CVE-2014-3558
Description
ReflectionHelper (org.hibernate.validator.util.ReflectionHelper) in Hibernate Validator 4.1.0 before 4.2.1, 4.3.x before 4.3.2, and 5.x before 5.1.2 allows attackers to bypass Java Security Manager (JSM) restrictions and execute restricted reflection calls via a crafted application.
Risk Information
Base Score
8.8
MODERATE
Vector
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.932
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Vulnerabilities CVE-2014-3558 are fixed in Hibernate-hibernate-validator for Linux 4.2.1 | Linux |
| Vulnerabilities CVE-2014-3558 are fixed in Hibernate-hibernate-validator for Linux 4.3.2 | Linux |
| Vulnerabilities CVE-2014-3558 are fixed in Hibernate-hibernate-validator for Linux 5.1.2 | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234