BIT-wildfly-2020-27822

See a problem?
Import Source
https://github.com/bitnami/vulndb/tree/main/data/wildfly/BIT-wildfly-2020-27822.json
JSON Data
https://api.osv.dev/v1/vulns/BIT-wildfly-2020-27822
Aliases
Published
2024-03-06T11:09:03.780Z
Modified
2024-03-06T11:25:28.861Z
Summary
[none]
Details

A flaw was found in Wildfly affecting versions 19.0.0.Final, 19.1.0.Final, 20.0.0.Final, 20.0.1.Final, and 21.0.0.Final. When an application uses the OpenTracing API's java-interceptors, there is a possibility of a memory leak. This flaw allows an attacker to impact the availability of the server. The highest threat from this vulnerability is to system availability.

Database specific
{
    "cpes": [
        "cpe:2.3:a:redhat:wildfly:19.0.0:*:*:*:*:*:*:*",
        "cpe:2.3:a:redhat:wildfly:19.1.0:*:*:*:*:*:*:*",
        "cpe:2.3:a:redhat:wildfly:20.0.0:*:*:*:*:*:*:*",
        "cpe:2.3:a:redhat:wildfly:20.0.1:*:*:*:*:*:*:*",
        "cpe:2.3:a:redhat:wildfly:21.0.0:*:*:*:*:*:*:*"
    ],
    "severity": "Medium"
}
References

Affected packages

Bitnami / wildfly

Package

Name
wildfly
Purl
pkg:bitnami/wildfly

Severity

  • 5.9 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Affected ranges

Type
SEMVER
Events
Introduced
19.0.0
Last affected
19.0.0
Introduced
19.1.0
Last affected
19.1.0
Introduced
20.0.0
Last affected
20.0.0
Introduced
20.0.1
Last affected
20.0.1
Introduced
21.0.0
Last affected
21.0.0