ReflectionHelper (org.hibernate.validator.util.ReflectionHelper) in Hibernate Validator 4.1.0 before 4.2.1, 4.3.x before 4.3.2, and 5.x before 5.1.2 allows attackers to bypass Java Security Manager (JSM) restrictions and execute restricted reflection calls via a crafted application.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2014-09-30T14:00:00

Updated: 2024-08-06T10:50:16.757Z

Reserved: 2014-05-14T00:00:00

Link: CVE-2014-3558

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Analyzed

Published: 2014-09-30T14:55:08.657

Modified: 2019-03-21T14:24:50.507

Link: CVE-2014-3558

cve-icon Redhat

Severity : Low

Publid Date: 2014-07-16T00:00:00Z

Links: CVE-2014-3558 - Bugzilla