WIP: Fix tests on `security-9-2-ee`

What does this MR do?

Attempts to sync an EE specific security change that needs some CE magic to work.

9.2.2 - 9.2.5 EE security fix

Are there points in the code the reviewer needs to double check?

Why was this MR needed?

Sync security to public master

What are the relevant issue numbers?


Merge request reports