CVE-2016-6347

Опубликовано: 20 апр. 2017

Источник: ubuntu

Приоритет: medium

EPSS Низкий

CVSS2: 4.3

CVSS3: 6.1

Описание

Cross-site scripting (XSS) vulnerability in the default exception handler in RESTEasy allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Релиз	Статус	Примечание
artful	ignored	end of life
bionic	DNE
cosmic	DNE
devel	not-affected	3.6.2-3
disco	ignored	end of life
eoan	ignored	end of life
esm-apps/focal	not-affected	3.6.2-2
esm-apps/jammy	not-affected	3.6.2-2
esm-apps/noble	not-affected	3.6.2-2
esm-apps/xenial	released	3.0.6-3ubuntu0.1~esm1

Показывать по

Релиз	Статус	Примечание
devel	not-affected	3.0.20
esm-apps/bionic	not-affected	3.0.20
esm-apps/focal	not-affected	3.0.20
esm-apps/jammy	not-affected	3.0.20
esm-apps/noble	not-affected	3.0.20
jammy	not-affected	3.0.20
noble	not-affected	3.0.20
plucky	not-affected	3.0.20
upstream	released	3.0.20

Показывать по

Ссылки на источники

EPSS

Процентиль: 26%

0.00093

Низкий

4.3 Medium

CVSS2

6.1 Medium

CVSS3

Связанные уязвимости

CVE-2016-6347

CVSS3: 5.4

redhat

больше 9 лет назад

Cross-site scripting (XSS) vulnerability in the default exception handler in RESTEasy allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

CVE-2016-6347

CVSS3: 6.1

nvd

почти 9 лет назад

Cross-site scripting (XSS) vulnerability in the default exception handler in RESTEasy allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

CVE-2016-6347

CVSS3: 6.1

debian

почти 9 лет назад

Cross-site scripting (XSS) vulnerability in the default exception hand ...

GHSA-r346-rmrg-qpgh

CVSS3: 6.1

github

больше 3 лет назад

Improper Neutralization of Input During Web Page Generation in RESTEasy

EPSS

Процентиль: 26%

0.00093

Низкий

4.3 Medium

CVSS2

6.1 Medium

CVSS3

CVE-2016-6347

Описание

Пакет resteasy

Пакет resteasy3.0

Ссылки на источники

Связанные уязвимости