PT-2020-16805 · Red Hat · Wildfly

Michael Kaplan

Published

2020-12-08

Updated

2024-03-06

CVE-2020-27822

CVSS v2.0

7.1

High

Vector

AV:N/AC:M/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions Wildfly versions 19.0.0.Final through 21.0.0.Final

Description A flaw in Wildfly allows for a memory leak when an application uses the OpenTracing API's java-interceptors. This issue can be exploited by an attacker to impact the availability of the server, with the highest threat being to system availability.

Recommendations For versions 19.0.0.Final through 21.0.0.Final, update to a version that includes a fix for this issue to prevent potential memory leaks and impact on system availability. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Memory Leak

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-401

Related Identifiers

BIT-WILDFLY-2020-27822

CVE-2020-27822

GHSA-QX3P-9MMP-4V8H

RHSA-2021:0246

RHSA-2021:0247

RHSA-2021:0248

Affected Products

Wildfly

PT-2020-16805 · Red Hat · Wildfly

CVE-2020-27822

Weakness Enumeration

Related Identifiers

Affected Products

References · 12