1 results (0.001 seconds)
CVSS: 5.9EPSS: 0%CPEs: 3EXPL: 0
CVSS: 5.9EPSS: 0%CPEs: 3EXPL: 0CVE-2010-3300
https://notcve.org/view.php?id=CVE-2010-3300
It was found that all OWASP ESAPI for Java up to version 2.0 RC2 are vulnerable to padding oracle attacks. Se ha detectado que todos los OWASP ESAPI para Java hasta versión 2.0 RC2, son vulnerables a ataques de tipo padding oracle • https://seclists.org/oss-sec/2010/q3/357 https://www.usenix.org/legacy/events/woot10/tech/full_papers/Rizzo.pdf • CWE-649: Reliance on Obfuscation or Encryption of Security-Relevant Inputs without Integrity Checking •