Lucene search
K

5 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/03 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2010-2057

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - shared/util/StateUtils.java in Apache MyFaces 1.1.x before 1.1.8, 1.2.x before 1.2.9, and 2.0.x before 2.0.1 uses an encrypted View State without a Message...

5CVSS7.2AI score0.03099EPSS
Exploits0References1
vulnersOsv
vulnersOsv
added 2022/05/17 5:45 a.m.11 views

br.com.caelum.stella:myfaces-example (=1.1), br.net.woodstock.rockframework:rockframework-web (>=1.2.1 <=1.2.2) +44 more potentially affected by CVE-2010-2057 via org.apache.myfaces.core:myfaces-impl (>=1.2.0 <=1.2.8)

org.apache.myfaces.core:myfaces-impl MAVEN version =1.2.0, =1.2.1, =0.9.4, =0.9.4, =0.9.4, =2.2, =2.2, =2.1, =2.1, =2.0.1, =2.0.1, =2.2, =2.2, =2.2.1 - org.apache.myfaces.commons:myfaces-commons-examples12 =1.0.0 and more Source cves: CVE-2010-2057 Source advisory: OSV:GHSA-4FV4-CQ5V-X45M...

5CVSS5.8AI score0.03099EPSS
Exploits0
Prion
Prion
added 2010/10/20 6:0 p.m.35 views

Sql injection

Oracle Mojarra uses an encrypted View State without a Message Authentication Code MAC, which makes it easier for remote attackers to perform successful modifications of the View State via a padding oracle attack, a related issue to CVE-2010-2057...

5CVSS7.1AI score0.03099EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2010/10/20 5:0 p.m.85 views

CVE-2010-2057

CVE-2010-2057 affects Apache MyFaces: shared/util/StateUtils.java uses an encrypted View State without a Message Authentication Code (MAC) in MyFaces 1.1.x before 1.1.8, 1.2.x before 1.2.9, and 2.0.x before 2.0.1. The underlying issue is lack of MAC protection on the serialized View State, enabli...

5CVSS6.8AI score0.03099EPSS
Exploits0References3Affected Software1
Debian CVE
Debian CVE
added 2010/10/20 5:0 p.m.28 views

CVE-2010-4007

Oracle Mojarra uses an encrypted View State without a Message Authentication Code MAC, which makes it easier for remote attackers to perform successful modifications of the View State via a padding oracle attack, a related issue to CVE-2010-2057...

5CVSS6.4AI score0.01014EPSS
Exploits0
Rows per page
Query Builder