1 results (0.004 seconds)

CVSS: 5.9EPSS: 0%CPEs: 3EXPL: 0

It was found that all OWASP ESAPI for Java up to version 2.0 RC2 are vulnerable to padding oracle attacks. Se ha detectado que todos los OWASP ESAPI para Java hasta versión 2.0 RC2, son vulnerables a ataques de tipo padding oracle • https://seclists.org/oss-sec/2010/q3/357 https://www.usenix.org/legacy/events/woot10/tech/full_papers/Rizzo.pdf • CWE-649: Reliance on Obfuscation or Encryption of Security-Relevant Inputs without Integrity Checking •