Maven package
org.picketlink/picketlink-tomcat-common
pkg:maven/org.picketlink/picketlink-tomcat-common
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2015-3158 | — | < 2.7.1.Final | 2.7.1.Final | Aug 26, 2015 | The invokeNextValve function in identity/federation/bindings/tomcat/idp/AbstractIDPValve.java in PicketLink before 2.8.0.Beta1 does not properly check role based authorization, which allows remote authenticated users to gain access to restricted application resources via a (1) di |
- CVE-2015-3158Aug 26, 2015affected < 2.7.1.Finalfixed 2.7.1.Final
The invokeNextValve function in identity/federation/bindings/tomcat/idp/AbstractIDPValve.java in PicketLink before 2.8.0.Beta1 does not properly check role based authorization, which allows remote authenticated users to gain access to restricted application resources via a (1) di