains other pages. You can request a free trial to read them.

Display information about WildFly: