Search for packages
| purl | pkg:maven/org.picketlink/picketlink-federation@2.7.0.Beta1-20140731 |
| Next non-vulnerable version | 2.7.1.Final |
| Latest non-vulnerable version | 2.7.1.Final |
| Risk |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-jds7-wgvc-k7hy
Aliases: CVE-2014-7827 |
Wrong security context loaded when using SAML2 STS Login Module The `org.jboss.security.plugins.mapping.JBossMappingManager` implementation in this package uses the default security domain when a security domain is undefined, which allows remote authenticated users to bypass intended access restrictions by leveraging credentials on the default domain for a role that is also on the application domain. |
Affected by 0 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-16T20:32:14.944694+00:00 | GitLab Importer | Affected by | VCID-jds7-wgvc-k7hy | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.picketlink/picketlink-federation/CVE-2014-7827.yml | 38.4.0 |
| 2026-04-11T21:42:38.122509+00:00 | GitLab Importer | Affected by | VCID-jds7-wgvc-k7hy | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.picketlink/picketlink-federation/CVE-2014-7827.yml | 38.3.0 |
| 2026-04-02T21:56:46.552282+00:00 | GitLab Importer | Affected by | VCID-jds7-wgvc-k7hy | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.picketlink/picketlink-federation/CVE-2014-7827.yml | 38.1.0 |
| 2026-04-01T16:13:57.430220+00:00 | GitLab Importer | Affected by | VCID-jds7-wgvc-k7hy | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.picketlink/picketlink-federation/CVE-2014-7827.yml | 38.0.0 |