CVE-2014-3558 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	5 UNKNOWN	NETWORK	LOW		AV:N/AC:L/Au:N/C:N/I:P/A:N
redhat	CNA	---				---
CVE	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 75%

Vendor	Product	Version
redhat	hibernate_validator	4.3.0 ≤ 𝑥 < 4.3.2
redhat	hibernate_validator	5.0.0 ≤ 𝑥 ≤ 5.0.3
redhat	hibernate_validator	5.1.0 ≤ 𝑥 < 5.1.2
redhat	hibernate_validator	4.1.0
redhat	hibernate_validator	4.2.0
redhat	hibernate_validator	4.2.0:beta1
redhat	hibernate_validator	4.2.0:beta2
redhat	hibernate_validator	4.2.0:cr1

𝑥

= Vulnerable software versions

Debian Releases

Debian Product

Codename

libhibernate-validator-java

bullseye	5.3.6-1 fixed
jessie	no-dsa
wheezy	no-dsa
squeeze	no-dsa
bookworm	5.3.6-2 fixed
sid	5.3.6-3 fixed
trixie	5.3.6-3 fixed

Ubuntu Releases

Ubuntu Product

Codename

libhibernate-validator-java

disco	not-affected
cosmic	not-affected
bionic	not-affected
artful	ignored
zesty	ignored
yakkety	ignored
xenial	not-affected
wily	ignored
vivid	ignored
utopic	ignored
trusty	dne
precise	ignored
lucid	ignored

Common Weakness Enumeration

CWE-264 -

References

http://rhn.redhat.com/errata/RHSA-2014-1285.html

http://rhn.redhat.com/errata/RHSA-2014-1286.html

http://rhn.redhat.com/errata/RHSA-2014-1287.html

http://rhn.redhat.com/errata/RHSA-2014-1288.html

http://rhn.redhat.com/errata/RHSA-2015-0125.html

http://rhn.redhat.com/errata/RHSA-2015-0720.html

https://github.com/victims/victims-cve-db/blob/master/database/java/2014/3558.yaml

https://hibernate.atlassian.net/browse/HV-912

http://rhn.redhat.com/errata/RHSA-2014-1285.html

http://rhn.redhat.com/errata/RHSA-2014-1286.html

http://rhn.redhat.com/errata/RHSA-2014-1287.html

http://rhn.redhat.com/errata/RHSA-2014-1288.html

http://rhn.redhat.com/errata/RHSA-2015-0125.html

http://rhn.redhat.com/errata/RHSA-2015-0720.html

https://github.com/victims/victims-cve-db/blob/master/database/java/2014/3558.yaml

https://hibernate.atlassian.net/browse/HV-912