Description
A flaw was found in wildfly. The EJBContext principle is not popped back after invoking another EJB using a different Security Domain. The highest threat from this vulnerability is to data confidentiality and integrity. Versions before wildfly 20.0.0.Final are affected.
Remediation
References
https://bugzilla.redhat.com/show_bug.cgi?id=1796617
Related Vulnerabilities
CVE-2021-36374 Vulnerability in maven package org.apache.ant:ant
CVE-2020-1731 Vulnerability in maven package org.keycloak:keycloak-core
CVE-2022-24901 Vulnerability in npm package parse-server
CVE-2023-5571 Vulnerability in npm package @vrite/sdk
CVE-2023-29522 Vulnerability in maven package org.xwiki.platform:xwiki-platform-xclass-ui