Search for packages
| purl | pkg:maven/org.picketlink/picketlink-federation@2.5.2.Final |
| Next non-vulnerable version | 2.5.3.SP14 |
| Latest non-vulnerable version | 2.7.1.Final |
| Risk |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-jds7-wgvc-k7hy
Aliases: CVE-2014-7827 |
Wrong security context loaded when using SAML2 STS Login Module The `org.jboss.security.plugins.mapping.JBossMappingManager` implementation in this package uses the default security domain when a security domain is undefined, which allows remote authenticated users to bypass intended access restrictions by leveraging credentials on the default domain for a role that is also on the application domain. |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-16T20:32:14.848441+00:00 | GitLab Importer | Affected by | VCID-jds7-wgvc-k7hy | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.picketlink/picketlink-federation/CVE-2014-7827.yml | 38.4.0 |
| 2026-04-11T21:42:38.013844+00:00 | GitLab Importer | Affected by | VCID-jds7-wgvc-k7hy | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.picketlink/picketlink-federation/CVE-2014-7827.yml | 38.3.0 |
| 2026-04-02T21:56:46.452161+00:00 | GitLab Importer | Affected by | VCID-jds7-wgvc-k7hy | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.picketlink/picketlink-federation/CVE-2014-7827.yml | 38.1.0 |
| 2026-04-01T16:13:57.295497+00:00 | GitLab Importer | Affected by | VCID-jds7-wgvc-k7hy | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.picketlink/picketlink-federation/CVE-2014-7827.yml | 38.0.0 |