pkg:maven/org.wildfly.security/wildfly-elytron
Type
maven
Namespace
org.wildfly.security
Name
wildfly-elytron
Known advisories, vulnerabilities and fixes for org.wildfly.security/wildfly-elytron package.
High
3
Moderate
1
Type | Version | Distribution | # CVEs | # Advisory ID | Title | Severity | Published |
---|---|---|---|---|---|---|---|
Affected | = 1.16.0 >= 1.11.0, <= 1.15.4 <= 1.10.13 |
CVE-2021-3642
|
MAVEN:GHSA-5499-QJVH-6J7W | Observable Discrepancy in Wildfly Elytron | moderate |
2022-05-24T19:10:03
(2 years ago) |
|
Fixed | = 1.16.1 = 1.15.5 = 1.10.14 |
CVE-2021-3642
|
MAVEN:GHSA-5499-QJVH-6J7W | Observable Discrepancy in Wildfly Elytron | moderate |
2022-05-24T19:10:03
(2 years ago) |
|
Affected | <= 1.11.3 |
CVE-2020-10714
|
MAVEN:GHSA-7FHR-2694-RG79 | Session Fixation in WildFly Elytron | high |
2022-02-15T01:39:57
(2 years ago) |
|
Fixed | = 1.11.4 |
CVE-2020-10714
|
MAVEN:GHSA-7FHR-2694-RG79 | Session Fixation in WildFly Elytron | high |
2022-02-15T01:39:57
(2 years ago) |
|
Affected | >= 1.16.0.CR1, < 1.20.3.Final < 1.15.15.Final |
CVE-2022-3143
|
MAVEN:GHSA-JMJ6-P2J9-68CP | Wildfly-elytron possibly vulnerable to timing attacks via use of unsafe comparator | high |
2023-01-13T06:30:22
(20 months ago) |
|
Fixed | = 1.20.3.Final = 1.15.15.Final |
CVE-2022-3143
|
MAVEN:GHSA-JMJ6-P2J9-68CP | Wildfly-elytron possibly vulnerable to timing attacks via use of unsafe comparator | high |
2023-01-13T06:30:22
(20 months ago) |
|
Affected | <= 1.6.7 |
CVE-2020-1748
|
MAVEN:GHSA-QGRQ-CX4C-2RMM | Incorrect Authorization in WildFly Elytron | high |
2022-02-15T01:39:27
(2 years ago) |
|
Fixed | = 1.6.8 |
CVE-2020-1748
|
MAVEN:GHSA-QGRQ-CX4C-2RMM | Incorrect Authorization in WildFly Elytron | high |
2022-02-15T01:39:27
(2 years ago) |