Since the javadocs don't talk about it, you should assume that it's not. In most cases that's not a problem, though, since a session is associated to a user, and users don't generally make several simultaneous requests to a web app. But it's something to keep in mind.
As web pages get more and more complex, users client program can easily have multiple requests being processed "at the same time" and thus have multiple request Threads reading and/or modifying session data "simultaneously."
It is up to you the programmer to recognize possible conflicts.