A flaw was found in Wildfly before wildfly-embedded-13.0.0.Final, where the embedded managed process API has an exposed setting of the Thread Context Classloader (TCCL). This setting is exposed as a public method, which can bypass the security manager. The highest threat from this vulnerability is to confidentiality.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published:

Updated: 2024-08-04T11:14:14.762Z

Reserved: 2020-03-20T00:00:00

Link: CVE-2020-10718

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2020-09-16T19:15:13.210

Modified: 2024-11-21T04:55:55.247

Link: CVE-2020-10718

cve-icon Redhat

Severity : Moderate

Publid Date: 2020-08-06T00:00:00Z

Links: CVE-2020-10718 - Bugzilla

cve-icon OpenCVE Enrichment

No data.