GHSA-hgjr-xwj3-jfvw, CVE-2016-9606
maven/org.jboss.resteasy/resteasy-bom
Improper Input Validation
JBoss RESTEasy before version 3.1.2 could be forced into parsing a request with YamlProvider, resulting in unmarshalling of potentially untrusted data which could allow an attacker to execute arbitrary code with RESTEasy application permissions.
All versions before 3.1.2.final
Upgrade to version 3.1.2.Final or above.
2022-11-23
source |