Lucene search
+L

5 matches found

nvd
nvd
added 2019/05/03 8:29 p.m.33 views

CVE-2019-3894

It was discovered that the ElytronManagedThread in Wildfly's Elytron subsystem in versions from 11 to 16 stores a SecurityIdentity to run the thread as. These threads do not necessarily terminate if the keep alive time has not expired. This could allow a shared thread to use the wrong security...

8.8CVSS6.1AI score0.01509EPSS
Exploits0References6
osv
osv
added 2019/05/03 8:29 p.m.28 views

CVE-2019-3894

It was discovered that the ElytronManagedThread in Wildfly's Elytron subsystem in versions from 11 to 16 stores a SecurityIdentity to run the thread as. These threads do not necessarily terminate if the keep alive time has not expired. This could allow a shared thread to use the wrong security...

8.8CVSS7.1AI score0.01509EPSS
Exploits0References6
prion
prion
added 2019/05/03 8:29 p.m.24 views

Code injection

It was discovered that the ElytronManagedThread in Wildfly's Elytron subsystem in versions from 11 to 16 stores a SecurityIdentity to run the thread as. These threads do not necessarily terminate if the keep alive time has not expired. This could allow a shared thread to use the wrong security...

6.5CVSS9AI score0.01509EPSS
Exploits0References6Affected Software2
cvelist
cvelist
added 2019/05/03 7:25 p.m.35 views

CVE-2019-3894

It was discovered that the ElytronManagedThread in Wildfly's Elytron subsystem in versions from 11 to 16 stores a SecurityIdentity to run the thread as. These threads do not necessarily terminate if the keep alive time has not expired. This could allow a shared thread to use the wrong security...

5.4CVSS8.5AI score0.01509EPSS
Exploits0References6
veracode
veracode
added 2019/05/02 5:48 a.m.20 views

Authorization Bypass

wildfly-ee is vulnerable to authorization bypass. The vulnerability exists as an incorrect SecurityIdentity for wildfly-ee concurrency could be used when a ElytronManagedThread that uses a different SecurityIdentity does not terminate from its previous thread and executes a new job...

8.8CVSS8.9AI score0.01509EPSS
Exploits0References9Affected Software40
Rows per page
Query Builder