A flaw was found in Wildfly affecting versions 19.0.0.Final, 19.1.0.Final, 20.0.0.Final, 20.0.1.Final, and 21.0.0.Final. When an application uses the OpenTracing API's java-interceptors, there is a possibility of a memory leak. This flaw allows an attacker to impact the availability of the server. The highest threat from this vulnerability is to system availability.

Affected Packages

Maven org.wildfly:wildfly-parent

Affected versions: 19.0.0.Final (fixed in 21.0.2.Final)

Maven org.wildfly:wildfly-parent

Affected versions: 22.0.0.Alpha1 (fixed in 22.0.0.Beta1)

Related CVEs

CVE-2020-27822

Key Information

GHSA ID

GHSA-qx3p-9mmp-4v8h

Published

May 24, 2022 5:35 PM

Last Modified

August 23, 2023 1:48 PM

CVSS Score

5.0 /10

Primary Ecosystem

Maven

Primary Package

org.wildfly:wildfly-parent

GitHub Reviewed

✓ Yes

Dataset

Last updated: August 2, 2025 6:46 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.