Lucene search
K

7 matches found

OSV
OSV
added 2025/11/07 11:1 a.m.36 views

BIT-WILDFLY-2022-0866

This is a concurrency issue that can result in the wrong caller principal being returned from the session context of an EJB that is configured with a RunAs principal. In particular, the org.jboss.as.ejb3.component.EJBComponent class has an incomingRunAsIdentity field. This field is used by the...

5.3CVSS7AI score0.00842EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2022-15908

Malicious code in bioql PyPI...

5.3CVSS5.4AI score0.00842EPSS
Exploits0References11
Veracode
Veracode
added 2022/06/21 11:46 p.m.24 views

Denial Of Service (DoS)

eap7 is vulnerable to denail of service. The vulnerability exists due to a concurrency issue that can result in the wrong caller principal being returned from the session context of an EJB that is configured with a RunAs principal...

5.3CVSS7.1AI score0.00842EPSS
Exploits0References7Affected Software26
ATTACKERKB
ATTACKERKB
added 2022/05/10 9:15 p.m.5 views

CVE-2022-0866

This is a concurrency issue that can result in the wrong caller principal being returned from the session context of an EJB that is configured with a RunAs principal. In particular, the org.jboss.as.ejb3.component.EJBComponent class has an incomingRunAsIdentity field. This field is used by the...

5.3CVSS5.9AI score0.00842EPSS
Exploits0References2
OSV
OSV
added 2022/05/10 9:15 p.m.24 views

CVE-2022-0866

This is a concurrency issue that can result in the wrong caller principal being returned from the session context of an EJB that is configured with a RunAs principal. In particular, the org.jboss.as.ejb3.component.EJBComponent class has an incomingRunAsIdentity field. This field is used by the...

5.3CVSS6.5AI score
Exploits0References1
Prion
Prion
added 2022/05/10 9:15 p.m.17 views

Design/Logic Flaw

This is a concurrency issue that can result in the wrong caller principal being returned from the session context of an EJB that is configured with a RunAs principal. In particular, the org.jboss.as.ejb3.component.EJBComponent class has an incomingRunAsIdentity field. This field is used by the...

4.3CVSS7AI score0.00842EPSS
Exploits0References1Affected Software3
Positive Technologies
Positive Technologies
added 2022/05/10 12:0 a.m.2 views

PT-2022-13484 · Red Hat · Elytron +2

Name of the Vulnerable Software and Affected Versions: JBoss EAP versions 7.1.0 and later WildFly versions 11 and later when Elytron is enabled Description: This issue is related to a concurrency problem that can cause the wrong caller principal to be returned from the session context of an EJB...

5.3CVSS4.9AI score0.00842EPSS
Exploits0References6
Rows per page
Query Builder