Lucene search

Veracode Vulnerability DatabaseVERACODE:25666

HistoryJun 12, 2020 - 3:38 a.m.

Path Traversal

2020-06-1203:38:57

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

0.039 Low

EPSS

Percentile

92.1%

JSON

jsf-impl: Mojarra is vulnerable to Path traversal. It is possible via either the loc parameter or the con parameter, incomplete fix of CVE-2018-14371.

CPENameOperatorVersion
eap7-jasypteq1.9.2__3.redhat_1.1.el7eap
eap7-jasypteq1.9.1__1.redhat_1.1.ep7.el6
eap7-jasypteq1.9.2__3.redhat_1.1.el8eap
eap7-jasypteq1.9.2__3.redhat_1.1.el6eap
eap7-jasypteq1.9.1__1.redhat_1.1.ep7.el7
eap7-jasypteq1.9.2__2.redhat_1.1.ep7.el7
eap7-jasypteq1.9.2__2.redhat_1.1.ep7.el6
eap7-woodstox-coreeq5.0.3__5.redhat_1.1.el7eap
eap7-woodstox-coreeq4.4.1__2.redhat_1.1.ep7.el7
eap7-woodstox-coreeq4.4.1__2.redhat_1.1.ep7.el6

Name	Operator	Version
eap7-jasypt	eq	1.9.2__3.redhat_1.1.el7eap
eap7-jasypt	eq	1.9.1__1.redhat_1.1.ep7.el6
eap7-jasypt	eq	1.9.2__3.redhat_1.1.el8eap
eap7-jasypt	eq	1.9.2__3.redhat_1.1.el6eap
eap7-jasypt	eq	1.9.1__1.redhat_1.1.ep7.el7
eap7-jasypt	eq	1.9.2__2.redhat_1.1.ep7.el7
eap7-jasypt	eq	1.9.2__2.redhat_1.1.ep7.el6
eap7-woodstox-core	eq	5.0.3__5.redhat_1.1.el7eap
eap7-woodstox-core	eq	4.4.1__2.redhat_1.1.ep7.el7
eap7-woodstox-core	eq	4.4.1__2.redhat_1.1.ep7.el6

Rows per page:

1-10 of 21561

References

access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.3/

access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.3/html-single/installation_guide/

access.redhat.com/errata/RHSA-2020:2511

access.redhat.com/security/updates/classification/#important

bugs.eclipse.org/bugs/show_bug.cgi?id=550943

github.com/eclipse-ee4j/mojarra/commit/cefbb9447e7be560e59da2da6bd7cb93776f7741

github.com/eclipse-ee4j/mojarra/issues/4571

issues.redhat.com/browse/JBEAP-16114

issues.redhat.com/browse/JBEAP-18060

issues.redhat.com/browse/JBEAP-18163

issues.redhat.com/browse/JBEAP-18221

issues.redhat.com/browse/JBEAP-18240

issues.redhat.com/browse/JBEAP-18241

issues.redhat.com/browse/JBEAP-18273

issues.redhat.com/browse/JBEAP-18277

issues.redhat.com/browse/JBEAP-18288

issues.redhat.com/browse/JBEAP-18294

issues.redhat.com/browse/JBEAP-18302

issues.redhat.com/browse/JBEAP-18315

issues.redhat.com/browse/JBEAP-18346

issues.redhat.com/browse/JBEAP-18352

issues.redhat.com/browse/JBEAP-18361

issues.redhat.com/browse/JBEAP-18367

issues.redhat.com/browse/JBEAP-18393

issues.redhat.com/browse/JBEAP-18397

issues.redhat.com/browse/JBEAP-18409

issues.redhat.com/browse/JBEAP-18527

issues.redhat.com/browse/JBEAP-18528

issues.redhat.com/browse/JBEAP-18596

issues.redhat.com/browse/JBEAP-18598

issues.redhat.com/browse/JBEAP-18640

issues.redhat.com/browse/JBEAP-18653

issues.redhat.com/browse/JBEAP-18706

issues.redhat.com/browse/JBEAP-18770

issues.redhat.com/browse/JBEAP-18775

issues.redhat.com/browse/JBEAP-18788

issues.redhat.com/browse/JBEAP-18790

issues.redhat.com/browse/JBEAP-18818

issues.redhat.com/browse/JBEAP-18836

issues.redhat.com/browse/JBEAP-18850

issues.redhat.com/browse/JBEAP-18870

issues.redhat.com/browse/JBEAP-18875

issues.redhat.com/browse/JBEAP-18876

issues.redhat.com/browse/JBEAP-18877

issues.redhat.com/browse/JBEAP-18878

issues.redhat.com/browse/JBEAP-18879

issues.redhat.com/browse/JBEAP-18929

issues.redhat.com/browse/JBEAP-18990

issues.redhat.com/browse/JBEAP-18991

issues.redhat.com/browse/JBEAP-19035

issues.redhat.com/browse/JBEAP-19054

issues.redhat.com/browse/JBEAP-19066

issues.redhat.com/browse/JBEAP-19117

issues.redhat.com/browse/JBEAP-19133

issues.redhat.com/browse/JBEAP-19156

issues.redhat.com/browse/JBEAP-19181

issues.redhat.com/browse/JBEAP-19192

issues.redhat.com/browse/JBEAP-19232

issues.redhat.com/browse/JBEAP-19281

issues.redhat.com/browse/JBEAP-19456

www.oracle.com/security-alerts/cpuapr2022.html

www.oracle.com/security-alerts/cpujan2022.html

www.oracle.com/security-alerts/cpuoct2021.html

0.039 Low

EPSS

Percentile

92.1%

JSON

Related for VERACODE:25666