Eclipse Mojarra 2.3.4

CPE Details

Eclipse Mojarra 2.3.4
eclipse
mojarra
2.3.4
2018-09-17
11h56 +00:00
2018-09-17
11h56 +00:00
CPE NVD
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:a:eclipse:mojarra:2.3.4:*:*:*:*:*:*:*

Informations

Vendor

eclipse

Product

mojarra

Version

2.3.4

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2020-6950 2021-06-02 13h49 +00:00 Directory traversal in Eclipse Mojarra before 2.3.14 allows attackers to read arbitrary files via the loc parameter or con parameter.
6.5
Moyen
CVE-2019-17091 2019-10-02 11h58 +00:00 faces/context/PartialViewContextImpl.java in Eclipse Mojarra, as used in Mojarra for Eclipse EE4J before 2.3.10 and Mojarra JavaServer Faces before 2.2.20, allows Reflected XSS because a client window field is mishandled.
6.1
Moyen
CVE-2018-14371 2018-07-18 10h00 +00:00 The getLocalePrefix function in ResourceManager.java in Eclipse Mojarra before 2.3.7 is affected by Directory Traversal via the loc parameter. A remote attacker can download configuration files or Java bytecodes from applications.
7.5
Haute