CVE-2016-6348

Опубликовано: 12 апр. 2017

Источник: ubuntu

Приоритет: medium

EPSS Низкий

CVSS2: 4.3

CVSS3: 6.1

Описание

JacksonJsonpInterceptor in RESTEasy might allow remote attackers to conduct a cross-site script inclusion (XSSI) attack.

Релиз	Статус	Примечание
artful	ignored	end of life
bionic	DNE
cosmic	DNE
devel	not-affected	3.6.2-3
disco	ignored	end of life
eoan	ignored	end of life
esm-apps/focal	not-affected	3.6.2-2
esm-apps/jammy	not-affected	3.6.2-2
esm-apps/noble	not-affected	3.6.2-2
esm-apps/xenial	released	3.0.6-3ubuntu0.1~esm1

Показывать по

Релиз	Статус	Примечание
devel	not-affected	3.0.20
esm-apps/bionic	not-affected	3.0.20
esm-apps/focal	not-affected	3.0.20
esm-apps/jammy	not-affected	3.0.20
esm-apps/noble	not-affected	3.0.20
jammy	not-affected	3.0.20
noble	not-affected	3.0.20
plucky	not-affected	3.0.20
upstream	released	3.0.20

Показывать по

Ссылки на источники

EPSS

Процентиль: 33%

0.00132

Низкий

4.3 Medium

CVSS2

6.1 Medium

CVSS3

Связанные уязвимости

CVE-2016-6348

CVSS3: 3.1

redhat

больше 9 лет назад

JacksonJsonpInterceptor in RESTEasy might allow remote attackers to conduct a cross-site script inclusion (XSSI) attack.

CVE-2016-6348

CVSS3: 6.1

nvd

почти 9 лет назад

JacksonJsonpInterceptor in RESTEasy might allow remote attackers to conduct a cross-site script inclusion (XSSI) attack.

CVE-2016-6348

CVSS3: 6.1

debian

почти 9 лет назад

JacksonJsonpInterceptor in RESTEasy might allow remote attackers to co ...

GHSA-9xfc-j5mf-9w5p

CVSS3: 6.1

github

больше 3 лет назад

JacksonJsonpInterceptor susceptible to cross-site script inclusion (XSSI) attack

EPSS

Процентиль: 33%

0.00132

Низкий

4.3 Medium

CVSS2

6.1 Medium

CVSS3

CVE-2016-6348

Описание

Пакет resteasy

Пакет resteasy3.0

Ссылки на источники

Связанные уязвимости