Maven package
org.glassfish/mojarra-parent
pkg:maven/org.glassfish/mojarra-parent
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2020-6950 | — | < 2.3.14 | 2.3.14 | Jun 2, 2021 | Directory traversal in Eclipse Mojarra before 2.3.14 allows attackers to read arbitrary files via the loc parameter or con parameter. | ||
| CVE-2018-14371 | — | < 2.3.7 | 2.3.7 | Jul 18, 2018 | The getLocalePrefix function in ResourceManager.java in Eclipse Mojarra before 2.3.7 is affected by Directory Traversal via the loc parameter. A remote attacker can download configuration files or Java bytecodes from applications. |
- CVE-2020-6950Jun 2, 2021affected < 2.3.14fixed 2.3.14
Directory traversal in Eclipse Mojarra before 2.3.14 allows attackers to read arbitrary files via the loc parameter or con parameter.
- CVE-2018-14371Jul 18, 2018affected < 2.3.7fixed 2.3.7
The getLocalePrefix function in ResourceManager.java in Eclipse Mojarra before 2.3.7 is affected by Directory Traversal via the loc parameter. A remote attacker can download configuration files or Java bytecodes from applications.