PT-2021-8338 · Owasp · Owasp Esapi For Java

Published

2021-06-22

Updated

2021-08-13

CVE-2010-3300

CVSS v3.1

5.9

Medium

Vector

AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions OWASP ESAPI for Java versions up to 2.0 RC2

Description The issue concerns padding oracle attacks. It was found that all OWASP ESAPI for Java up to version 2.0 RC2 are vulnerable to these attacks.

Recommendations For OWASP ESAPI for Java versions up to 2.0 RC2, update to a version later than 2.0 RC2 to resolve the issue.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-649

Related Identifiers

CVE-2010-3300

GHSA-3GP6-HHFW-4GQX

Affected Products

Owasp Esapi For Java

PT-2021-8338 · Owasp · Owasp Esapi For Java

CVE-2010-3300

Weakness Enumeration

Related Identifiers

Affected Products

References · 5