GHSA-x7g6-rwhc-g7mj

Source

https://github.com/advisories/GHSA-x7g6-rwhc-g7mj

Import Source

https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2024/05/GHSA-x7g6-rwhc-g7mj/GHSA-x7g6-rwhc-g7mj.json

Aliases

CVE-2024-4029

Published

2024-05-02T15:30:35Z

Modified

2024-05-03T20:28:32.450020Z

Summary

Wildfly vulnerable to denial of service

Details

A vulnerability was found in Wildfly’s management interface. Due to the lack of limitation of sockets for the management interface, it may be possible to cause a denial of service hitting the nofile limit as there is no possibility to configure or set a maximum number of connections.

References

Affected packages

Maven / org.wildfly:wildfly-domain-http

Package

Name: org.wildfly:wildfly-domain-http

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0The exact introduced commit is unknown

Last affected

24.0.0.Final

Affected versions

8.*

8.0.0.Alpha1

8.0.0.Alpha2

8.0.0.Alpha3

8.0.0.Alpha4

8.0.0.Beta1

8.0.0.CR1

8.0.0.Final

8.1.0.CR1

8.1.0.CR2

8.1.0.Final

8.2.0.Final

8.2.1.Final