CVE-2015-0227

Опубликовано: 12 фев. 2015

Источник: ubuntu

Приоритет: medium

CVSS2: 5

Описание

Apache WSS4J before 1.6.17 and 2.x before 2.0.2 allows remote attackers to bypass the requireSignedEncryptedDataElements configuration via a vectors related to "wrapping attacks."

Релиз	Статус	Примечание
artful	ignored	end of life
bionic	not-affected	1.6.15-2
cosmic	not-affected	1.6.15-2
devel	not-affected	1.6.15-2
disco	not-affected	1.6.15-2
esm-apps/bionic	not-affected	1.6.15-2
esm-apps/xenial	not-affected	1.6.15-2
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was needed]
lucid	not-affected	1.5.7-0ubuntu1
precise	not-affected	1.5.8+svntag-1ubuntu1

Показывать по

Ссылки на источники

5 Medium

CVSS2

Связанные уязвимости

CVE-2015-0227

redhat

почти 11 лет назад

Apache WSS4J before 1.6.17 and 2.x before 2.0.2 allows remote attackers to bypass the requireSignedEncryptedDataElements configuration via a vectors related to "wrapping attacks."

CVE-2015-0227

nvd

почти 11 лет назад

Apache WSS4J before 1.6.17 and 2.x before 2.0.2 allows remote attackers to bypass the requireSignedEncryptedDataElements configuration via a vectors related to "wrapping attacks."

CVE-2015-0227

debian

почти 11 лет назад

Apache WSS4J before 1.6.17 and 2.x before 2.0.2 allows remote attacker ...

GHSA-6r5v-hp32-fjqw

github

больше 3 лет назад

Improper Access Control in Apache WSS4J

5 Medium

CVSS2

CVE-2015-0227

Описание

Пакет wss4j

Ссылки на источники

Связанные уязвимости