Maven package
org.wildfly.bom/wildfly
pkg:maven/org.wildfly.bom/wildfly
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-1278 | Hig | 7.5 | < 27.0.0.Beta1 | 27.0.0.Beta1 | Sep 13, 2022 | A flaw was found in WildFly, where an attacker can see deployment names, endpoints, and any other data the trace payload may contain. | |
| CVE-2020-1719 | Med | 5.4 | < 20.0.0.Final | 20.0.0.Final | Jun 7, 2021 | A flaw was found in wildfly. The EJBContext principle is not popped back after invoking another EJB using a different Security Domain. The highest threat from this vulnerability is to data confidentiality and integrity. Versions before wildfly 20.0.0.Final are affected. |
- affected < 27.0.0.Beta1fixed 27.0.0.Beta1
A flaw was found in WildFly, where an attacker can see deployment names, endpoints, and any other data the trace payload may contain.
- affected < 20.0.0.Finalfixed 20.0.0.Final
A flaw was found in wildfly. The EJBContext principle is not popped back after invoking another EJB using a different Security Domain. The highest threat from this vulnerability is to data confidentiality and integrity. Versions before wildfly 20.0.0.Final are affected.