The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of WildFly

Wildfly: memory leak via OpenTracing API
An attacker can create a memory leak via OpenTracing API of Wildfly, in order to trigger a denial of service...
CVE-2020-27822, RHBUG-1904060, RHSA-2021:0246-01, RHSA-2021:0247-01, RHSA-2021:0248-01, RHSA-2021:0250-01, RHSA-2021:0317-01, VIGILANCE-VUL-34049
WildFly: password leak in log file
An attacker can retrieve usernames and associated passwords in WildFly log files...
13, CVE-2020-25640, RHSA-2021:0246-01, RHSA-2021:0247-01, RHSA-2021:0248-01, RHSA-2021:0250-01, VIGILANCE-VUL-33970
WildFly: memory leak via Host Controller Connect Loop
An attacker can create a memory leak via Host Controller Connect Loop of WildFly, in order to trigger a denial of service...
CVE-2020-25689, RHSA-2021:0246-01, RHSA-2021:0247-01, RHSA-2021:0248-01, RHSA-2021:0250-01, VIGILANCE-VUL-33757, WFCORE-5105
WildFly OpenSSL: memory leak via HTTP Session End
An attacker can create a memory leak via HTTP Session End of WildFly OpenSSL, in order to trigger a denial of service...
CVE-2020-25644, RHBUG-1885485, RHSA-2020:4256-01, RHSA-2020:4257-01, RHSA-2020:4922-01, RHSA-2020:4923-01, RHSA-2020:4978-01, RHSA-2020:5340-01, RHSA-2020:5341-01, RHSA-2020:5342-01, RHSA-2020:5344-01, VIGILANCE-VUL-33574
WildFly: privilege escalation via Xerces XMLSchemaValidator use-grammar-pool-only
An attacker can bypass restrictions via Xerces XMLSchemaValidator use-grammar-pool-only of WildFly, in order to escalate his privileges...
CVE-2020-14338, RHBUG-1860054, RHSA-2020:4244-01, RHSA-2020:4245-01, RHSA-2020:4246-01, RHSA-2020:4247-01, RHSA-2020:4929-01, RHSA-2020:4930-01, RHSA-2020:4931-01, RHSA-2020:4932-01, VIGILANCE-VUL-33366
Wildfly: code execution via EJB Deserialization
An attacker can use a vulnerability via EJB Deserialization of Wildfly, in order to run code...
CVE-2020-10740, RHBUG-1834512, RHSA-2020:3141-01, RHSA-2020:3142-01, RHSA-2020:3143-01, RHSA-2020:3144-01, RHSA-2020:3461-01, RHSA-2020:3462-01, RHSA-2020:3463-01, RHSA-2020:3464-01, RHSA-2020:3495-01, RHSA-2020:3496-01, RHSA-2020:3497-01, RHSA-2020:3501-01, RHSA-2020:3637-01, RHSA-2020:3638-01, RHSA-2020:3639-01, RHSA-2020:3642-01, VIGILANCE-VUL-32602
WildFly: privilege escalation via Security Manager
An attacker can bypass restrictions via Security Manager of WildFly, in order to escalate his privileges...
CVE-2019-14843, RHSA-2019:2973-01, RHSA-2019:2974-01, RHSA-2019:4018-01, RHSA-2019:4019-01, RHSA-2019:4020-01, RHSA-2019:4021-01, RHSA-2019:4040-01, RHSA-2019:4041-01, RHSA-2019:4042-01, RHSA-2019:4045-01, VIGILANCE-VUL-30542
Red Hat JBoss Enterprise Application Platform, WildFly: privilege escalation via ElytronManagedThread
An attacker can bypass restrictions via ElytronManagedThread of Red Hat JBoss Enterprise Application Platform, in order to escalate his privileges...
CVE-2019-3894, RHSA-2019:1106-01, RHSA-2019:1107-01, RHSA-2019:1108-01, RHSA-2019:1140-01, VIGILANCE-VUL-29228
WildFly: privilege escalation via PID File
An attacker can bypass restrictions via PID File of WildFly, in order to escalate his privileges...
CVE-2019-3805, RHSA-2019:1106-01, RHSA-2019:1107-01, RHSA-2019:1108-01, RHSA-2019:1140-01, VIGILANCE-VUL-29227
WildFly: Cross Site Scripting via JBoss Management Console
An attacker can trigger a Cross Site Scripting via JBoss Management Console of WildFly, in order to run JavaScript code in the context of the web site...
CVE-2018-10934, RHBUG-1615673, RHSA-2019:0362-01, RHSA-2019:0364-01, RHSA-2019:0365-01, RHSA-2019:0380-01, RHSA-2019:1159-01, RHSA-2019:1160-01, RHSA-2019:1161-01, RHSA-2019:1162-01, VIGILANCE-VUL-28538
Our database contains other pages. You can request a free trial to read them.

Display information about WildFly: