Skip to content
Permalink
master
Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
Go to file
 
 
Cannot retrieve contributors at this time
cve: 2014-3558
title: "Hibernate Validator: JSM bypass via ReflectionHelper"
cvss_v2: 3.3
references:
- https://bugzilla.redhat.com/CVE-2014-3558
- https://hibernate.atlassian.net/browse/HV-912
affected:
- groupId: "org.hibernate"
artifactId: "hibernate-validator"
version:
- ">=4.1.0.Beta1,4"
- "<=4.3.1.Final,4"
- "<=5.1.1.Final,5"
fixedin:
- ">=4.3.2.Final,4"
- ">=5.2.0.Final,5"
package_urls:
- http://central.maven.org/maven2/org/hibernate/hibernate-validator/5.0.1.Final/hibernate-validator-5.0.1.Final.jar
- http://central.maven.org/maven2/org/hibernate/hibernate-validator/5.0.0.CR5/hibernate-validator-5.0.0.CR5.jar
- http://central.maven.org/maven2/org/hibernate/hibernate-validator/5.0.0.Beta1/hibernate-validator-5.0.0.Beta1.jar
- https://repository.jboss.org/nexus/content/repositories/releases/org/hibernate/hibernate-validator/5.1.0.Alpha1/hibernate-validator-5.1.0.Alpha1.jar
- https://repository.jboss.org/nexus/content/repositories/releases/org/hibernate/hibernate-validator/5.0.0.Beta1/hibernate-validator-5.0.0.Beta1.jar
- https://repository.jboss.org/nexus/content/repositories/releases/org/hibernate/hibernate-validator/5.0.0.Alpha1/hibernate-validator-5.0.0.Alpha1.jar
- https://repository.jboss.org/nexus/content/repositories/releases/org/hibernate/hibernate-validator/5.1.0.CR1/hibernate-validator-5.1.0.CR1.jar
- https://repository.jboss.org/nexus/content/repositories/releases/org/hibernate/hibernate-validator/4.3.0.Beta1/hibernate-validator-4.3.0.Beta1.jar
- http://central.maven.org/maven2/org/hibernate/hibernate-validator/5.0.0.CR3/hibernate-validator-5.0.0.CR3.jar
- https://repository.jboss.org/nexus/content/repositories/releases/org/hibernate/hibernate-validator/5.1.0.Beta1/hibernate-validator-5.1.0.Beta1.jar
- https://repository.jboss.org/nexus/content/repositories/releases/org/hibernate/hibernate-validator/5.0.0.CR4/hibernate-validator-5.0.0.CR4.jar
- http://central.maven.org/maven2/org/hibernate/hibernate-validator/5.0.0.CR4/hibernate-validator-5.0.0.CR4.jar
- https://repository.jboss.org/nexus/content/repositories/releases/org/hibernate/hibernate-validator/5.0.0.CR2/hibernate-validator-5.0.0.CR2.jar
- https://repository.jboss.org/nexus/content/repositories/releases/org/hibernate/hibernate-validator/5.1.0.Final/hibernate-validator-5.1.0.Final.jar
- http://central.maven.org/maven2/org/hibernate/hibernate-validator/5.1.1.Final/hibernate-validator-5.1.1.Final.jar
- http://central.maven.org/maven2/org/hibernate/hibernate-validator/4.0.0.Beta1/hibernate-validator-4.0.0.Beta1.jar
- https://repository.jboss.org/nexus/content/repositories/releases/org/hibernate/hibernate-validator/5.0.3.Final/hibernate-validator-5.0.3.Final.jar
- http://central.maven.org/maven2/org/hibernate/hibernate-validator/4.0.0.GA/hibernate-validator-4.0.0.GA.jar
- https://repository.jboss.org/nexus/content/repositories/releases/org/hibernate/hibernate-validator/5.0.0.CR5/hibernate-validator-5.0.0.CR5.jar
- https://repository.jboss.org/nexus/content/repositories/releases/org/hibernate/hibernate-validator/4.0.0.Alpha3/hibernate-validator-4.0.0.Alpha3.jar
- https://repository.jboss.org/nexus/content/repositories/releases/org/hibernate/hibernate-validator/5.0.0.CR1/hibernate-validator-5.0.0.CR1.jar
- https://repository.jboss.org/nexus/content/repositories/releases/org/hibernate/hibernate-validator/4.3.0.Alpha1/hibernate-validator-4.3.0.Alpha1.jar
- https://repository.jboss.org/nexus/content/repositories/releases/org/hibernate/hibernate-validator/4.3.0.Final/hibernate-validator-4.3.0.Final.jar
- https://maven.repository.redhat.com/ga/org/hibernate/hibernate-validator/4.2.0.Final-redhat-1/hibernate-validator-4.2.0.Final-redhat-1.jar
- http://central.maven.org/maven2/org/hibernate/hibernate-validator/4.0.0.CR1/hibernate-validator-4.0.0.CR1.jar
- https://repository.jboss.org/nexus/content/repositories/releases/org/hibernate/hibernate-validator/4.0.0.Alpha2/hibernate-validator-4.0.0.Alpha2.jar
- https://repository.jboss.org/nexus/content/repositories/releases/org/hibernate/hibernate-validator/4.1.0.Beta2/hibernate-validator-4.1.0.Beta2.jar
- https://repository.jboss.org/nexus/content/repositories/releases/org/hibernate/hibernate-validator/4.2.0.CR1/hibernate-validator-4.2.0.CR1.jar
- http://central.maven.org/maven2/org/hibernate/hibernate-validator/4.0.0.Alpha2/hibernate-validator-4.0.0.Alpha2.jar
- https://repository.jboss.org/nexus/content/repositories/releases/org/hibernate/hibernate-validator/4.0.0.Beta1/hibernate-validator-4.0.0.Beta1.jar
- https://repository.jboss.org/nexus/content/repositories/releases/org/hibernate/hibernate-validator/4.0.2.GA/hibernate-validator-4.0.2.GA.jar
- https://repository.jboss.org/nexus/content/repositories/releases/org/hibernate/hibernate-validator/4.2.0.Final/hibernate-validator-4.2.0.Final.jar
- https://repository.jboss.org/nexus/content/repositories/releases/org/hibernate/hibernate-validator/4.2.0.Beta2/hibernate-validator-4.2.0.Beta2.jar
- http://central.maven.org/maven2/org/hibernate/hibernate-validator/4.2.0.Beta2/hibernate-validator-4.2.0.Beta2.jar
- https://repository.jboss.org/nexus/content/repositories/releases/org/hibernate/hibernate-validator/4.3.2.Final/hibernate-validator-4.3.2.Final.jar
- https://repository.jboss.org/nexus/content/repositories/releases/org/hibernate/hibernate-validator/4.3.1.Final/hibernate-validator-4.3.1.Final.jar
- http://central.maven.org/maven2/org/hibernate/hibernate-validator/4.1.0.Final/hibernate-validator-4.1.0.Final.jar
- https://repository.jboss.org/nexus/content/repositories/releases/org/hibernate/hibernate-validator/4.1.0.Final/hibernate-validator-4.1.0.Final.jar
- http://central.maven.org/maven2/org/hibernate/hibernate-validator/5.0.3.Final/hibernate-validator-5.0.3.Final.jar
- http://central.maven.org/maven2/org/hibernate/hibernate-validator/4.0.0.Alpha3/hibernate-validator-4.0.0.Alpha3.jar
- http://central.maven.org/maven2/org/hibernate/hibernate-validator/4.3.0.CR1/hibernate-validator-4.3.0.CR1.jar
- http://central.maven.org/maven2/org/hibernate/hibernate-validator/4.0.0.Beta2/hibernate-validator-4.0.0.Beta2.jar
- http://central.maven.org/maven2/org/hibernate/hibernate-validator/4.1.0.Beta1/hibernate-validator-4.1.0.Beta1.jar
- http://central.maven.org/maven2/org/hibernate/hibernate-validator/4.3.0.Alpha1/hibernate-validator-4.3.0.Alpha1.jar
- http://central.maven.org/maven2/org/hibernate/hibernate-validator/4.1.0.Beta2/hibernate-validator-4.1.0.Beta2.jar
- http://central.maven.org/maven2/org/hibernate/hibernate-validator/4.0.0.Beta3/hibernate-validator-4.0.0.Beta3.jar
- http://central.maven.org/maven2/org/hibernate/hibernate-validator/4.0.1.GA/hibernate-validator-4.0.1.GA.jar
- http://central.maven.org/maven2/org/hibernate/hibernate-validator/4.0.0.Alpha1/hibernate-validator-4.0.0.Alpha1.jar
- http://central.maven.org/maven2/org/hibernate/hibernate-validator/4.3.1.Final/hibernate-validator-4.3.1.Final.jar
- https://repository.jboss.org/nexus/content/repositories/releases/org/hibernate/hibernate-validator/4.0.0.GA/hibernate-validator-4.0.0.GA.jar
- https://repository.jboss.org/nexus/content/repositories/releases/org/hibernate/hibernate-validator/4.1.0.Beta1/hibernate-validator-4.1.0.Beta1.jar
- http://central.maven.org/maven2/org/hibernate/hibernate-validator/5.0.0.Final/hibernate-validator-5.0.0.Final.jar
- http://central.maven.org/maven2/org/hibernate/hibernate-validator/4.3.0.Final/hibernate-validator-4.3.0.Final.jar
- https://maven.repository.redhat.com/ga/org/hibernate/hibernate-validator/4.2.0.Final-redhat-2/hibernate-validator-4.2.0.Final-redhat-2.jar
- https://repository.jboss.org/nexus/content/repositories/releases/org/hibernate/hibernate-validator/4.2.0.Beta1/hibernate-validator-4.2.0.Beta1.jar
- http://central.maven.org/maven2/org/hibernate/hibernate-validator/4.0.2.GA/hibernate-validator-4.0.2.GA.jar
- https://repository.jboss.org/nexus/content/repositories/releases/org/hibernate/hibernate-validator/4.0.1.GA/hibernate-validator-4.0.1.GA.jar
- http://central.maven.org/maven2/org/hibernate/hibernate-validator/4.3.0.Beta1/hibernate-validator-4.3.0.Beta1.jar
- https://repository.jboss.org/nexus/content/repositories/releases/org/hibernate/hibernate-validator/4.0.0.Beta2/hibernate-validator-4.0.0.Beta2.jar
- https://repository.jboss.org/nexus/content/repositories/releases/org/hibernate/hibernate-validator/5.0.0.Alpha2/hibernate-validator-5.0.0.Alpha2.jar
- http://central.maven.org/maven2/org/hibernate/hibernate-validator/5.0.0.CR2/hibernate-validator-5.0.0.CR2.jar
- https://maven.repository.redhat.com/ga/org/hibernate/hibernate-validator/4.3.2.Final-redhat-2/hibernate-validator-4.3.2.Final-redhat-2.jar
- https://maven.repository.redhat.com/ga/org/hibernate/hibernate-validator/4.3.1.Final-redhat-1/hibernate-validator-4.3.1.Final-redhat-1.jar
- http://central.maven.org/maven2/org/hibernate/hibernate-validator/4.3.0.Final/hibernate-validator-4.3.0.Final.jar
- http://central.maven.org/maven2/org/hibernate/hibernate-validator/4.3.0.Beta1/hibernate-validator-4.3.0.Beta1.jar
- http://central.maven.org/maven2/org/hibernate/hibernate-validator/4.2.0.CR1/hibernate-validator-4.2.0.CR1.jar
- http://central.maven.org/maven2/org/hibernate/hibernate-validator/4.3.0.CR1/hibernate-validator-4.3.0.CR1.jar
- https://repository.jboss.org/nexus/content/repositories/releases/org/hibernate/hibernate-validator/4.3.0.CR1/hibernate-validator-4.3.0.CR1.jar
- http://central.maven.org/maven2/org/hibernate/hibernate-validator/4.2.0.Final/hibernate-validator-4.2.0.Final.jar
- https://maven.repository.redhat.com/ga/org/hibernate/hibernate-validator/4.3.3.Final-redhat-1/hibernate-validator-4.3.3.Final-redhat-1.jar
- https://maven.repository.redhat.com/ga/org/hibernate/hibernate-validator/4.3.1.Final-redhat-1/hibernate-validator-4.3.1.Final-redhat-1.jar
- https://repository.jboss.org/nexus/content/repositories/releases/org/hibernate/hibernate-validator/4.2.0.Final/hibernate-validator-4.2.0.Final.jar
- https://maven.repository.redhat.com/ga/org/hibernate/hibernate-validator/4.3.2.Final-redhat-1/hibernate-validator-4.3.2.Final-redhat-1.jar
- https://repository.jboss.org/nexus/content/repositories/releases/org/hibernate/hibernate-validator/4.2.0.Beta1/hibernate-validator-4.2.0.Beta1.jar
- https://maven.repository.redhat.com/ga/org/hibernate/hibernate-validator/4.2.0.Final-redhat-2/hibernate-validator-4.2.0.Final-redhat-2.jar
- https://repository.jboss.org/nexus/content/repositories/releases/org/hibernate/hibernate-validator/4.2.0.CR1/hibernate-validator-4.2.0.CR1.jar
- https://repository.jboss.org/nexus/content/repositories/releases/org/hibernate/hibernate-validator/4.3.1.Final/hibernate-validator-4.3.1.Final.jar
- http://central.maven.org/maven2/org/hibernate/hibernate-validator/4.2.0.Beta2/hibernate-validator-4.2.0.Beta2.jar
- http://central.maven.org/maven2/org/hibernate/hibernate-validator/4.3.0.Alpha1/hibernate-validator-4.3.0.Alpha1.jar
- http://central.maven.org/maven2/org/hibernate/hibernate-validator/4.3.2.Final/hibernate-validator-4.3.2.Final.jar
- https://maven.repository.redhat.com/ga/org/hibernate/hibernate-validator/4.3.2.Final-redhat-3/hibernate-validator-4.3.2.Final-redhat-3.jar
- https://repository.jboss.org/nexus/content/repositories/releases/org/hibernate/hibernate-validator/4.3.0.Final/hibernate-validator-4.3.0.Final.jar
- http://central.maven.org/maven2/org/hibernate/hibernate-validator/4.3.1.Final/hibernate-validator-4.3.1.Final.jar
- http://central.maven.org/maven2/org/hibernate/hibernate-validator/5.1.0.Alpha1/hibernate-validator-5.1.0.Alpha1.jar
- https://maven.repository.redhat.com/ga/org/hibernate/hibernate-validator/4.2.0.Final-redhat-1/hibernate-validator-4.2.0.Final-redhat-1.jar
- https://repository.jboss.org/nexus/content/repositories/releases/org/hibernate/hibernate-validator/4.3.0.Alpha1/hibernate-validator-4.3.0.Alpha1.jar
- http://central.maven.org/maven2/org/hibernate/hibernate-validator/4.2.0.Beta1/hibernate-validator-4.2.0.Beta1.jar
- https://repository.jboss.org/nexus/content/repositories/releases/org/hibernate/hibernate-validator/5.0.0.CR3/hibernate-validator-5.0.0.CR3.jar
- http://central.maven.org/maven2/org/hibernate/hibernate-validator/4.1.0.CR1/hibernate-validator-4.1.0.CR1.jar
- https://repository.jboss.org/nexus/content/repositories/releases/org/hibernate/hibernate-validator/4.2.0.Beta2/hibernate-validator-4.2.0.Beta2.jar
- https://repository.jboss.org/nexus/content/repositories/releases/org/hibernate/hibernate-validator/4.0.0.Beta3/hibernate-validator-4.0.0.Beta3.jar
- http://central.maven.org/maven2/org/hibernate/hibernate-validator/4.2.0.CR1/hibernate-validator-4.2.0.CR1.jar
- https://repository.jboss.org/nexus/content/repositories/releases/org/hibernate/hibernate-validator/4.0.0.CR1/hibernate-validator-4.0.0.CR1.jar
- https://repository.jboss.org/nexus/content/repositories/releases/org/hibernate/hibernate-validator/4.3.0.Beta1/hibernate-validator-4.3.0.Beta1.jar
- https://repository.jboss.org/nexus/content/repositories/releases/org/hibernate/hibernate-validator/4.3.0.CR1/hibernate-validator-4.3.0.CR1.jar
- http://central.maven.org/maven2/org/hibernate/hibernate-validator/4.2.0.Final/hibernate-validator-4.2.0.Final.jar
- https://repository.jboss.org/nexus/content/repositories/releases/org/hibernate/hibernate-validator/4.1.0.CR1/hibernate-validator-4.1.0.CR1.jar
- https://repository.jboss.org/nexus/content/repositories/releases/org/hibernate/hibernate-validator/4.0.0.Alpha1/hibernate-validator-4.0.0.Alpha1.jar
- https://repository.jboss.org/nexus/content/repositories/releases/org/hibernate/hibernate-validator/5.0.1.Final/hibernate-validator-5.0.1.Final.jar
- http://central.maven.org/maven2/org/hibernate/hibernate-validator/5.1.0.CR1/hibernate-validator-5.1.0.CR1.jar
- https://repository.jboss.org/nexus/content/repositories/releases/org/hibernate/hibernate-validator/5.0.2.Final/hibernate-validator-5.0.2.Final.jar
- https://repository.jboss.org/nexus/content/repositories/releases/org/hibernate/hibernate-validator/5.1.1.Final/hibernate-validator-5.1.1.Final.jar
- http://central.maven.org/maven2/org/hibernate/hibernate-validator/5.0.0.Alpha1/hibernate-validator-5.0.0.Alpha1.jar
- http://central.maven.org/maven2/org/hibernate/hibernate-validator/5.0.2.Final/hibernate-validator-5.0.2.Final.jar
- http://central.maven.org/maven2/org/hibernate/hibernate-validator/5.1.0.Final/hibernate-validator-5.1.0.Final.jar
- https://repository.jboss.org/nexus/content/repositories/releases/org/hibernate/hibernate-validator/5.0.0.Final/hibernate-validator-5.0.0.Final.jar
- http://central.maven.org/maven2/org/hibernate/hibernate-validator/4.2.0.Beta1/hibernate-validator-4.2.0.Beta1.jar
- http://central.maven.org/maven2/org/hibernate/hibernate-validator/5.0.0.CR1/hibernate-validator-5.0.0.CR1.jar
- http://central.maven.org/maven2/org/hibernate/hibernate-validator/5.1.0.Beta1/hibernate-validator-5.1.0.Beta1.jar
- http://central.maven.org/maven2/org/hibernate/hibernate-validator/5.0.0.Alpha2/hibernate-validator-5.0.0.Alpha2.jar