CVE-2019-3805

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2019-3805
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2019-3805.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2019-3805
Downstream
Published
2019-05-03T20:29:01.263Z
Modified
2026-04-11T12:00:40.357349Z
Severity
  • 4.7 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

A flaw was discovered in wildfly versions up to 16.0.0.Final that would allow local users who are able to execute init.d script to terminate arbitrary processes on the system. An attacker could exploit this by modifying the PID file in /var/run/jboss-eap/ allowing the init.d script to terminate any process as root.

Database specific 
{
    "unresolved_ranges": [
        {
            "source": "CPE_FIELD",
            "cpe": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:*",
            "extracted_events": [
                {
                    "last_affected": "6.0.0"
                }
            ]
        }
    ]
}
References

Affected packages

Git / github.com/wildfly/wildfly

Affected ranges

Type
GIT
Repo
https://github.com/wildfly/wildfly
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
2ccbaba05add7c1cd7bbc461a411e9a8b294244d
Last affected
54c3af2a8dfed3621826094ec07ff861a6425107
Database specific 
{
    "source": "CPE_FIELD",
    "cpe": [
        "cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.0.0:*:*:*:*:*:*:*",
        "cpe:2.3:a:redhat:wildfly:*:*:*:*:*:*:*:*"
    ],
    "extracted_events": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "7.0.0"
        },
        {
            "last_affected": "16.0.0"
        }
    ]
}

Affected versions

10.*
10.0.0.Alpha1
10.0.0.Alpha2
10.0.0.Alpha3
10.0.0.Alpha4
10.0.0.Alpha5
10.0.0.Alpha6
10.0.0.Beta1
10.0.0.Beta2
10.0.0.CR1
10.0.0.CR2
10.0.0.CR3
10.0.0.CR4
10.0.0.CR5
10.0.0.Final
11.*
11.0.0.CR1
11.0.0.Final
12.*
12.0.0.Beta1
12.0.0.CR1
12.0.0.Final
13.*
13.0.0.Beta1
14.*
14.0.0.Beta1
14.0.0.Beta2
14.0.0.Final
15.*
15.0.0.Beta1
15.0.0.Final
16.*
16.0.0.Beta1
16.0.0.Final
7.*
7.0.0.Alpha1
7.0.0.Alpha1-final
7.0.0.Beta1-prerelease
7.0.0.Beta2
7.0.0.Beta2-prerelease
7.0.0.Beta3
7.0.0.CR1
7.0.0.Final
7.0.0.Final-prerelease
7.0.0.Final-prerelease2
7.0.0.Final-prerelease3
7.1.0.Alpha1
7.1.0.Beta1
7.1.0.CR1
7.1.0.Final
7.1.0.Final-prerelease
7.1.0.Final-prerelease2
7.1.1.Final
7.1.2-prerelease
7.1.2.Final
7.2.0.Final
7.2.0.Final-prerelease1
8.*
8.0.0.Alpha1
8.0.0.Alpha2
8.0.0.Alpha3
8.0.0.Alpha4
8.0.0.Beta1
8.0.0.CR1
8.0.0.Final
8.1.0.CR1
8.1.0.CR2
9.*
9.0.0.Beta1
9.0.0.Beta2
9.0.0.CR1

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2019-3805.json"