CVE-2021-28168

Incorrect Permission Assignment for Critical Resource in maven/org.glassfish.jersey.core/jersey-common

Identifiers

CVE-2021-28168, GHSA-c43q-5hpj-4crv

Package Slug

maven/org.glassfish.jersey.core/jersey-common

Vulnerability

Incorrect Permission Assignment for Critical Resource

Description

Eclipse Jersey to and Eclipse Jersey to contains a local information disclosure vulnerability.

Affected Versions

All versions starting from 2.28 before 2.34, all versions starting from 3.0.0 before 3.0.2

Solution

Upgrade to versions 2.34, 3.0.2 or above.

Last Modified

2021-04-30

source