CVE-2011-4358

Опубликовано: 17 нояб. 2011

Источник: redhat

CVSS2: 6.4

Описание

Unspecified vulnerability in Oracle GlassFish Enterprise Server 3.0.1 and 3.1.1 allows remote attackers to affect confidentiality and integrity, related to JSF.

Отчет

Not vulnerable. This issue affects the Mojarra 2 package, which is not shipped with any Red Hat products.

Затронутые пакеты

Платформа	Пакет	Состояние	Рекомендация	Релиз
Red Hat JBoss BRMS 5	Security	Not affected
Red Hat OpenShift Application Runtimes	jsf	Not affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Important

https://bugzilla.redhat.com/show_bug.cgi?id=757980injection: includeViewParameters re-evaluates param/model values as EL expressions

6.4 Medium

CVSS2

Связанные уязвимости

CVE-2011-4358

ubuntu

больше 13 лет назад

Unspecified vulnerability in Oracle GlassFish Enterprise Server 3.0.1 and 3.1.1 allows remote attackers to affect confidentiality and integrity, related to JSF.

CVE-2011-4358

nvd

больше 13 лет назад

Unspecified vulnerability in Oracle GlassFish Enterprise Server 3.0.1 and 3.1.1 allows remote attackers to affect confidentiality and integrity, related to JSF.

CVE-2011-4358

debian

больше 13 лет назад

Unspecified vulnerability in Oracle GlassFish Enterprise Server 3.0.1 ...

GHSA-6w72-4jvc-655g

github

больше 3 лет назад

Unspecified vulnerability in Oracle GlassFish Enterprise Server 3.0.1 and 3.1.1 allows remote attackers to affect confidentiality and integrity, related to JSF.

6.4 Medium

CVSS2