CVE-2022-1278: Insecure Default Initialization of Resource

September 14, 2022 (updated September 15, 2022)

A flaw was found in WildFly, where an attacker can see deployment names, endpoints, and any other data the trace payload may contain.

References

bugzilla.redhat.com/show_bug.cgi?id=2073401
github.com/advisories/GHSA-fmq7-gh8v-mjvc
issues.redhat.com/browse/WFLY-16238
nvd.nist.gov/vuln/detail/CVE-2022-1278

Detect and mitigate CVE-2022-1278 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →