CVE-2016-9606

Improper Input Validation in maven/org.jboss.resteasy/resteasy-bom

Identifiers

GHSA-hgjr-xwj3-jfvw, CVE-2016-9606

Package Slug

maven/org.jboss.resteasy/resteasy-bom

Vulnerability

Improper Input Validation

Description

JBoss RESTEasy before version 3.1.2 could be forced into parsing a request with YamlProvider, resulting in unmarshalling of potentially untrusted data which could allow an attacker to execute arbitrary code with RESTEasy application permissions.

Affected Versions

All versions before 3.1.2.final

Solution

Upgrade to version 3.1.2.Final or above.

Last Modified

2022-11-23

source