Candidate: CVE-2014-3558
PublicDate: 2014-09-30 14:55:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3558
 https://rhn.redhat.com/errata/RHSA-2014-1285.html
Description:
 ReflectionHelper (org.hibernate.validator.util.ReflectionHelper) in
 Hibernate Validator 4.1.0 before 4.2.1, 4.3.x before 4.3.2, and 5.x before
 5.1.2 allows attackers to bypass Java Security Manager (JSM) restrictions
 and execute restricted reflection calls via a crafted application.
Ubuntu-Description:
Notes:
Bugs:
 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=762690
Priority: medium
Discovered-by:
Assigned-to:
CVSS: 

Patches_libhibernate-validator-java:
upstream_libhibernate-validator-java: released (4.2.1-2)
lucid_libhibernate-validator-java: ignored (reached end-of-life)
precise_libhibernate-validator-java: ignored (reached end-of-life)
precise/esm_libhibernate-validator-java: DNE (precise was needed)
trusty_libhibernate-validator-java: ignored (reached end-of-life)
trusty/esm_libhibernate-validator-java: DNE (trusty was needed)
utopic_libhibernate-validator-java: ignored (reached end-of-life)
vivid_libhibernate-validator-java: ignored (reached end-of-life)
vivid/stable-phone-overlay_libhibernate-validator-java: DNE
vivid/ubuntu-core_libhibernate-validator-java: DNE
wily_libhibernate-validator-java: ignored (reached end-of-life)
xenial_libhibernate-validator-java: not-affected (4.2.1-2)
yakkety_libhibernate-validator-java: ignored (reached end-of-life)
zesty_libhibernate-validator-java: ignored (reached end-of-life)
artful_libhibernate-validator-java: ignored (reached end-of-life)
bionic_libhibernate-validator-java: not-affected (4.2.1-2)
cosmic_libhibernate-validator-java: not-affected (4.2.1-2)
disco_libhibernate-validator-java: not-affected (4.2.1-2)
devel_libhibernate-validator-java: not-affected (4.2.1-2)