org.wildfly.core:wildfly-core-feature-pack-galleon-common@17.0.0.Beta2 vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the org.wildfly.core:wildfly-core-feature-pack-galleon-common package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for free
Vulnerability Vulnerable Version
  • M
Information Exposure

org.wildfly.core:wildfly-core-feature-pack-galleon-common is a the core runtime that is used by the Wildfly application server

Affected versions of this package are vulnerable to Information Exposure via an incorrect JBOSS_LOCAL_USER challenge location when using the elytron configuration may lead to JBOSS_LOCAL_USER access to all users on the machine.

How to fix Information Exposure?

Upgrade org.wildfly.core:wildfly-core-feature-pack-galleon-common to version 17.0.0.Beta6 or higher.

[,17.0.0.Beta6)