VYPR

Maven package

org.wildfly.core/wildfly-server

pkg:maven/org.wildfly.core/wildfly-server

Vulnerabilities (3)

  • CVE-2025-23367Jan 30, 2025
    affected < 27.0.1.Finalfixed 27.0.1.Final

    A flaw was found in the Wildfly Server Role Based Access Control (RBAC) provider. When authorization to control management operations is secured using the Role Based Access Control provider, a user without the required privileges can suspend or resume the server. A user with a Mo

  • CVE-2021-3644Aug 26, 2022
    affected < 16.0.1.Finalfixed 16.0.1.Final

    A flaw was found in wildfly-core in all versions. If a vault expression is in the form of a single attribute that contains multiple expressions, a user who was granted access to the management interface can potentially access a vault expression they should not be able to access a

  • CVE-2018-10862MedJul 27, 2018
    affected < 6.0.0.Alpha3fixed 6.0.0.Alpha3

    WildFly Core before version 6.0.0.Alpha3 does not properly validate file paths in .war archives, allowing for the extraction of crafted .war archives to overwrite arbitrary files. This is an instance of the 'Zip Slip' vulnerability.