7 matches found
BIT-WILDFLY-2022-0866
This is a concurrency issue that can result in the wrong caller principal being returned from the session context of an EJB that is configured with a RunAs principal. In particular, the org.jboss.as.ejb3.component.EJBComponent class has an incomingRunAsIdentity field. This field is used by the...
EUVD-2022-15908
Malicious code in bioql PyPI...
Denial Of Service (DoS)
eap7 is vulnerable to denail of service. The vulnerability exists due to a concurrency issue that can result in the wrong caller principal being returned from the session context of an EJB that is configured with a RunAs principal...
CVE-2022-0866
This is a concurrency issue that can result in the wrong caller principal being returned from the session context of an EJB that is configured with a RunAs principal. In particular, the org.jboss.as.ejb3.component.EJBComponent class has an incomingRunAsIdentity field. This field is used by the...
CVE-2022-0866
This is a concurrency issue that can result in the wrong caller principal being returned from the session context of an EJB that is configured with a RunAs principal. In particular, the org.jboss.as.ejb3.component.EJBComponent class has an incomingRunAsIdentity field. This field is used by the...
Design/Logic Flaw
This is a concurrency issue that can result in the wrong caller principal being returned from the session context of an EJB that is configured with a RunAs principal. In particular, the org.jboss.as.ejb3.component.EJBComponent class has an incomingRunAsIdentity field. This field is used by the...
PT-2022-13484 · Red Hat · Elytron +2
Name of the Vulnerable Software and Affected Versions: JBoss EAP versions 7.1.0 and later WildFly versions 11 and later when Elytron is enabled Description: This issue is related to a concurrency problem that can cause the wrong caller principal to be returned from the session context of an EJB...