Vulnerabilities > Redhat > Wildfly Elytron
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-01-13 | CVE-2022-3143 | Information Exposure Through Discrepancy vulnerability in Redhat products wildfly-elytron: possible timing attacks via use of unsafe comparator. | 7.4 |
| 2021-08-05 | CVE-2021-3642 | A flaw was found in Wildfly Elytron in versions prior to 1.10.14.Final, prior to 1.15.5.Final and prior to 1.16.1.Final where ScramServer may be susceptible to Timing Attack if enabled. | 5.3 |
| 2020-09-23 | CVE-2020-10714 | A flaw was found in WildFly Elytron version 1.11.3.Final and before. | 7.5 |
| 2020-09-16 | CVE-2020-1748 | Unspecified vulnerability in Redhat Wildfly Elytron A flaw was found in all supported versions before wildfly-elytron-1.6.8.Final-redhat-00001, where the WildFlySecurityManager checks were bypassed when using custom security managers, resulting in an improper authorization. | 7.5 |