0.001 Low
EPSS
Percentile
50.9%
It was found that all OWASP ESAPI for Java up to version 2.0 RC2 are vulnerable to padding oracle attacks.
github.com/advisories/GHSA-3gp6-hhfw-4gqx
nvd.nist.gov/vuln/detail/CVE-2010-3300
seclists.org/oss-sec/2010/q3/357
www.usenix.org/legacy/events/woot10/tech/full_papers/Rizzo.pdf