[MAVEN:GHSA-FMQ7-GH8V-MJVC] WildFly vulnerable to Insecure Default Initialization of Resource

Severity High

Affected Packages 1

Fixed Packages 1

CVEs 1

A flaw was found in WildFly, where an attacker can see deployment names, endpoints, and any other data the trace payload may contain.

Package	Affected Version
pkg:maven/org.wildfly.bom/wildfly	< 27.0.0.Beta1

Package	Fixed Version
pkg:maven/org.wildfly.bom/wildfly	= 27.0.0.Beta1

ID: MAVEN:GHSA-FMQ7-GH8V-MJVC
Severity: high
URL: https://github.com/advisories/GHSA-fmq7-gh8v-mjvc
Published: 2022-09-14T00:00:48
(2 years ago)
Modified: 2023-01-27T05:02:40
(20 months ago)
Rights: Maven Security Team

Source	# ID	Name	URL
			https://nvd.nist.gov/vuln/detail/CVE-2022-1278
			https://bugzilla.redhat.com/show_bug.cgi?id=2073401
			https://issues.redhat.com/browse/WFLY-16238
			https://github.com/advisories/GHSA-fmq7-gh8v-mjvc

Type	Package URL	Namespace	Name / Product	Version	Distribution / Platform	Arch	Patch / Fix
Affected	pkg:maven/org.wildfly.bom/wildfly	org.wildfly.bom	wildfly	< 27.0.0.Beta1
Fixed	pkg:maven/org.wildfly.bom/wildfly	org.wildfly.bom	wildfly	= 27.0.0.Beta1

# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	Exploits	PoC	Pubblication Date	Modification Date
# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	PoC	Pubblication Date	Modification Date