2.0.1

DATE	CVE	VULNERABILITY TITLE	RISK
2010-10-20	CVE-2010-4007	Cryptographic Issues vulnerability in Oracle Mojarra Oracle Mojarra uses an encrypted View State without a Message Authentication Code (MAC), which makes it easier for remote attackers to perform successful modifications of the View State via a padding oracle attack, a related issue to CVE-2010-2057. network low complexity oracle CWE-310	5.0

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.