← volver
CVE-2020-25644

CVE-2020-25644

EPSS 2.2%CWE-401
A memory leak flaw was found in WildFly OpenSSL in versions prior to 1.1.3.Final, where it removes an HTTP session. It may allow the attacker to cause OOM leading to a denial of service. The highest threat from this vulnerability is to system availability.
Productos afectados
n/a · wildfly-openssl

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://bugzilla.redhat.com/show_bug.cgi?id=1885485https://github.com/wildfly-security/wildfly-openssl-natives/pull/4/fileshttps://issues.redhat.com/browse/WFSSL-51https://security.netapp.com/advisory/ntap-20201016-0004/