A flaw was found in all supported versions before wildfly-elytron-1.6.8.Final-redhat-00001, where the WildFlySecurityManager checks were bypassed when using custom security managers, resulting in an improper authorization. This flaw leads to information exposure by unauthenticated access to secure resources.
| Package (Ecosystem) | Introduced | Fixed | Limit |
|---|---|---|---|
| org.wildfly.security:wildfly-elytron(Maven) | 0 | 1.6.8 | N/A |
CVSS Metrics
