{"url":"http://public2.vulnerablecode.io/api/packages/62627?format=json","purl":"pkg:maven/org.jboss.resteas/resteasy-jaxrs@3.0.7.Final","type":"maven","namespace":"org.jboss.resteas","name":"resteasy-jaxrs","version":"3.0.7.Final","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"3.0.25.Final","latest_non_vulnerable_version":"3.5.0.CR1","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/43558?format=json","vulnerability_id":"VCID-kbwr-xd1h-sbbs","summary":"Inconsistent Interpretation of HTTP Requests in Red Hat JBoss EAP\nRed Hat JBoss EAP version 3.0.7.Final until 3.0.25.Final, 3.5.0.CR1, and 4.0.0.Beta1 is vulnerable to a server-side cache poisoning or CORS requests in the JAX-RS component resulting in a moderate impact.","references":[{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0002","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:0002"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0003","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:0003"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0004","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:0004"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0005","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:0005"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0478","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:0478"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0479","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:0479"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0480","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:0480"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0481","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:0481"},{"reference_url":"https://github.com/resteasy/Resteasy","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/resteasy/Resteasy"},{"reference_url":"https://issues.jboss.org/browse/RESTEASY-1704","reference_id":"","reference_type":"","scores":[],"url":"https://issues.jboss.org/browse/RESTEASY-1704"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-7561","reference_id":"CVE-2017-7561","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-7561"},{"reference_url":"https://github.com/advisories/GHSA-57q5-x8jf-g7h8","reference_id":"GHSA-57q5-x8jf-g7h8","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-57q5-x8jf-g7h8"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/62630?format=json","purl":"pkg:maven/org.jboss.resteas/resteasy-jaxrs@3.0.25.Final","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.jboss.resteas/resteasy-jaxrs@3.0.25.Final"},{"url":"http://public2.vulnerablecode.io/api/packages/62631?format=json","purl":"pkg:maven/org.jboss.resteas/resteasy-jaxrs@3.5.0.CR1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.jboss.resteas/resteasy-jaxrs@3.5.0.CR1"}],"aliases":["CVE-2017-7561","GHSA-57q5-x8jf-g7h8"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kbwr-xd1h-sbbs"}],"fixing_vulnerabilities":[],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/org.jboss.resteas/resteasy-jaxrs@3.0.7.Final"}