9 matches found
EUVD-2020-12577
Malware in sbrugna...
Unauthorized Access
Soteria is vulnerable to unauthorized access. A security identity corruption across concurrent threads occurs when multiple concurrent requests are parsed...
RHEL 7 : Red Hat JBoss Enterprise Application Platform 7.2.8 on RHEL 7 (RHSA-2020:2059)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:2059 advisory. This release of Red Hat JBoss Enterprise Application Platform 7.2.8 serves as a replacement for Red Hat JBoss Enterprise Application Platfor...
Soteria: security identity corruption across concurrent threads
A flaw was found in WildFly where multiple requests occurring concurrently could be handled using the identity of another request. This vulnerability occurs when using EE Security with WildFly Elytron. The largest threat from this vulnerability is data confidentiality and integrity...
Soteria: security identity corruption across concurrent threads
A flaw was found in WildFly where multiple requests occurring concurrently could be handled using the identity of another request. This vulnerability occurs when using EE Security with WildFly Elytron. The largest threat from this vulnerability is data confidentiality and integrity...
CVE-2020-1732
A flaw was found in Soteria before 1.0.1, in a way that multiple requests occurring concurrently causing security identity corruption across concurrent threads when using EE Security with WildFly Elytron which can lead to the possibility of being handled using the identity from another request...
CVE-2020-1732
A flaw was found in Soteria before 1.0.1, in a way that multiple requests occurring concurrently causing security identity corruption across concurrent threads when using EE Security with WildFly Elytron which can lead to the possibility of being handled using the identity from another request...
Design/Logic Flaw
A flaw was found in Soteria before 1.0.1, in a way that multiple requests occurring concurrently causing security identity corruption across concurrent threads when using EE Security with WildFly Elytron which can lead to the possibility of being handled using the identity from another request...
CVE-2020-1732
CVE-2020-1732 refers to a flaw in Soteria prior to 1.0.1 where concurrent requests using EE Security with WildFly Elytron can cause security identity corruption across threads, potentially allowing an identity from one request to be used in another. Affected: Soteria (security identity handling) ...