What the vulnerability does

01Description

A flaw was found in wildfly. The EJBContext principle is not popped back after invoking another EJB using a different Security Domain. The highest threat from this vulnerability is to data confidentiality and integrity. Versions before wildfly 20.0.0.Final are affected.

Key dates

02Disclosure timeline

June 7, 2021 CVE published
August 4, 2024 Record updated