CVE-2014-3558 Information

Description

ReflectionHelper (org.hibernate.validator.util.ReflectionHelper) in Hibernate Validator 4.1.0 before 4.2.1 4.3.x before 4.3.2 and 5.x before 5.1.2 allows attackers to bypass Java Security Manager (JSM) restrictions and execute restricted reflection calls via a crafted application.

Reference

http://rhn.redhat.com/errata/RHSA-2014-1285.html http://rhn.redhat.com/errata/RHSA-2014-1286.html http://rhn.redhat.com/errata/RHSA-2014-1287.html http://rhn.redhat.com/errata/RHSA-2014-1288.html http://rhn.redhat.com/errata/RHSA-2015-0125.html http://rhn.redhat.com/errata/RHSA-2015-0720.html https://github.com/victims/victims-cve-db/blob/master/database/java/2014/3558.yaml https://hibernate.atlassian.net/browse/HV-912