Published: 09/03/2018 Updated: 12/10/2018

CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6

CVSS v3 Base Score: 8.1 | Impact Score: 5.9 | Exploitability Score: 2.2

VMScore: 607

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

JBoss RESTEasy before version 3.1.2 could be forced into parsing a request with YamlProvider, resulting in unmarshalling of potentially untrusted data which could allow an malicious user to execute arbitrary code with RESTEasy application permissions.

Vulnerable Product	Search on Vulmon	Subscribe to Product
redhat resteasy

Debian Bug report logs - #851430 resteasy: CVE-2016-9606 Package: src:resteasy; Maintainer for src:resteasy is Debian Java Maintainers <pkg-java-maintainers@listsaliothdebianorg>; Reported by: Moritz Muehlenhoff <jmm@debianorg> Date: Sat, 14 Jan 2017 21:42:02 UTC Severity: important Tags: security Fixed in versi ...

Synopsis Moderate: Red Hat JBoss Enterprise Application Platform 6415 update on RHEL 6 Type/Severity Security Advisory: Moderate Topic An update is now available for Red Hat JBoss Enterprise Application Platform 64 for RHEL 6Red Hat Product Security has rated this update as having a security impact of M ...

Synopsis Moderate: eap7-jboss-ec2-eap security update Type/Severity Security Advisory: Moderate Topic An update for eap7-jboss-ec2-eap is now available for Red Hat JBoss Enterprise Application Platform 70 for RHEL 6 and Red Hat JBoss Enterprise Application Platform 70 for RHEL 7Red Hat Product Security h ...

Synopsis Moderate: Red Hat JBoss Enterprise Application Platform security update Type/Severity Security Advisory: Moderate Topic An update is now available for Red Hat JBoss Enterprise Application PlatformRed Hat Product Security has rated this update as having a security impact of Moderate A Common Vulne ...

Synopsis Moderate: Red Hat JBoss Enterprise Application Platform 6415 update on RHEL 5 Type/Severity Security Advisory: Moderate Topic An update is now available for Red Hat JBoss Enterprise Application Platform 64 for RHEL 5Red Hat Product Security has rated this update as having a security impact of M ...

Synopsis Moderate: Red Hat JBoss Enterprise Application Platform 6415 update on RHEL 7 Type/Severity Security Advisory: Moderate Topic An update is now available for Red Hat JBoss Enterprise Application Platform 64 for RHEL 7Red Hat Product Security has rated this update as having a security impact of M ...

Synopsis Moderate: JBoss Enterprise Application Platform 706 on Red Hat Enterprise Linux 7 Type/Severity Security Advisory: Moderate Topic An update is now available for Red Hat JBoss Enterprise Application Platform 70 for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as havin ...

Synopsis Moderate: Red Hat Process Automation Manager 710 bug fix and security update Type/Severity Security Advisory: Moderate Topic An update is now available for Red Hat Process Automation ManagerRed Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerabi ...

Synopsis Moderate: jboss-ec2-eap security, bug fix, and enhancement update Type/Severity Security Advisory: Moderate Topic An update for jboss-ec2-eap is now available for Red Hat JBoss Enterprise Application Platform 64 for RHEL 6Red Hat Product Security has rated this update as having a security impact ...

Synopsis Moderate: JBoss Enterprise Application Platform 706 on Red Hat Enterprise Linux 6 Type/Severity Security Advisory: Moderate Topic An update is now available for Red Hat JBoss Enterprise Application Platform 70 for Red Hat Enterprise Linux 6Red Hat Product Security has rated this update as havin ...

Synopsis Moderate: Red Hat Decision Manager 710 bug fix and security update Type/Severity Security Advisory: Moderate Topic An update is now available for Red Hat Decision ManagerRed Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System ...

Get Started

CVE-2016-9606

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect