First published: Tue Aug 22 2017(Updated: )
Red Hat JBoss EAP version 3.0.7 through before 4.0.0.Beta1 is vulnerable to a server-side cache poisoning or CORS requests in the JAX-RS component resulting in a moderate impact.
Credit: secalert@redhat.com
Affected Software | Affected Version | How to fix |
---|---|---|
Redhat Jboss Enterprise Application Platform | =3.0.7 | |
Redhat Jboss Enterprise Application Platform | =3.0.8 | |
Redhat Jboss Enterprise Application Platform | =3.1.0 | |
Redhat Jboss Enterprise Application Platform | =3.1.1 | |
Redhat Jboss Enterprise Application Platform | =3.1.2 | |
Redhat Jboss Enterprise Application Platform | =3.1.4 | |
Redhat Jboss Enterprise Application Platform | =3.1.5 | |
Redhat Jboss Enterprise Application Platform | =3.2.3 | |
Redhat Jboss Enterprise Application Platform | =3.2.4 | |
Redhat Jboss Enterprise Application Platform | =3.2.5 | |
Redhat Jboss Enterprise Application Platform | =3.2.9 | |
Redhat Jboss Enterprise Application Platform | =3.2.13 | |
Redhat Jboss Enterprise Application Platform | =3.3.0 | |
Redhat Jboss Enterprise Application Platform | =3.5.1 | |
redhat/resteasy | <4.0.0 | 4.0.0 |
maven/org.jboss.resteasy:resteasy-jaxrs | =3.1.4.Final | 3.5.0.CR1 |
maven/org.jboss.resteasy:resteasy-jaxrs | >=3.0.7.Final<=3.0.24.Final | 3.0.25.Final |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.