Description
A flaw was found in Wildfly Elytron where ScramServer may be susceptible to Timing Attack if enabled. The highest threat of this vulnerability is confidentiality. This flaw affectes Wildfly Elytron versions prior to 1.10.14.Final, prior to 1.15.5.Final and prior to 1.16.1.Final.
Remediation
References
Related Vulnerabilities
Squid Integer Overflow or Wraparound Vulnerability (CVE-2020-11945)
WordPress Plugin Data Tables Generator by Supsystic Multiple Vulnerabilities (1.9.91)
Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-6102)
TYPO3 Deserialization of Untrusted Data Vulnerability (CVE-2019-19849)