It was found that all OWASP ESAPI for Java up to version 2.0 RC2 are vulnerable to padding oracle attacks.
CPE | Name | Operator | Version |
---|---|---|---|
enterprise_security_api_for_java | lt | 2.0 | |
enterprise_security_api_for_java | eq | 2.0 | |
enterprise_security_api_for_java | eq | 2.0 rc1 |