wildfly

Direct Vulnerabilities

Known vulnerabilities in the wildfly package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free
VulnerabilityVulnerable Version
  • L
GHSA-5jmj-h7xm-6q6v

<40.0.1-r4
  • L
Improperly Controlled Modification of Dynamically-Determined Object Attributes

<40.0.1-r4
  • M
Incorrect Authorization

<40.0.1-r3
  • L
GHSA-rf99-f9j2-gv3f

<40.0.1-r3
  • L
GHSA-hvcg-qmg6-jm4c

<40.0.0-r6
  • L
HTTP Request Smuggling

<40.0.0-r6
  • L
GHSA-w573-9ffj-6ff9

<40.0.0-r5
  • L
Information Exposure

<40.0.0-r5
  • L
GHSA-5x3r-wrvg-rp6q

<40.0.0-r4
  • L
Resource Exhaustion

<40.0.0-r4
  • L
GHSA-5pvg-856g-cp85

<40.0.0-r3
  • H
Resource Exhaustion

<40.0.0-r4
  • L
GHSA-c2gf-v879-257j

<40.0.0-r4
  • L
GHSA-676x-f7gg-47vc

<40.0.0-r3
  • C
Insufficient Verification of Data Authenticity

<40.0.0-r3
  • L
GHSA-xmv7-r254-6q78

<40.0.0-r3
  • C
Insufficient Verification of Data Authenticity

<40.0.0-r3
  • L
Use of Insufficiently Random Values

<40.0.0-r3
  • L
Allocation of Resources Without Limits or Throttling

<40.0.0-r1
  • L
Improper Access Control

<40.0.0-r1
  • L
GHSA-3qp7-7mw8-wx86

<40.0.0-r1
  • L
GHSA-x4gw-5cx5-pgmh

<40.0.0-r1
  • L
GHSA-fw88-pf9m-p947

<40.0.0-r0
  • L
GHSA-5qcv-4rpc-jp93

<40.0.0-r0
  • L
GHSA-wf66-mphr-4c4r

<40.0.0-r0
  • L
GHSA-3x3v-w654-m28m

<40.0.0-r0
  • L
Information Exposure Through Server Log Files

<40.0.0-r0
  • L
GHSA-3g76-f9xq-8vp6

<40.0.0-r0
  • C
Missing Authentication for Critical Function

<40.0.0-r0
  • M
Allocation of Resources Without Limits or Throttling

<40.0.0-r0
  • L
Race Condition

<40.0.0-r0
  • H
Allocation of Resources Without Limits or Throttling

<40.0.0-r0
  • H
HTTP Response Splitting

<39.0.1-r11
  • L
GHSA-45q3-82m4-75jr

<39.0.1-r11
  • L
GHSA-mj4r-2hfc-f8p6

<39.0.1-r10
  • L
Resource Exhaustion

<39.0.1-r10
  • L
Missing Release of Resource after Effective Lifetime

<39.0.1-r9
  • L
GHSA-rwm7-x88c-3g2p

<39.0.1-r9
  • L
Resource Exhaustion

<39.0.1-r9
  • L
GHSA-f6hv-jmp6-3vwv

<39.0.1-r9
  • C
Improper Input Validation

<39.0.1-r8
  • L
GHSA-cm33-6792-r9fm

<39.0.1-r8
  • L
GHSA-g36m-9g3m-2vmp

<39.0.1-r7
  • L
Resource Exhaustion

<39.0.1-r7
  • L
GHSA-287c-fxr7-3w6c

<39.0.1-r7
  • H
Server-Side Request Forgery (SSRF)

<39.0.1-r7
  • L
Resource Exhaustion

<39.0.1-r7
  • L
GHSA-2hfh-9h53-qc24

<39.0.1-r7
  • L
CRLF Injection

<39.0.1-r6
  • L
GHSA-v8h7-rr48-vmmv

<39.0.1-r6
  • L
CVE-2026-5598

<39.0.1-r5
  • L
CVE-2026-3505

<39.0.1-r5
  • L
GHSA-wg6q-6289-32hp

<39.0.1-r5
  • L
CVE-2026-5588

<39.0.1-r5
  • L
GHSA-c3fc-8qff-9hwx

<39.0.1-r5
  • L
GHSA-cj8j-37rh-8475

<39.0.1-r5
  • L
CVE-2026-0636

<39.0.1-r5
  • L
GHSA-p93r-85wp-75v3

<39.0.1-r5
  • L
GHSA-w9fj-cfpg-grvv

<39.0.1-r3
  • H
Allocation of Resources Without Limits or Throttling

<39.0.1-r3
  • L
GHSA-pwqr-wmgm-9rr8

<39.0.1-r2
  • L
HTTP Request Smuggling

<39.0.1-r2
  • H
Improper Input Validation

<39.0.0-r0
  • L
GHSA-xwmg-2g98-w7v9

<36.0.1-r6
  • L
GHSA-389x-839f-4rhx

<35.0.1-r12
  • L
GHSA-6h4f-pj3g-q8fq

<39.0.0-r0
  • L
Resource Exhaustion

<35.0.1-r12
  • H
Improper Neutralization

<36.0.1-r8
  • L
Uncontrolled Recursion

<36.0.1-r6
  • L
GHSA-cphf-4846-3xx9

<38.0.1-r2
  • L
GHSA-72hv-8253-57qq

<39.0.1-r1
  • L
GHSA-9342-92gg-6v29

<36.0.1-r8
  • H
Improperly Controlled Sequential Memory Allocation

<35.0.1-r14
  • L
GHSA-gfh6-3pqw-x2j4

<35.0.1-r14
  • M
HTTP Request Smuggling

<38.0.1-r2
  • L
GHSA-j288-q9x7-2f5v

<36.0.1-r6
  • L
Uncontrolled Recursion

<36.0.1-r6
  • H
Allocation of Resources Without Limits or Throttling

<37.0.0-r1
  • L
GHSA-prj3-ccx8-p6x4

<37.0.0-r1
  • L
GHSA-fghv-69vj-qj49

<37.0.1-r1
  • L
CVE-2025-24970

<35.0.1-r12
  • L
CVE-2025-48734

<36.0.1-r4
  • H
HTTP Request Smuggling

<37.0.1-r1
  • L
GHSA-wxr5-93ph-8wr9

<36.0.1-r4
  • L
GHSA-36wv-v2qp-v4g4

<36.0.1-r7
  • L
Resource Exhaustion

<36.0.1-r7
  • L
GHSA-4g8c-wm8x-jfhw

<35.0.1-r12
  • L
GHSA-vgq5-3255-v292

<36.0.1-r5
  • L
CRLF Injection

<38.0.1-r1
  • L
GHSA-84h7-rjj3-6jx4

<38.0.1-r1
  • L
CVE-2025-27817

<36.0.1-r5
  • L
CVE-2025-48913

<36.0.1-r8
  • L
GHSA-3w85-5p9g-h334

<35.0.1-r17
  • L
GHSA-95h4-w6j8-2rp8

<38.0.0-r0
  • L
GHSA-g4px-6qhm-hqjm

<36.0.1-r8
  • M
Insufficient Verification of Data Authenticity

<35.0.1-r16
  • M
Incorrect Authorization

<35.0.1-r17
  • L
Allocation of Resources Without Limits or Throttling

<38.0.0-r0
  • L
GHSA-5565-3c98-g6jc

<35.0.1-r16
  • M
XML External Entity (XXE) Injection

<36.0.1-r1
  • H
Improper Handling of Highly Compressed Data (Data Amplification)

<37.0.1-r0
  • M
Resource Exhaustion

<35.0.1-r12
  • L
GHSA-j382-5jj3-vw4j

<39.0.0-r0
  • L
GHSA-vrpq-qp53-qv56

<36.0.1-r1
  • L
GHSA-78wr-2p64-hpwj

<35.0.1-r12
  • L
GHSA-3p8m-j85q-pgmj

<37.0.1-r0
  • C
Improper Input Validation

<39.0.0-r0