CVE-2012-2672

Priority
Description
Oracle Mojarra 2.1.7 does not properly "clean up" the FacesContext
reference during startup, which allows local users to obtain context
information an access resources from another WAR file by calling the
FacesContext.getCurrentInstance function.
Package
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was needs-triage)
Ubuntu 14.04 LTS (Trusty Tahr):needs-triage
Ubuntu 16.04 LTS (Xenial Xerus):needs-triage
Ubuntu 18.04 LTS (Bionic Beaver):needs-triage
Ubuntu 18.10 (Cosmic Cuttlefish):needs-triage
Ubuntu 19.04 (Disco Dingo):needs-triage
More Information

Updated: 2019-01-14 21:14:37 UTC (commit 51f9b73af244ba86b9321e46e526586c25a8e060)