Description
A flaw was found in wildfly. The EJBContext principle is not popped back after invoking another EJB using a different Security Domain. The highest threat from this vulnerability is to data confidentiality and integrity. Versions before wildfly 20.0.0.Final are affected.
Remediation
References
https://bugzilla.redhat.com/show_bug.cgi?id=1796617
Related Vulnerabilities
CVE-2012-4449 Vulnerability in maven package org.apache.hadoop:hadoop-core
CVE-2022-4350 Vulnerability in maven package net.mingsoft:ms-mcms
CVE-2018-10899 Vulnerability in maven package org.jolokia:jolokia-core
CVE-2022-30973 Vulnerability in maven package org.apache.tika:tika
CVE-2021-21266 Vulnerability in maven package org.openhab.addons.bundles:org.openhab.transform.xpath