Vulnerabilities in wildfly version 32.0.1.Final

Wednesday, 17 July 2024

We are seeing some critical and high vulnerabilities in some of the packages which are
bundled along with wildfly 32.0.1.Final

1. dom4j:1.6 --> CVE-2020-10683 (critical)
2. aws-java-sdk-s3:1.11.750 --> CVE-2022-45688 (high)
3. json , version 20201115 --> CVE-2022-45688 (high)
4. undertow-core, version 2.3.12.Final --> CVE-2024-6162 (high)
5. xnio-api, version 3.8.13.Final --> CVE-2023-5685 (high)
6. activemq-artemis-native, version 2.0.0 --> CVE-2022-41678 (high)
7. spring-web, version 6.1.5 --> CVE-2024-22262 (high)
8. wildfly-elytron-realm-token, version 2.2.3.Final --> CVE-2024-1233 (high)
9. soap, version 2.3.1 --> CVE-2022-45378

Any guidance on how we can rectify these vulnerabilities while using wildfly
32.0.1.Final?

Thanks,
Pawan

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013