ghsa-4j38-wjhf-884r
Vulnerability from github
Published
2022-05-13 01:19
Modified
2022-11-08 13:07
Severity
Summary
Arbitrary code execution in Richfaces
Details
JBoss RichFaces 3.1.0 through 3.3.4 allows unauthenticated remote attackers to inject expression language (EL) expressions and execute arbitrary Java code via a /DATA/ substring in a path with an org.richfaces.renderkit.html.Paint2DResource$ImageData object, aka RF-14310.
{
"affected": [
{
"package": {
"ecosystem": "Maven",
"name": "org.richfaces:richfaces-core"
},
"ranges": [
{
"events": [
{
"introduced": "3.1.0"
},
{
"last_affected": "3.3.4"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2018-12533"
],
"database_specific": {
"cwe_ids": [
"CWE-917"
],
"github_reviewed": true,
"github_reviewed_at": "2022-11-08T13:07:51Z",
"nvd_published_at": "2018-06-18T12:29:00Z",
"severity": "CRITICAL"
},
"details": "JBoss RichFaces 3.1.0 through 3.3.4 allows unauthenticated remote attackers to inject expression language (EL) expressions and execute arbitrary Java code via a /DATA/ substring in a path with an org.richfaces.renderkit.html.Paint2DResource$ImageData object, aka RF-14310.",
"id": "GHSA-4j38-wjhf-884r",
"modified": "2022-11-08T13:07:51Z",
"published": "2022-05-13T01:19:02Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-12533"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2018:2663"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2018:2664"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2018:2930"
},
{
"type": "WEB",
"url": "https://codewhitesec.blogspot.com/2018/05/poor-richfaces.html"
},
{
"type": "WEB",
"url": "http://seclists.org/fulldisclosure/2020/Mar/21"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Arbitrary code execution in Richfaces"
}
Loading...