Vulnerabilities (CVE)

Filtered by vendor Redhat Subscribe

Filtered by product Wildfly Core

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2021-3629	1 Redhat	6 Enterprise Linux, Integration, Jboss Enterprise Application Platform and 3 more	2022-07-29	5.0 MEDIUM	7.5 HIGH
A flaw was found in Undertow. A potential security issue in flow control handling by the browser over http/2 may potentially cause overhead or a denial of service in the server. The highest threat from this vulnerability is availability. This flaw affects Undertow versions prior to 2.0.40.Final and prior to 2.2.11.Final.
CVE-2021-3717	1 Redhat	4 Enterprise Linux, Jboss Enterprise Application Platform, Single Sign-on and 1 more	2022-06-09	4.6 MEDIUM	7.8 HIGH
A flaw was found in Wildfly. An incorrect JBOSS_LOCAL_USER challenge location when using the elytron configuration may lead to JBOSS_LOCAL_USER access to all users on the machine. The highest threat from this vulnerability is to confidentiality, integrity, and availability. This flaw affects wildfly-core versions prior to 17.0.