Skip to main content

Resin

6 CVEs product

Monthly

CVE-2014-2966 MEDIUM PATCH This Month

The ISO-8859-1 encoder in Resin Pro before 4.0.40 does not properly perform Unicode transformations, which allows remote attackers to bypass intended text restrictions via crafted characters, as. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

XSS Resin
NVD
CVSS 2.0
5.0
EPSS
0.4%
CVE-2012-2969 MEDIUM This Month

Caucho Quercus, as distributed in Resin before 4.0.29, allows remote attackers to bypass intended restrictions on filename extensions for created files via a %00 sequence in a pathname within an HTTP. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Resin
NVD
CVSS 2.0
6.4
EPSS
0.7%
CVE-2012-2968 MEDIUM This Month

Directory traversal vulnerability in Caucho Quercus, as distributed in Resin before 4.0.29, allows remote attackers to create files in arbitrary directories via a .. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Resin
NVD
CVSS 2.0
5.0
EPSS
0.2%
CVE-2012-2967 Maven HIGH PATCH This Week

Caucho Quercus, as distributed in Resin before 4.0.29, does not properly implement the == (equals sign equals sign) operator for comparisons, which has unspecified impact and context-dependent attack. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Resin
NVD
CVSS 2.0
7.5
EPSS
1.5%
CVE-2012-2966 Maven HIGH PATCH This Week

Caucho Quercus, as distributed in Resin before 4.0.29, overwrites entries in the SERVER superglobal array on the basis of POST parameters, which has unspecified impact and remote attack vectors. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Resin
NVD
CVSS 2.0
7.5
EPSS
1.5%
CVE-2012-2965 Maven HIGH PATCH This Week

Caucho Quercus, as distributed in Resin before 4.0.29, does not properly handle unspecified characters in the names of variables, which has unknown impact and remote attack vectors, related to an. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Resin
NVD
CVSS 2.0
7.5
EPSS
1.5%
EPSS 0% CVSS 5.0
MEDIUM PATCH This Month

The ISO-8859-1 encoder in Resin Pro before 4.0.40 does not properly perform Unicode transformations, which allows remote attackers to bypass intended text restrictions via crafted characters, as. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

XSS Resin
NVD
EPSS 1% CVSS 6.4
MEDIUM This Month

Caucho Quercus, as distributed in Resin before 4.0.29, allows remote attackers to bypass intended restrictions on filename extensions for created files via a %00 sequence in a pathname within an HTTP. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Resin
NVD
EPSS 0% CVSS 5.0
MEDIUM This Month

Directory traversal vulnerability in Caucho Quercus, as distributed in Resin before 4.0.29, allows remote attackers to create files in arbitrary directories via a .. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Resin
NVD
EPSS 2% CVSS 7.5
HIGH PATCH This Week

Caucho Quercus, as distributed in Resin before 4.0.29, does not properly implement the == (equals sign equals sign) operator for comparisons, which has unspecified impact and context-dependent attack. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Resin
NVD
EPSS 2% CVSS 7.5
HIGH PATCH This Week

Caucho Quercus, as distributed in Resin before 4.0.29, overwrites entries in the SERVER superglobal array on the basis of POST parameters, which has unspecified impact and remote attack vectors. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Resin
NVD
EPSS 2% CVSS 7.5
HIGH PATCH This Week

Caucho Quercus, as distributed in Resin before 4.0.29, does not properly handle unspecified characters in the names of variables, which has unknown impact and remote attack vectors, related to an. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Resin
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy