biz.paluch.visualizr:visualizr (=1.0), com.adobe.api.platform:launchpad (>=1.1.11 <=1.2.1) +598 more potentially affected by CVE-2014-7839 via org.jboss.resteasy:resteasy-jaxrs (>=1.1.GA <=3.0.10.Final)

org.jboss.resteasy:resteasy-jaxrs MAVEN version =1.1.GA, =1.1.11, =1.1.11, =1.1.16, =1.0, =0.2.0, =0.2.0, =2.6.2, =1.0, =1.0, =1.0.5, =1.1.0, =1.1.1 - com.iorga:iraj-waw-analyzer =1.0.0 and more Source cves: CVE-2014-7839 Source advisory: OSV:GHSA-PC54-PCHM-XCW6...

at.porscheinformatik.zanata:common (>=4.7.0 <=4.7.8), at.porscheinformatik.zanata:stub-server (>=4.7.0 <=4.7.8) +1328 more potentially affected by CVE-2016-6346 via org.jboss.resteasy:resteasy-jaxrs (>=1.1.GA <=3.0.1.Final)

org.jboss.resteasy:resteasy-jaxrs MAVEN version =1.1.GA, =4.7.0, =4.7.0, =4.7.0, =4.7.0, =4.7.0, =4.7.0, =4.7.0, =4.7.0, =4.7.0, =4.7.0, =4.7.0, =4.7.0, =1.0.0, =1.2.0 - biz.paluch.visualizr:visualizr =1.0 - br.com.esec.icpm:certillion-client-library-resteasy-plugin =1.1.10 and more Source cves:...

ca.ibodrov.concord:testcontainers-concord (>=0.0.2 <=0.0.20), ca.ibodrov.concord:testcontainers-concord-core (>=0.0.21 <=2.0.2) +231 more potentially affected by CVE-2017-7561 via org.jboss.resteasy:resteasy-jaxrs (=3.1.4.Final)

org.jboss.resteasy:resteasy-jaxrs MAVEN version =3.1.4.Final is affected by a known vulnerability. The following packages have a transitive dependency on org.jboss.resteasy:resteasy-jaxrs and may be impacted: - ca.ibodrov.concord:testcontainers-concord =0.0.2, =0.0.21, =0.0.2, =0.0.1, =1.0.6.Fina...

Moderate: Red Hat Security Advisory: Red Hat Fuse 7.9.0 release and security update

A minor version update from 7.8 to 7.9 is now available for Red Hat Fuse. The purpose of this text-only errata is to inform you about the security issues fixed in this release. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring...

at.porscheinformatik.zanata:common (>=4.7.0 <=4.7.8), at.porscheinformatik.zanata:stub-server (>=4.7.0 <=4.7.8) +1348 more potentially affected by CVE-2020-10688 via org.jboss.resteasy:resteasy-jaxrs (>=3.0-beta-1 <=3.11.0.Final)

org.jboss.resteasy:resteasy-jaxrs MAVEN version =3.0-beta-1, =4.7.0, =4.7.0, =4.7.0, =4.7.0, =4.7.0, =4.7.0, =4.7.0, =4.7.0, =4.7.0, =4.7.0, =4.7.0, =4.7.0, =1.0.0, =1.1.9, =1.1.10 and more Source cves: CVE-2020-10688 Source advisory: SNYK:JAVA-ORGJBOSSRESTEASY-8706731...

Improper Input Validation

resteasy-jaxrs is vulnerble to improper input validation. The attack exists because it does not properly handle the response headers in MediaTypeHeaderDelegate.java, leading to a return of an illegal header to be integrated in the server's response...

Cross-site Scripting (XSS)

resteasy-jaxrs is vulnerable to cross-site scripting XSS. The vulnerability exists due to the lack of sanitization of the value of strVal, allowing RESTEASY003870 exceptions be used to execute arbitrary Javascript in a user's browser...

Cache Poisoning

resteasy-jaxrs is vulnerable to cache poisoning. The library does not add HTTP VARY: Origin headers to it’s responses, causing inaccurate caching when re-used across-origins...