CVE-2013-3827

EPSS 86.8%

Path Traversal in Eclipse Mojarra

Published: 5/17/2022Modified: 12/4/2024

Description

Multiple path traversal flaws where found in Mojarra JSF2 implementation for identifying resources by name or from libraries. An unauthenticated remote attacker can use these flaws to gather otherwise undisclosed information from within an application's root.

Affected packages (1)

Maven/org.glassfish:javax.faces>= 2.0.0, < 2.1.19

References (4)

ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2013-3827
WEBhttp://rhn.redhat.com/errata/RHSA-2014-0029.html
WEBhttps://bugs.gentoo.org/show_bug.cgi?id=CVE-2013-3827
WEBhttp://www.kb.cert.org/vuls/id/526012