Search
Find a vulnerability
Search criteria
6 vulnerabilities found for RESTEasy by Red Hat, Inc.
CVE-2016-9606 (GCVE-0-2016-9606)
Vulnerability from nvd – Published: 2018-03-09 20:00 – Updated: 2024-09-16 22:30
VLAI
Summary
JBoss RESTEasy before version 3.1.2 could be forced into parsing a request with YamlProvider, resulting in unmarshalling of potentially untrusted data which could allow an attacker to execute arbitrary code with RESTEasy application permissions.
Severity
No CVSS data available.
CWE
Assigner
References
16 references
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Red Hat, Inc. | RESTEasy |
Affected:
3.1.2
|
Date Public
2016-12-15 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:59:03.093Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2017:1411",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1411"
},
{
"name": "RHSA-2017:1409",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-1409.html"
},
{
"name": "94940",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/94940"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1400644"
},
{
"name": "RHSA-2017:1675",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1675"
},
{
"name": "1038524",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038524"
},
{
"name": "RHSA-2017:1254",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1254"
},
{
"name": "RHSA-2017:1410",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1410"
},
{
"name": "RHSA-2017:1255",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-1255.html"
},
{
"name": "RHSA-2017:1412",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1412"
},
{
"name": "RHSA-2018:2909",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2909"
},
{
"name": "RHSA-2017:1256",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1256"
},
{
"name": "RHSA-2017:1253",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1253"
},
{
"name": "RHSA-2017:1260",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1260"
},
{
"name": "RHSA-2017:1676",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1676"
},
{
"name": "RHSA-2018:2913",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2913"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "RESTEasy",
"vendor": "Red Hat, Inc.",
"versions": [
{
"status": "affected",
"version": "3.1.2"
}
]
}
],
"datePublic": "2016-12-15T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "JBoss RESTEasy before version 3.1.2 could be forced into parsing a request with YamlProvider, resulting in unmarshalling of potentially untrusted data which could allow an attacker to execute arbitrary code with RESTEasy application permissions."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-12T09:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "RHSA-2017:1411",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1411"
},
{
"name": "RHSA-2017:1409",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-1409.html"
},
{
"name": "94940",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/94940"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1400644"
},
{
"name": "RHSA-2017:1675",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1675"
},
{
"name": "1038524",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038524"
},
{
"name": "RHSA-2017:1254",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1254"
},
{
"name": "RHSA-2017:1410",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1410"
},
{
"name": "RHSA-2017:1255",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-1255.html"
},
{
"name": "RHSA-2017:1412",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1412"
},
{
"name": "RHSA-2018:2909",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2909"
},
{
"name": "RHSA-2017:1256",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1256"
},
{
"name": "RHSA-2017:1253",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1253"
},
{
"name": "RHSA-2017:1260",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1260"
},
{
"name": "RHSA-2017:1676",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1676"
},
{
"name": "RHSA-2018:2913",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2913"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"DATE_PUBLIC": "2016-12-15T00:00:00",
"ID": "CVE-2016-9606",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "RESTEasy",
"version": {
"version_data": [
{
"version_value": "3.1.2"
}
]
}
}
]
},
"vendor_name": "Red Hat, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "JBoss RESTEasy before version 3.1.2 could be forced into parsing a request with YamlProvider, resulting in unmarshalling of potentially untrusted data which could allow an attacker to execute arbitrary code with RESTEasy application permissions."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2017:1411",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1411"
},
{
"name": "RHSA-2017:1409",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-1409.html"
},
{
"name": "94940",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94940"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1400644",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1400644"
},
{
"name": "RHSA-2017:1675",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1675"
},
{
"name": "1038524",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038524"
},
{
"name": "RHSA-2017:1254",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1254"
},
{
"name": "RHSA-2017:1410",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1410"
},
{
"name": "RHSA-2017:1255",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-1255.html"
},
{
"name": "RHSA-2017:1412",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1412"
},
{
"name": "RHSA-2018:2909",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2909"
},
{
"name": "RHSA-2017:1256",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1256"
},
{
"name": "RHSA-2017:1253",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1253"
},
{
"name": "RHSA-2017:1260",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1260"
},
{
"name": "RHSA-2017:1676",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1676"
},
{
"name": "RHSA-2018:2913",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2913"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2016-9606",
"datePublished": "2018-03-09T20:00:00.000Z",
"dateReserved": "2016-11-23T00:00:00.000Z",
"dateUpdated": "2024-09-16T22:30:39.289Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-1051 (GCVE-0-2018-1051)
Vulnerability from nvd – Published: 2018-01-25 20:00 – Updated: 2024-08-05 03:44
VLAI
Summary
It was found that the fix for CVE-2016-9606 in versions 3.0.22 and 3.1.2 was incomplete and Yaml unmarshalling in Resteasy is still possible via `Yaml.load()` in YamlProvider.
Severity
No CVSS data available.
CWE
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://bugzilla.redhat.com/show_bug.cgi?id=1535411 | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Red Hat, Inc. | resteasy |
Affected:
after 3.0.22
Affected: after 3.1.2 |
Date Public
2018-01-18 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:44:11.805Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1535411"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "resteasy",
"vendor": "Red Hat, Inc.",
"versions": [
{
"status": "affected",
"version": "after 3.0.22"
},
{
"status": "affected",
"version": "after 3.1.2"
}
]
}
],
"datePublic": "2018-01-18T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "It was found that the fix for CVE-2016-9606 in versions 3.0.22 and 3.1.2 was incomplete and Yaml unmarshalling in Resteasy is still possible via `Yaml.load()` in YamlProvider."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-25T19:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1535411"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2018-1051",
"datePublished": "2018-01-25T20:00:00.000Z",
"dateReserved": "2017-12-04T00:00:00.000Z",
"dateUpdated": "2024-08-05T03:44:11.805Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-7561 (GCVE-0-2017-7561)
Vulnerability from nvd – Published: 2017-09-13 17:00 – Updated: 2024-09-16 22:35
VLAI
Summary
Red Hat JBoss EAP version 3.0.7 through before 4.0.0.Beta1 is vulnerable to a server-side cache poisoning or CORS requests in the JAX-RS component resulting in a moderate impact.
Severity
No CVSS data available.
CWE
Assigner
References
10 references
| URL | Tags |
|---|---|
| https://access.redhat.com/errata/RHSA-2018:0479 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2018:0481 | vendor-advisoryx_refsource_REDHAT |
| http://www.securityfocus.com/bid/100465 | vdb-entryx_refsource_BID |
| https://access.redhat.com/errata/RHSA-2018:0002 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2018:0004 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2018:0003 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2018:0480 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2018:0005 | vendor-advisoryx_refsource_REDHAT |
| https://issues.jboss.org/browse/RESTEASY-1704 | x_refsource_MISC |
| https://access.redhat.com/errata/RHSA-2018:0478 | vendor-advisoryx_refsource_REDHAT |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Red Hat, Inc. | resteasy |
Affected:
3.0.7 through before 4.0.0Beta1
|
Date Public
2017-08-22 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T16:04:12.046Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2018:0479",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0479"
},
{
"name": "RHSA-2018:0481",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0481"
},
{
"name": "100465",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/100465"
},
{
"name": "RHSA-2018:0002",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0002"
},
{
"name": "RHSA-2018:0004",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0004"
},
{
"name": "RHSA-2018:0003",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0003"
},
{
"name": "RHSA-2018:0480",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0480"
},
{
"name": "RHSA-2018:0005",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0005"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://issues.jboss.org/browse/RESTEASY-1704"
},
{
"name": "RHSA-2018:0478",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0478"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "resteasy",
"vendor": "Red Hat, Inc.",
"versions": [
{
"status": "affected",
"version": "3.0.7 through before 4.0.0Beta1"
}
]
}
],
"datePublic": "2017-08-22T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Red Hat JBoss EAP version 3.0.7 through before 4.0.0.Beta1 is vulnerable to a server-side cache poisoning or CORS requests in the JAX-RS component resulting in a moderate impact."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-346",
"description": "CWE-346",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-03-13T09:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "RHSA-2018:0479",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0479"
},
{
"name": "RHSA-2018:0481",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0481"
},
{
"name": "100465",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/100465"
},
{
"name": "RHSA-2018:0002",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0002"
},
{
"name": "RHSA-2018:0004",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0004"
},
{
"name": "RHSA-2018:0003",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0003"
},
{
"name": "RHSA-2018:0480",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0480"
},
{
"name": "RHSA-2018:0005",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0005"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://issues.jboss.org/browse/RESTEASY-1704"
},
{
"name": "RHSA-2018:0478",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0478"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"DATE_PUBLIC": "2017-08-22T00:00:00",
"ID": "CVE-2017-7561",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "resteasy",
"version": {
"version_data": [
{
"version_value": "3.0.7 through before 4.0.0Beta1"
}
]
}
}
]
},
"vendor_name": "Red Hat, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Red Hat JBoss EAP version 3.0.7 through before 4.0.0.Beta1 is vulnerable to a server-side cache poisoning or CORS requests in the JAX-RS component resulting in a moderate impact."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-346"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2018:0479",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0479"
},
{
"name": "RHSA-2018:0481",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0481"
},
{
"name": "100465",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100465"
},
{
"name": "RHSA-2018:0002",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0002"
},
{
"name": "RHSA-2018:0004",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0004"
},
{
"name": "RHSA-2018:0003",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0003"
},
{
"name": "RHSA-2018:0480",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0480"
},
{
"name": "RHSA-2018:0005",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0005"
},
{
"name": "https://issues.jboss.org/browse/RESTEASY-1704",
"refsource": "MISC",
"url": "https://issues.jboss.org/browse/RESTEASY-1704"
},
{
"name": "RHSA-2018:0478",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0478"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2017-7561",
"datePublished": "2017-09-13T17:00:00.000Z",
"dateReserved": "2017-04-05T00:00:00.000Z",
"dateUpdated": "2024-09-16T22:35:06.807Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-9606 (GCVE-0-2016-9606)
Vulnerability from cvelistv5 – Published: 2018-03-09 20:00 – Updated: 2024-09-16 22:30
VLAI
Summary
JBoss RESTEasy before version 3.1.2 could be forced into parsing a request with YamlProvider, resulting in unmarshalling of potentially untrusted data which could allow an attacker to execute arbitrary code with RESTEasy application permissions.
Severity
No CVSS data available.
CWE
Assigner
References
16 references
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Red Hat, Inc. | RESTEasy |
Affected:
3.1.2
|
Date Public
2016-12-15 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:59:03.093Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2017:1411",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1411"
},
{
"name": "RHSA-2017:1409",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-1409.html"
},
{
"name": "94940",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/94940"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1400644"
},
{
"name": "RHSA-2017:1675",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1675"
},
{
"name": "1038524",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038524"
},
{
"name": "RHSA-2017:1254",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1254"
},
{
"name": "RHSA-2017:1410",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1410"
},
{
"name": "RHSA-2017:1255",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-1255.html"
},
{
"name": "RHSA-2017:1412",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1412"
},
{
"name": "RHSA-2018:2909",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2909"
},
{
"name": "RHSA-2017:1256",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1256"
},
{
"name": "RHSA-2017:1253",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1253"
},
{
"name": "RHSA-2017:1260",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1260"
},
{
"name": "RHSA-2017:1676",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1676"
},
{
"name": "RHSA-2018:2913",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2913"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "RESTEasy",
"vendor": "Red Hat, Inc.",
"versions": [
{
"status": "affected",
"version": "3.1.2"
}
]
}
],
"datePublic": "2016-12-15T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "JBoss RESTEasy before version 3.1.2 could be forced into parsing a request with YamlProvider, resulting in unmarshalling of potentially untrusted data which could allow an attacker to execute arbitrary code with RESTEasy application permissions."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-12T09:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "RHSA-2017:1411",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1411"
},
{
"name": "RHSA-2017:1409",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-1409.html"
},
{
"name": "94940",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/94940"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1400644"
},
{
"name": "RHSA-2017:1675",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1675"
},
{
"name": "1038524",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038524"
},
{
"name": "RHSA-2017:1254",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1254"
},
{
"name": "RHSA-2017:1410",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1410"
},
{
"name": "RHSA-2017:1255",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-1255.html"
},
{
"name": "RHSA-2017:1412",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1412"
},
{
"name": "RHSA-2018:2909",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2909"
},
{
"name": "RHSA-2017:1256",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1256"
},
{
"name": "RHSA-2017:1253",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1253"
},
{
"name": "RHSA-2017:1260",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1260"
},
{
"name": "RHSA-2017:1676",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1676"
},
{
"name": "RHSA-2018:2913",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2913"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"DATE_PUBLIC": "2016-12-15T00:00:00",
"ID": "CVE-2016-9606",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "RESTEasy",
"version": {
"version_data": [
{
"version_value": "3.1.2"
}
]
}
}
]
},
"vendor_name": "Red Hat, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "JBoss RESTEasy before version 3.1.2 could be forced into parsing a request with YamlProvider, resulting in unmarshalling of potentially untrusted data which could allow an attacker to execute arbitrary code with RESTEasy application permissions."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2017:1411",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1411"
},
{
"name": "RHSA-2017:1409",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-1409.html"
},
{
"name": "94940",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94940"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1400644",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1400644"
},
{
"name": "RHSA-2017:1675",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1675"
},
{
"name": "1038524",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038524"
},
{
"name": "RHSA-2017:1254",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1254"
},
{
"name": "RHSA-2017:1410",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1410"
},
{
"name": "RHSA-2017:1255",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-1255.html"
},
{
"name": "RHSA-2017:1412",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1412"
},
{
"name": "RHSA-2018:2909",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2909"
},
{
"name": "RHSA-2017:1256",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1256"
},
{
"name": "RHSA-2017:1253",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1253"
},
{
"name": "RHSA-2017:1260",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1260"
},
{
"name": "RHSA-2017:1676",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1676"
},
{
"name": "RHSA-2018:2913",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2913"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2016-9606",
"datePublished": "2018-03-09T20:00:00.000Z",
"dateReserved": "2016-11-23T00:00:00.000Z",
"dateUpdated": "2024-09-16T22:30:39.289Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-1051 (GCVE-0-2018-1051)
Vulnerability from cvelistv5 – Published: 2018-01-25 20:00 – Updated: 2024-08-05 03:44
VLAI
Summary
It was found that the fix for CVE-2016-9606 in versions 3.0.22 and 3.1.2 was incomplete and Yaml unmarshalling in Resteasy is still possible via `Yaml.load()` in YamlProvider.
Severity
No CVSS data available.
CWE
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://bugzilla.redhat.com/show_bug.cgi?id=1535411 | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Red Hat, Inc. | resteasy |
Affected:
after 3.0.22
Affected: after 3.1.2 |
Date Public
2018-01-18 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:44:11.805Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1535411"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "resteasy",
"vendor": "Red Hat, Inc.",
"versions": [
{
"status": "affected",
"version": "after 3.0.22"
},
{
"status": "affected",
"version": "after 3.1.2"
}
]
}
],
"datePublic": "2018-01-18T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "It was found that the fix for CVE-2016-9606 in versions 3.0.22 and 3.1.2 was incomplete and Yaml unmarshalling in Resteasy is still possible via `Yaml.load()` in YamlProvider."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-25T19:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1535411"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2018-1051",
"datePublished": "2018-01-25T20:00:00.000Z",
"dateReserved": "2017-12-04T00:00:00.000Z",
"dateUpdated": "2024-08-05T03:44:11.805Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-7561 (GCVE-0-2017-7561)
Vulnerability from cvelistv5 – Published: 2017-09-13 17:00 – Updated: 2024-09-16 22:35
VLAI
Summary
Red Hat JBoss EAP version 3.0.7 through before 4.0.0.Beta1 is vulnerable to a server-side cache poisoning or CORS requests in the JAX-RS component resulting in a moderate impact.
Severity
No CVSS data available.
CWE
Assigner
References
10 references
| URL | Tags |
|---|---|
| https://access.redhat.com/errata/RHSA-2018:0479 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2018:0481 | vendor-advisoryx_refsource_REDHAT |
| http://www.securityfocus.com/bid/100465 | vdb-entryx_refsource_BID |
| https://access.redhat.com/errata/RHSA-2018:0002 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2018:0004 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2018:0003 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2018:0480 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2018:0005 | vendor-advisoryx_refsource_REDHAT |
| https://issues.jboss.org/browse/RESTEASY-1704 | x_refsource_MISC |
| https://access.redhat.com/errata/RHSA-2018:0478 | vendor-advisoryx_refsource_REDHAT |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Red Hat, Inc. | resteasy |
Affected:
3.0.7 through before 4.0.0Beta1
|
Date Public
2017-08-22 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T16:04:12.046Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2018:0479",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0479"
},
{
"name": "RHSA-2018:0481",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0481"
},
{
"name": "100465",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/100465"
},
{
"name": "RHSA-2018:0002",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0002"
},
{
"name": "RHSA-2018:0004",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0004"
},
{
"name": "RHSA-2018:0003",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0003"
},
{
"name": "RHSA-2018:0480",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0480"
},
{
"name": "RHSA-2018:0005",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0005"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://issues.jboss.org/browse/RESTEASY-1704"
},
{
"name": "RHSA-2018:0478",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0478"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "resteasy",
"vendor": "Red Hat, Inc.",
"versions": [
{
"status": "affected",
"version": "3.0.7 through before 4.0.0Beta1"
}
]
}
],
"datePublic": "2017-08-22T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Red Hat JBoss EAP version 3.0.7 through before 4.0.0.Beta1 is vulnerable to a server-side cache poisoning or CORS requests in the JAX-RS component resulting in a moderate impact."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-346",
"description": "CWE-346",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-03-13T09:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "RHSA-2018:0479",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0479"
},
{
"name": "RHSA-2018:0481",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0481"
},
{
"name": "100465",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/100465"
},
{
"name": "RHSA-2018:0002",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0002"
},
{
"name": "RHSA-2018:0004",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0004"
},
{
"name": "RHSA-2018:0003",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0003"
},
{
"name": "RHSA-2018:0480",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0480"
},
{
"name": "RHSA-2018:0005",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0005"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://issues.jboss.org/browse/RESTEASY-1704"
},
{
"name": "RHSA-2018:0478",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0478"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"DATE_PUBLIC": "2017-08-22T00:00:00",
"ID": "CVE-2017-7561",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "resteasy",
"version": {
"version_data": [
{
"version_value": "3.0.7 through before 4.0.0Beta1"
}
]
}
}
]
},
"vendor_name": "Red Hat, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Red Hat JBoss EAP version 3.0.7 through before 4.0.0.Beta1 is vulnerable to a server-side cache poisoning or CORS requests in the JAX-RS component resulting in a moderate impact."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-346"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2018:0479",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0479"
},
{
"name": "RHSA-2018:0481",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0481"
},
{
"name": "100465",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100465"
},
{
"name": "RHSA-2018:0002",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0002"
},
{
"name": "RHSA-2018:0004",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0004"
},
{
"name": "RHSA-2018:0003",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0003"
},
{
"name": "RHSA-2018:0480",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0480"
},
{
"name": "RHSA-2018:0005",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0005"
},
{
"name": "https://issues.jboss.org/browse/RESTEASY-1704",
"refsource": "MISC",
"url": "https://issues.jboss.org/browse/RESTEASY-1704"
},
{
"name": "RHSA-2018:0478",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0478"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2017-7561",
"datePublished": "2017-09-13T17:00:00.000Z",
"dateReserved": "2017-04-05T00:00:00.000Z",
"dateUpdated": "2024-09-16T22:35:06.807Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}