Vulnerabilities > Redhat > Wildfly > High

DATE CVE VULNERABILITY TITLE RISK
2022-09-13 CVE-2022-1278 Insecure Default Initialization of Resource vulnerability in Redhat products
A flaw was found in WildFly, where an attacker can see deployment names, endpoints, and any other data the trace payload may contain.
network
low complexity
redhat CWE-1188
7.5
2020-09-16 CVE-2020-10718 Unspecified vulnerability in Redhat Jboss Fuse and Wildfly
A flaw was found in Wildfly before wildfly-embedded-13.0.0.Final, where the embedded managed process API has an exposed setting of the Thread Context Classloader (TCCL).
network
low complexity
redhat
7.5
2020-06-22 CVE-2020-10740 Deserialization of Untrusted Data vulnerability in Redhat Wildfly
A vulnerability was found in Wildfly in versions before 20.0.0.Final, where a remote deserialization attack is possible in the Enterprise Application Beans(EJB) due to lack of validation/filtering capabilities in wildfly.
network
high complexity
redhat CWE-502
7.5
2019-05-03 CVE-2019-3894 Unspecified vulnerability in Redhat Jboss Enterprise Application Platform and Wildfly
It was discovered that the ElytronManagedThread in Wildfly's Elytron subsystem in versions from 11 to 16 stores a SecurityIdentity to run the thread as.
network
low complexity
redhat
8.8