CVE-2016-6346

描述

RESTEasy enables GZIPInterceptor, which allows remote attackers to cause a denial of service via unspecified vectors.

受影響套件(2)

• Debian/resteasy3.0from 0, < 3.0.26-1
• Maven/org.jboss.resteasy:resteasy-jaxrsfrom 0, < 3.0.20.Final

CVSS 分數

參考連結(7)

• ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2016-6346
• ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2016-6346
• PATCHhttps://github.com/resteasy/Resteasy
• WEBhttps://bugzilla.redhat.com/show_bug.cgi?id=1372120
• WEBhttps://github.com/resteasy/resteasy/pull/1303
• WEBhttps://issues.jboss.org/browse/JBEAP-11180
• WEBhttp://www.securityfocus.com/bid/92744