Lucene search
Veracode Vulnerability DatabaseVERACODE:4945HistoryAug 23, 2017 - 3:18 a.m.
Cache Poisoning
2017-08-2303:18:41
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
16
EPSS
0.007
Percentile
79.6%
resteasy-jaxrs is vulnerable to cache poisoning. The library does not add HTTP VARY: Origin headers to itβs responses, causing inaccurate caching when re-used across-origins.
References
www.securityfocus.com/bid/100465
access.redhat.com/errata/RHSA-2018:0002
access.redhat.com/errata/RHSA-2018:0003
access.redhat.com/errata/RHSA-2018:0004
access.redhat.com/errata/RHSA-2018:0005
access.redhat.com/errata/RHSA-2018:0478
access.redhat.com/errata/RHSA-2018:0479
access.redhat.com/errata/RHSA-2018:0480
access.redhat.com/errata/RHSA-2018:0481
bugzilla.redhat.com/show_bug.cgi?id=1483823
github.com/resteasy/Resteasy/pull/1300
issues.jboss.org/browse/RESTEASY-1704
Related
debiancve
debiancve
CVE-2017-7561
2017-09-13 17:29:00
prion
prion
Design/Logic Flaw
2017-09-13 17:29:00
cvelist
cvelist
CVE-2017-7561
2017-08-22 00:00:00
github
github
Inconsistent Interpretation of HTTP Requests in Red Hat JBoss EAP
2022-05-13 01:47:01
ubuntucve
ubuntucve
CVE-2017-7561
2017-09-13 00:00:00
cve
cve
CVE-2017-7561
2017-09-13 17:29:00
osv
osv
Inconsistent Interpretation of HTTP Requests in Red Hat JBoss EAP
2022-05-13 01:47:01
redhatcve
redhatcve
CVE-2017-7561
2019-10-26 00:44:28
nvd
nvd
CVE-2017-7561
2017-09-13 17:29:00
redhat
redhat
(RHSA-2018:0003) Important: Red Hat JBoss Enterprise Application Platform 7.0.9 security update
2018-01-03 10:19:39
(RHSA-2018:0004) Important: Red Hat JBoss Enterprise Application Platform 7.0.9 security update on RHEL 7
2018-01-03 10:20:14
(RHSA-2018:0005) Important: eap7-jboss-ec2-eap security update
2018-01-03 10:33:56
nessus
nessus
RHEL 6 : JBoss Enterprise Application Platform 7.1.1 on RHEL 6 (Important) (RHSA-2018:0479)
2018-03-14 00:00:00
RHEL 6 : Red Hat JBoss Enterprise Application Platform 7.0.9 security update on RHEL 6 (Important) (RHSA-2018:0002)
2018-01-04 00:00:00
RHEL 6 / 7 : eap7-jboss-ec2-eap (RHSA-2018:0005)
2018-01-04 00:00:00