Solutionunvalidated
Restrict or audit grants of DBA/other powerful roles to accounts that can invoke invoker-rights code, and limit who can execute invoker-rights functions (avoid granting execute to PUBLIC). Prefer safer security patterns (e.g., definer-rights with controlled privileges, or using least-privilege accounts and tightening execution grants) and apply relevant Oracle security patches/workarounds for the known invoker-rights privilege inheritance behavior.
7b47c1ee-9331-4fd2-bb92-7028c721ef4b
Restrict or audit grants of DBA/other powerful roles to accounts that can invoke invoker-rights code, and limit who can execute invoker-rights functions (avoid granting execute to PUBLIC). Prefer safer security patterns (e.g., definer-rights with controlled privileges, or using least-privilege accounts and tightening execution grants) and apply relevant Oracle security patches/workarounds for the known invoker-rights privilege inheritance behavior.