Lucene search
K

7 matches found

vulnersOsv
vulnersOsv
added 2022/05/13 1:33 a.m.4 views

ca.ibodrov.concord:testcontainers-concord (>=0.0.2 <=0.0.13), ca.vanzyl.concord:concord-k8s-server (>=0.0.1 <=0.0.10) +16 more potentially affected by CVE-2018-1051 via org.jboss.resteasy:resteasy-yaml-provider (>=3.1.0.Beta1 <=3.6.0.CR1)

org.jboss.resteasy:resteasy-yaml-provider MAVEN version =3.1.0.Beta1, =0.0.2, =0.0.1, =0.0.8, =1.18.0, =1.38.0, =1.44.0, =1.37.0, =1.44.0, =1.0.0, =1.18.0, =1.0.0, =1.0.0, =0.0.27, =0.0.11, =0.0.27, =0.0.31 and more Source cves: CVE-2018-1051 Source advisory: OSV:GHSA-M2FV-3RQM-G7P5...

8.1CVSS7.2AI score0.01299EPSS
Exploits0
NVD
NVD
added 2018/01/25 8:29 p.m.31 views

CVE-2018-1051

It was found that the fix for CVE-2016-9606 in versions 3.0.22 and 3.1.2 was incomplete and Yaml unmarshalling in Resteasy is still possible via Yaml.load in YamlProvider...

8.1CVSS8.1AI score0.01299EPSS
Exploits0References1
OSV
OSV
added 2018/01/25 8:29 p.m.29 views

CVE-2018-1051

It was found that the fix for CVE-2016-9606 in versions 3.0.22 and 3.1.2 was incomplete and Yaml unmarshalling in Resteasy is still possible via Yaml.load in YamlProvider...

8.1CVSS8.4AI score
Exploits0References1
Cvelist
Cvelist
added 2018/01/25 8:0 p.m.42 views

CVE-2018-1051

It was found that the fix for CVE-2016-9606 in versions 3.0.22 and 3.1.2 was incomplete and Yaml unmarshalling in Resteasy is still possible via Yaml.load in YamlProvider...

8AI score0.01299EPSS
Exploits0References1
CVE
CVE
added 2018/01/25 8:0 p.m.97 views

CVE-2018-1051

CVE-2018-1051 concerns JBoss RESTEasy. The prior fix for CVE-2016-9606 was incomplete, and in RESTEasy versions 3.0.22 and 3.1.2 YAML unmarshalling via Yaml.load() in YamlProvider remains possible. This is documented in the CVE description and corroborated by Nessus/ERR sources noting an unpatche...

8.1CVSS7.9AI score0.01299EPSS
Exploits0References1Affected Software1
Debian CVE
Debian CVE
added 2018/01/25 8:0 p.m.40 views

CVE-2018-1051

It was found that the fix for CVE-2016-9606 in versions 3.0.22 and 3.1.2 was incomplete and Yaml unmarshalling in Resteasy is still possible via Yaml.load in YamlProvider...

8.1CVSS8.2AI score0.01299EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2018/01/25 4:50 p.m.36 views

CVE-2018-1051

It was found that the fix for CVE-2016-9606 in versions 3.0.22 and 3.1.2 was incomplete and Yaml unmarshalling in Resteasy is still possible via Yaml.load in YamlProvider. Mitigation If the YamlProvider is enabled its recommended to add authentication, and authorization to the endpoint expecting...

8.1CVSS7.8AI score0.06179EPSS
Exploits0References1
Rows per page
Query Builder