A flaw was found in wildfly. The EJBContext principle is not popped back after invoking another EJB using a different Security Domain. The highest threat from this vulnerability is to data confidentiality and integrity. Versions before wildfly 20.0.0.Final are affected.

Affected Packages

Maven org.wildfly.bom:wildfly

Affected versions: 0 (fixed in 20.0.0.Final)

Related CVEs

CVE-2020-1719

Key Information

GHSA ID

GHSA-p9cf-qjxq-vxw6

Published

June 8, 2021 6:52 PM

Last Modified

June 17, 2021 8:04 PM

CVSS Score

5.0 /10

Primary Ecosystem

Maven

Primary Package

org.wildfly.bom:wildfly

GitHub Reviewed

✓ Yes

Dataset

Last updated: August 2, 2025 6:46 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.