CVE-2011-4358
mojarra - EL injection
EPSS 0.16%
Description
Unspecified vulnerability in Oracle GlassFish Enterprise Server 3.0.1 and 3.1.1 allows remote attackers to affect confidentiality and integrity, related to JSF.
How to fix CVE-2011-4358
To remediate CVE-2011-4358, upgrade the affected package to a fixed version below.
- Debian/mojarra—upgrade to 2.0.3-2 or later
- Debian/mojarra—upgrade to 2.0.3-1+squeeze1 or later
Is CVE-2011-4358 being exploited?
Low — EPSS is 0.2%, meaning exploitation activity has not been observed at scale.
Affected packages (2)
- from 0, < 2.0.3-2
- from 0, < 2.0.3-1+squeeze1