CVE-2020-27822

MEDIUM

Redhat Wildfly < 21.0.2.Final - Memory Leak

Title source: rule

Description

A flaw was found in Wildfly affecting versions 19.0.0.Final, 19.1.0.Final, 20.0.0.Final, 20.0.1.Final, and 21.0.0.Final. When an application uses the OpenTracing API's java-interceptors, there is a possibility of a memory leak. This flaw allows an attacker to impact the availability of the server. The highest threat from this vulnerability is to system availability.

References (1)

[Issue Tracking, Vendor Advisory] https://bugzilla.redhat.com/show_bug.cgi?id=1904060

Scores

CVSS v3 5.9

EPSS 0.0034

EPSS Percentile 56.3%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Classification

CWE

CWE-401

Status published

Affected Products (6)

redhat/wildfly

org.wildfly/wildfly-parent < 21.0.2.FinalMaven

Timeline

Published Dec 08, 2020

Tracked Since Feb 18, 2026