This content has been marked as final.
Show 1 reply
-
1. Re: Mitigate CWE-502 in WF 9.0.2?
ctomc Dec 1, 2015 6:49 PM (in response to bjornwarmedal)there is no direct exposure to CVE mentioned as WildFly doesn't provide jmx-invoker anymore.
for more details see https://access.redhat.com/solutions/2045023
Quickest solution would probably be to manually update common-collections jar in org.apache.commons.collections module
to version 3.2.2 that has issue resolved.