VulnerableCode Package Details - pkg:maven/org.picketlink/picketlink-federation@2-alpha0

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:maven/org.picketlink/picketlink-federation@2-alpha0

Essentials
History (1)

purl	pkg:maven/org.picketlink/picketlink-federation@2-alpha0
Tags	Ghost

Next non-vulnerable version	2.5.3.SP14
Latest non-vulnerable version	2.7.1.Final
Risk

Vulnerabilities affecting this package (1)

Vulnerability	Summary	Fixed by
VCID-jds7-wgvc-k7hy Aliases: CVE-2014-7827	Wrong security context loaded when using SAML2 STS Login Module The `org.jboss.security.plugins.mapping.JBossMappingManager` implementation in this package uses the default security domain when a security domain is undefined, which allows remote authenticated users to bypass intended access restrictions by leveraging credentials on the default domain for a role that is also on the application domain.	2.5.3.SP14 Affected by 0 other vulnerabilities. 2.7.1.Final Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-jds7-wgvc-k7hy
Aliases:
CVE-2014-7827

Wrong security context loaded when using SAML2 STS Login Module The `org.jboss.security.plugins.mapping.JBossMappingManager` implementation in this package uses the default security domain when a security domain is undefined, which allows remote authenticated users to bypass intended access restrictions by leveraging credentials on the default domain for a role that is also on the application domain.

2.5.3.SP14
Affected by 0 other vulnerabilities.

2.7.1.Final
Affected by 0 other vulnerabilities.

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-01T12:46:56.088024+00:00	GitLab Importer	Affected by	VCID-jds7-wgvc-k7hy	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.picketlink/picketlink-federation/CVE-2014-7827.yml	38.0.0