Darran Lofthouse

2 exploits Active since May 2020
CVE-2021-3644 WRITEUP LOW WRITEUP
Redhat Descision Manager < 16.0.1.Final - Information Disclosure
A flaw was found in wildfly-core in all versions. If a vault expression is in the form of a single attribute that contains multiple expressions, a user who was granted access to the management interface can potentially access a vault expression they should not be able to access and possibly retrieve the item which was stored in the vault. The highest threat from this vulnerability is data confidentiality and integrity.
CVSS 3.3
CVE-2020-1732 WRITEUP MEDIUM WRITEUP
Soteria <1.0.1 - Privilege Escalation
A flaw was found in Soteria before 1.0.1, in a way that multiple requests occurring concurrently causing security identity corruption across concurrent threads when using EE Security with WildFly Elytron which can lead to the possibility of being handled using the identity from another request.
CVSS 4.2