Total vulnerabilities in the database
Oracle Mojarra uses an encrypted View State without a Message Authentication Code (MAC), which makes it easier for remote attackers to perform successful modifications of the View State via a padding oracle attack, a related issue to CVE-2010-2057.
| Software | From | Fixed in |
|---|---|---|
| oracle / mojarra | 1.2_05 | 1.2_05.x |
| oracle / mojarra | 1.1_02 | 1.1_02.x |
| oracle / mojarra | 1.1 | 1.1.x |
| oracle / mojarra | 1.2_13 | 1.2_13.x |
| oracle / mojarra | 1.2 | 1.2.x |
| oracle / mojarra | 1.2_06 | 1.2_06.x |
| oracle / mojarra | 1.2_10 | 1.2_10.x |
| oracle / mojarra | 1.2_08 | 1.2_08.x |
| oracle / mojarra | 2.0.0 | 2.0.0.x |
| oracle / mojarra | 1.2_04 | 1.2_04.x |
| oracle / mojarra | 2.0.2 | 2.0.2.x |
| oracle / mojarra | 1.2_09 | 1.2_09.x |
| oracle / mojarra | 1.2_12 | 1.2_12.x |
| oracle / mojarra | 2.0.1 | 2.0.1.x |
| oracle / mojarra | 1.2_11 | 1.2_11.x |
| oracle / mojarra | 1.2_01 | 1.2_01.x |
| oracle / mojarra | 1.2_07 | 1.2_07.x |
| oracle / mojarra | 1.2_03 | 1.2_03.x |
| oracle / mojarra | 2.0.3 | 2.0.3.x |
| oracle / mojarra | 1.2_14 | 1.2_14.x |
| oracle / mojarra | 1.2_02 | 1.2_02.x |
| oracle / mojarra | 1.2_15 | 1.2_15.x |