logo
DATABASE RESOURCES PRICING ABOUT US

CVE-2018-1051

Description

It was found that the fix for CVE-2016-9606 in versions 3.0.22 and 3.1.2 was incomplete and Yaml unmarshalling in Resteasy is still possible via `Yaml.load()` in YamlProvider.


Affected Package


OS OS Version Package Name Package Version
Debian 999 resteasy 3.6.2-2
Debian 12 resteasy3.0 3.0.26-3
Debian 11 resteasy3.0 3.0.26-2
Debian 10 resteasy3.0 3.0.26-1
Debian 999 resteasy3.0 3.0.26-3

Related