Candidate: CVE-2020-6950
PublicDate: 2021-06-02 16:15:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6950
 https://github.com/eclipse-ee4j/mojarra/commit/cefbb9447e7be560e59da2da6bd7cb93776f7741
Description:
 Directory traversal in Eclipse Mojarra before 2.3.14 allows attackers to
 read arbitrary files via the loc parameter or con parameter.
Ubuntu-Description:
Notes:
Mitigation:
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS:
 nvd: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N [6.5 MEDIUM]


Patches_mojarra:
upstream_mojarra: not-affected (debian: Vulnerable code introduced later)
precise/esm_mojarra: DNE
trusty_mojarra: ignored (out of standard support)
trusty/esm_mojarra: DNE
xenial_mojarra: not-affected (code not present)
bionic_mojarra: not-affected (code not present)
eoan_mojarra: not-affected (code not present)
devel_mojarra: not-affected (code not present)