Improper Input Validation Affecting org.jboss.resteasy:resteasy-jaxrs-all package, versions [,4.1.1.Final)
Do your applications use this vulnerable package?
16 Apr 2020
17 Jul 2019
How to fix?
org.jboss.resteasy:resteasy-jaxrs-all to version 4.1.1.Final or higher.
org.jboss.resteasy:resteasy-jaxrs-all is a JBoss.org project aimed at providing productivity frameworks for developing client and server RESTful applications and services in Java.
Affected versions of this package are vulnerable to Improper Input Validation in
MediaTypeHeaderDelegate.java class results in the class returning an illegal header that will be then integrated in the server's response.