High severityNVD Advisory· Published Oct 6, 2020· Updated Aug 4, 2024
CVE-2020-25644
CVE-2020-25644
Description
A memory leak flaw was found in WildFly OpenSSL in versions prior to 1.1.3.Final, where it removes an HTTP session. It may allow the attacker to cause OOM leading to a denial of service. The highest threat from this vulnerability is to system availability.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
org.wildfly.openssl:wildfly-openssl-natives-parentMaven | < 1.1.3.Final | 1.1.3.Final |
Affected products
2- WildFly/WildFly OpenSSLdescription
Patches
Vulnerability mechanics
References
9- github.com/advisories/GHSA-hxj4-885f-grgpghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2020-25644ghsaADVISORY
- bugzilla.redhat.com/show_bug.cgighsaWEB
- github.com/wildfly-security/wildfly-openssl-natives/commit/7c26514676f3fb0dee0bcaa7d4680f982372950fghsaWEB
- github.com/wildfly-security/wildfly-openssl-natives/pull/4ghsaWEB
- github.com/wildfly-security/wildfly-openssl-natives/pull/4/filesghsaWEB
- issues.redhat.com/browse/WFSSL-51ghsaWEB
- security.netapp.com/advisory/ntap-20201016-0004ghsaWEB
- security.netapp.com/advisory/ntap-20201016-0004/mitre
News mentions
0No linked articles in our index yet.