You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Version 1 Next »

Apache Geronimo 3.0.x vulnerabilities

This page lists all security vulnerabilities fixed in maintenance releases or interim builds of Apache Geronimo 3.0. Each vulnerability is given a security impact rating by either the Apache Geronimo team or by the dependent project supplying the fix - please note that this rating is not uniform and will vary from project to project. We also list the versions of Apache Geronimo the flaw is known to affect, and where a flaw has not been verified list the version with a question mark.

Please send comments or corrections for these vulnerabilities to the Geronimo Security mailing list.


Fixed in Geronimo 3.0.0

CVE-2013-1777 - "A problem in the RMI classloader may enable an attacker to send a serialized object via JMX that could compromise the system." have been fixed via GERONIMO-6253.

Please visit the 3.0.0 Release Notes page for details on all of the ncluded JIRAs.

Geronimo Server:

CVE-2013-1777:RMI classloader exposure.

Affects: 3.0.0


  • No labels