CVE-2020-25644

Summary

A memory leak flaw was found in WildFly OpenSSL in versions prior to 1.1.3.Final, where it removes an HTTP session. It may allow the attacker to cause OOM leading to a denial of service. The highest threat from this vulnerability is to system availability.

Affected Software

VendorProductVersion RangeStatus
n/awildfly-opensslbefore wildfly-openssl 1.1.3.Finalaffected

Weaknesses

  • CWE-401: CWE-401

ADP Enrichment

CVE Program Container

Additional References

References