Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:maven/org.jboss.resteas/resteasy-jaxrs@3.0.25.Final

Type maven

Namespace org.jboss.resteas

Name resteasy-jaxrs

Version 3.0.25.Final

Qualifiers

Subpath

Is_vulnerable false

Next_non_vulnerable_version 3.5.0.CR1

Latest_non_vulnerable_version 3.5.0.CR1

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-kbwr-xd1h-sbbs

vulnerability_id VCID-kbwr-xd1h-sbbs

summary

Inconsistent Interpretation of HTTP Requests in Red Hat JBoss EAP
Red Hat JBoss EAP version 3.0.7.Final until 3.0.25.Final, 3.5.0.CR1, and 4.0.0.Beta1 is vulnerable to a server-side cache poisoning or CORS requests in the JAX-RS component resulting in a moderate impact.

references

reference_url	https://access.redhat.com/errata/RHSA-2018:0002
reference_id
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:0002

reference_url	https://access.redhat.com/errata/RHSA-2018:0003
reference_id
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:0003

reference_url	https://access.redhat.com/errata/RHSA-2018:0004
reference_id
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:0004

reference_url	https://access.redhat.com/errata/RHSA-2018:0005
reference_id
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:0005

reference_url	https://access.redhat.com/errata/RHSA-2018:0478
reference_id
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:0478

reference_url	https://access.redhat.com/errata/RHSA-2018:0479
reference_id
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:0479

reference_url	https://access.redhat.com/errata/RHSA-2018:0480
reference_id
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:0480

reference_url	https://access.redhat.com/errata/RHSA-2018:0481
reference_id
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:0481

reference_url	https://github.com/resteasy/Resteasy
reference_id
reference_type
scores
url	https://github.com/resteasy/Resteasy

reference_url	https://issues.jboss.org/browse/RESTEASY-1704
reference_id
reference_type
scores
url	https://issues.jboss.org/browse/RESTEASY-1704

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2017-7561
reference_id	CVE-2017-7561
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2017-7561

reference_url	https://github.com/advisories/GHSA-57q5-x8jf-g7h8
reference_id	GHSA-57q5-x8jf-g7h8
reference_type
scores
url	https://github.com/advisories/GHSA-57q5-x8jf-g7h8

fixed_packages

url	pkg:maven/org.jboss.resteas/resteasy-jaxrs@3.0.25.Final
purl	pkg:maven/org.jboss.resteas/resteasy-jaxrs@3.0.25.Final
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.jboss.resteas/resteasy-jaxrs@3.0.25.Final

url	pkg:maven/org.jboss.resteas/resteasy-jaxrs@3.5.0.CR1
purl	pkg:maven/org.jboss.resteas/resteasy-jaxrs@3.5.0.CR1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.jboss.resteas/resteasy-jaxrs@3.5.0.CR1

aliases CVE-2017-7561, GHSA-57q5-x8jf-g7h8

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kbwr-xd1h-sbbs

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jboss.resteas/resteasy-jaxrs@3.0.25.Final

Package Instance