CVE-2012-2966 – com.caucho:resin

Package

Manager: maven
Name: com.caucho:resin
Vulnerable Version: >=0 <4.0.29

Severity

Level: High

CVSS v3.1: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N

EPSS: 0.00545 pctl0.66801

Details

Caucho Quercus, as distributed in Resin, overwrites entries in SERVER superglobal array on basis of POST parameters Caucho Quercus, as distributed in Resin before 4.0.29, overwrites entries in the SERVER superglobal array on the basis of POST parameters, which has unspecified impact and remote attack vectors.

Metadata

Created: 2022-05-17T05:23:56Z
Modified: 2025-04-12T02:55:51Z
Source: https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-g5fx-ccwv-5c4f/GHSA-g5fx-ccwv-5c4f.json
CWE IDs: []
Alternative ID: GHSA-g5fx-ccwv-5c4f
Finding: F184
Auto approve: 1