CVE-2010-3300

It was found that all OWASP ESAPI for Java up to version 2.0 RC2 are vulnerable to padding oracle attacks.
References
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:owasp:enterprise_security_api_for_java:*:*:*:*:*:*:*:*
cpe:2.3:a:owasp:enterprise_security_api_for_java:2.0:-:*:*:*:*:*:*
cpe:2.3:a:owasp:enterprise_security_api_for_java:2.0:rc1:*:*:*:*:*:*

History

No history.

Information

Published : 2021-06-22 12:15

Updated : 2024-02-28 18:28


NVD link : CVE-2010-3300

Mitre link : CVE-2010-3300

CVE.ORG link : CVE-2010-3300


JSON object : View

Products Affected

owasp

  • enterprise_security_api_for_java
CWE
CWE-649

Reliance on Obfuscation or Encryption of Security-Relevant Inputs without Integrity Checking