CVE-2013-3827: Relative Path Traversal

May 17, 2022 (updated November 3, 2022)

Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Fusion Middleware 2.1.1, 3.0.1, and 3.1.2; the Oracle JDeveloper component in Oracle Fusion Middleware 11.1.2.3.0, 11.1.2.4.0, and 12.1.2.0.0; and the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6.0 and 12.1.1 allows remote attackers to affect confidentiality via unknown vectors related to Java Server Faces or Web Container.

References

rhn.redhat.com/errata/RHSA-2014-0029.html
www.kb.cert.org/vuls/id/526012
bugs.gentoo.org/show_bug.cgi?id=CVE-2013-3827
github.com/advisories/GHSA-q388-j7cw-ff7w
nvd.nist.gov/vuln/detail/CVE-2013-3827

Code Behaviors & Features

Detect and mitigate CVE-2013-3827 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →