2 matches found
BIT-WILDFLY-2022-0866
This is a concurrency issue that can result in the wrong caller principal being returned from the session context of an EJB that is configured with a RunAs principal. In particular, the org.jboss.as.ejb3.component.EJBComponent class has an incomingRunAsIdentity field. This field is used by the...
Denial Of Service (DoS)
eap7 is vulnerable to denail of service. The vulnerability exists due to a concurrency issue that can result in the wrong caller principal being returned from the session context of an EJB that is configured with a RunAs principal...