← Back

CVE-2014-3558

nvd nist
Published: Sep 30, 2014Modified: May 6, 2026

JSON object

Loading...
5.0
Vector
AV:N/AC:L/Au:N/C:N/I:P/A:N
Exploitability: 10.0 / Impact: 2.9
Source: NVD

Description

ReflectionHelper (org.hibernate.validator.util.ReflectionHelper) in Hibernate Validator 4.1.0 before 4.2.1, 4.3.x before 4.3.2, and 5.x before 5.1.2 allows attackers to bypass Java Security Manager (JSM) restrictions and execute restricted reflection calls via a crafted application.

Affected (8)

Redhat
1 product
Hibernate Validator
Configuration A
8 vulnerable
Vulnerable SoftwareAffected Versions
Redhat
Hibernate Validator
From 4.3.0 to 4.3.2
Hibernate Validator
From 5.0.0 to 5.0.3
Hibernate Validator
From 5.1.0 to 5.1.2
Hibernate Validator
Version 4.1.0
Hibernate Validator
Version 4.2.0
Hibernate Validator
Version 4.2.0 beta1
Hibernate Validator
Version 4.2.0 beta2
Hibernate Validator
Version 4.2.0 cr1

Related CWEs

CWE-264
CWE-264

References (16)

Source: secalert@redhat.com
Third Party Advisory
Source: secalert@redhat.com
Third Party Advisory
Source: secalert@redhat.com
Third Party Advisory
Source: secalert@redhat.com
Third Party Advisory
Source: secalert@redhat.com
Third Party Advisory
Source: secalert@redhat.com
Third Party Advisory
Source: secalert@redhat.com
Third Party Advisory
Source: secalert@redhat.com
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory

Timeline

No history available yet.