Description
A flaw was found in wildfly. The EJBContext principle is not popped back after invoking another EJB using a different Security Domain. The highest threat from this vulnerability is to data confidentiality and integrity. Versions before wildfly 20.0.0.Final are affected.
Remediation
References
https://bugzilla.redhat.com/show_bug.cgi?id=1796617
Related Vulnerabilities
CVE-2020-10969 Vulnerability in maven package com.fasterxml.jackson.core:jackson-databind
CVE-2023-26488 Vulnerability in npm package @openzeppelin/contracts
CVE-2022-43183 Vulnerability in maven package com.xuxueli:xxl-job-core
CVE-2020-28249 Vulnerability in npm package joplin
CVE-2022-25863 Vulnerability in npm package gatsby-plugin-mdx