logo
DATABASE RESOURCES PRICING ABOUT US

CVE-2016-9606

Description

JBoss RESTEasy before version 3.1.2 could be forced into parsing a request with YamlProvider, resulting in unmarshalling of potentially untrusted data which could allow an attacker to execute arbitrary code with RESTEasy application permissions.


Affected Package


OS OS Version Package Name Package Version
Debian 999 resteasy 3.6.2-2
Debian 12 resteasy3.0 3.0.26-3
Debian 11 resteasy3.0 3.0.26-2
Debian 10 resteasy3.0 3.0.26-1
Debian 999 resteasy3.0 3.0.26-3

Related