On 02/25/2014 11:06 AM, Wilkins, Brian wrote:
> Where can I download the patch to fix the vulnerability in the REST and
> ADMIN interface as detailed in CVE 2013-1508 and CVE 2013-1515 for
> GlassFish 3.1.2.2?
Looking closely at the Oracle CPU:
http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html
(search on the CVE number), it lists the affected versions as "3.0.1,
3.1.2". Does this vulnerability exist in 3.1.2.2 as well?
--
Glenn Holmer
Weyco Group, Inc.
phone: 414-908-1809
fax: 414-908-1601