VYPR
High severity8.8NVD Advisory· Published May 3, 2019· Updated Jun 17, 2026

CVE-2019-3894

CVE-2019-3894

Description

It was discovered that the ElytronManagedThread in Wildfly's Elytron subsystem in versions from 11 to 16 stores a SecurityIdentity to run the thread as. These threads do not necessarily terminate if the keep alive time has not expired. This could allow a shared thread to use the wrong security identity when executing.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Wildfly/Elytronllm-fuzzy
    Range: 11-16
  • Red Hat/wildflyv5
    Range: affects from 11 to 16

Patches

Vulnerability mechanics

References

6

News mentions

0

No linked articles in our index yet.