CVE-2020-27822

CWE-401Memory Leak5 documents5 sources
Severity
5.9MEDIUM
EPSS
0.3%
top 43.30%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Redhat Wildfly
Timeline
PublishedDec 8
Latest updateMay 24

Description

A flaw was found in Wildfly affecting versions 19.0.0.Final, 19.1.0.Final, 20.0.0.Final, 20.0.1.Final, and 21.0.0.Final. When an application uses the OpenTracing API's java-interceptors, there is a possibility of a memory leak. This flaw allows an attacker to impact the availability of the server. The highest threat from this vulnerability is to system availability.

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 2.2 | Impact: 3.6

Affected Packages3 packages

Mavenorg.wildfly:wildfly-parent19.0.0.Final21.0.2.Final+1
CVEListV5wildfly19.0.0.Final, 19.1.0.Final, 20.0.0.Final, 20.0.1.Final, 21.0.0.Final
NVDredhat/wildfly5 versions+4

🔴Vulnerability Details

3
GHSA
Wildfly has a memory leak vulnerability2022-05-24
OSV
Wildfly has a memory leak vulnerability2022-05-24
CVEList
CVE-2020-27822: A flaw was found in Wildfly affecting versions 192020-12-08

📋Vendor Advisories

1
Red Hat
wildfly: Potential Memory leak in Wildfly when using OpenTracing2020-12-04