Back to bug 1372124
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Jason Shepherd | 2016-09-01 01:10:24 UTC | Blocks | 1371804 | |
| Jason Shepherd | 2016-09-01 01:11:02 UTC | Depends On | 1372125 | |
| Jason Shepherd | 2016-09-01 02:18:36 UTC | Blocks | 1372141 | |
| Jason Shepherd | 2016-09-01 06:23:50 UTC | Doc Text | It was found that the default exception handler in RESTEasy did not properly validate user input. An attacker could use this flaw to launch a relected XSS attack. | |
| Jason Shepherd | 2016-09-02 04:31:11 UTC | Whiteboard | impact=moderate,public=20160901,reported=20160829,source=researcher,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,cvss3=5.4/CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N,cwe=20,eap-7/REST=affected,fedora-all/resteasy=affected,eap-6/RESTEasy=new,eap-5/jbossas=wontfix,bpms-6/Build and Assembly=new,brms-6/Build and Assembly=new,jdg-6/Build=new,jdv-6/Productization=new,brms-5/Security=wontfix,soap-5/Security=wontfix,fsw-6/SwitchYard=new,fuse-6/SwitchYard=new,jon-3/REST=new,jpp-6/Requirements=new,rhsso-7/Core=new,rhev-m-3/vdsm-jsonrpc-java=new,rhn_satellite_6/Security=new,sam-1/katello=new | impact=moderate,public=20160901,reported=20160829,source=researcher,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,cvss3=5.4/CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N,cwe=20,eap-7/REST=affected,fedora-all/resteasy=affected,eap-6/RESTEasy=notaffected,eap-5/jbossas=wontfix,bpms-6/Build and Assembly=new,brms-6/Build and Assembly=new,jdg-6/Build=new,jdv-6/Productization=new,brms-5/Security=wontfix,soap-5/Security=wontfix,fsw-6/SwitchYard=new,fuse-6/SwitchYard=new,jon-3/REST=new,jpp-6/Requirements=new,rhsso-7/Core=new,rhev-m-3/vdsm-jsonrpc-java=new,rhn_satellite_6/Security=new,sam-1/katello=new |
| Jason Shepherd | 2016-09-02 05:35:26 UTC | Blocks | 1372565 | |
| Jason Shepherd | 2016-09-02 05:38:37 UTC | Blocks | 1372568 | |
| Jason Shepherd | 2016-09-02 05:42:39 UTC | Blocks | 1372571 | |
| Jason Shepherd | 2016-09-02 07:20:26 UTC | Whiteboard | impact=moderate,public=20160901,reported=20160829,source=researcher,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,cvss3=5.4/CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N,cwe=20,eap-7/REST=affected,fedora-all/resteasy=affected,eap-6/RESTEasy=notaffected,eap-5/jbossas=wontfix,bpms-6/Build and Assembly=new,brms-6/Build and Assembly=new,jdg-6/Build=new,jdv-6/Productization=new,brms-5/Security=wontfix,soap-5/Security=wontfix,fsw-6/SwitchYard=new,fuse-6/SwitchYard=new,jon-3/REST=new,jpp-6/Requirements=new,rhsso-7/Core=new,rhev-m-3/vdsm-jsonrpc-java=new,rhn_satellite_6/Security=new,sam-1/katello=new | impact=moderate,public=20160901,reported=20160829,source=researcher,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,cvss3=5.4/CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N,cwe=20,eap-7/REST=affected,fedora-all/resteasy=affected,eap-6/RESTEasy=notaffected,eap-5/jbossas=wontfix,bpms-6/Build and Assembly=new,brms-6/Build and Assembly=new,jdg-6/Build=new,jdv-6/Productization=new,brms-5/Security=wontfix,soap-5/Security=wontfix,fsw-6/SwitchYard=new,fuse-6/SwitchYard=new,jon-3/REST=wontfix,jpp-6/Requirements=new,rhsso-7/Core=new,rhev-m-3/vdsm-jsonrpc-java=new,rhn_satellite_6/Security=new,sam-1/katello=new |
| Horia Chiorean | 2016-09-02 07:21:02 UTC | CC | hchiorea | |
| Adam Mariš | 2016-09-02 08:37:43 UTC | CC | amaris | |
| Whiteboard | impact=moderate,public=20160901,reported=20160829,source=researcher,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,cvss3=5.4/CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N,cwe=20,eap-7/REST=affected,fedora-all/resteasy=affected,eap-6/RESTEasy=notaffected,eap-5/jbossas=wontfix,bpms-6/Build and Assembly=new,brms-6/Build and Assembly=new,jdg-6/Build=new,jdv-6/Productization=new,brms-5/Security=wontfix,soap-5/Security=wontfix,fsw-6/SwitchYard=new,fuse-6/SwitchYard=new,jon-3/REST=wontfix,jpp-6/Requirements=new,rhsso-7/Core=new,rhev-m-3/vdsm-jsonrpc-java=new,rhn_satellite_6/Security=new,sam-1/katello=new | impact=moderate,public=20160901,reported=20160829,source=researcher,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,cvss3=5.4/CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N,cwe=CWE-20,eap-7/REST=affected,fedora-all/resteasy=affected,eap-6/RESTEasy=notaffected,eap-5/jbossas=wontfix,bpms-6/Build and Assembly=new,brms-6/Build and Assembly=new,jdg-6/Build=new,jdv-6/Productization=new,brms-5/Security=wontfix,soap-5/Security=wontfix,fsw-6/SwitchYard=new,fuse-6/SwitchYard=new,jon-3/REST=wontfix,jpp-6/Requirements=new,rhsso-7/Core=new,rhev-m-3/vdsm-jsonrpc-java=new,rhn_satellite_6/Security=new,sam-1/katello=new | ||
| Hooman Broujerdi | 2016-09-07 23:39:30 UTC | CC | hghasemb | |
| Pavel Polischouk | 2016-09-22 01:36:29 UTC | Whiteboard | impact=moderate,public=20160901,reported=20160829,source=researcher,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,cvss3=5.4/CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N,cwe=CWE-20,eap-7/REST=affected,fedora-all/resteasy=affected,eap-6/RESTEasy=notaffected,eap-5/jbossas=wontfix,bpms-6/Build and Assembly=new,brms-6/Build and Assembly=new,jdg-6/Build=new,jdv-6/Productization=new,brms-5/Security=wontfix,soap-5/Security=wontfix,fsw-6/SwitchYard=new,fuse-6/SwitchYard=new,jon-3/REST=wontfix,jpp-6/Requirements=new,rhsso-7/Core=new,rhev-m-3/vdsm-jsonrpc-java=new,rhn_satellite_6/Security=new,sam-1/katello=new | impact=moderate,public=20160901,reported=20160829,source=researcher,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,cvss3=5.4/CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N,cwe=CWE-20,eap-7/REST=affected,fedora-all/resteasy=affected,eap-6/RESTEasy=notaffected,eap-5/jbossas=wontfix,bpms-6/Build and Assembly=notaffected,brms-6/Build and Assembly=notaffected,jdg-6/Build=new,jdv-6/Productization=notaffected,brms-5/Security=wontfix,soap-5/Security=wontfix,fsw-6/SwitchYard=notaffected,fuse-6/SwitchYard=new,jon-3/REST=wontfix,jpp-6/Requirements=new,rhsso-7/Core=new,rhev-m-3/vdsm-jsonrpc-java=new,rhn_satellite_6/Security=new,sam-1/katello=new |
| Hooman Broujerdi | 2016-09-22 02:38:33 UTC | Whiteboard | impact=moderate,public=20160901,reported=20160829,source=researcher,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,cvss3=5.4/CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N,cwe=CWE-20,eap-7/REST=affected,fedora-all/resteasy=affected,eap-6/RESTEasy=notaffected,eap-5/jbossas=wontfix,bpms-6/Build and Assembly=notaffected,brms-6/Build and Assembly=notaffected,jdg-6/Build=new,jdv-6/Productization=notaffected,brms-5/Security=wontfix,soap-5/Security=wontfix,fsw-6/SwitchYard=notaffected,fuse-6/SwitchYard=new,jon-3/REST=wontfix,jpp-6/Requirements=new,rhsso-7/Core=new,rhev-m-3/vdsm-jsonrpc-java=new,rhn_satellite_6/Security=new,sam-1/katello=new | impact=moderate,public=20160901,reported=20160829,source=researcher,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,cvss3=5.4/CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N,cwe=CWE-20,eap-7/REST=affected,fedora-all/resteasy=affected,eap-6/RESTEasy=notaffected,eap-5/jbossas=wontfix,bpms-6/Build and Assembly=notaffected,brms-6/Build and Assembly=notaffected,jdg-6/Build=new,jdv-6/Productization=notaffected,brms-5/Security=wontfix,soap-5/Security=wontfix,fsw-6/SwitchYard=notaffected,fuse-6/SwitchYard=affected,jon-3/REST=wontfix,jpp-6/Requirements=new,rhsso-7/Core=new,rhev-m-3/vdsm-jsonrpc-java=new,rhn_satellite_6/Security=new,sam-1/katello=new |
| Adam Mariš | 2016-11-08 16:29:06 UTC | CC | amaris | |
| Kurt Seifried | 2017-07-14 21:15:16 UTC | CC | lzap, mhulan, tbrisker | |
| Whiteboard | impact=moderate,public=20160901,reported=20160829,source=researcher,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,cvss3=5.4/CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N,cwe=CWE-20,eap-7/REST=affected,fedora-all/resteasy=affected,eap-6/RESTEasy=notaffected,eap-5/jbossas=wontfix,bpms-6/Build and Assembly=notaffected,brms-6/Build and Assembly=notaffected,jdg-6/Build=new,jdv-6/Productization=notaffected,brms-5/Security=wontfix,soap-5/Security=wontfix,fsw-6/SwitchYard=notaffected,fuse-6/SwitchYard=affected,jon-3/REST=wontfix,jpp-6/Requirements=new,rhsso-7/Core=new,rhev-m-3/vdsm-jsonrpc-java=new,rhn_satellite_6/Security=new,sam-1/katello=new | impact=moderate,public=20160901,reported=20160829,source=researcher,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,cvss3=5.4/CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N,cwe=CWE-20,eap-7/REST=affected,fedora-all/resteasy=affected,eap-6/RESTEasy=notaffected,eap-5/jbossas=wontfix,bpms-6/Build and Assembly=notaffected,brms-6/Build and Assembly=notaffected,jdg-6/Build=new,jdv-6/Productization=notaffected,brms-5/Security=wontfix,soap-5/Security=wontfix,fsw-6/SwitchYard=notaffected,fuse-6/SwitchYard=affected,jon-3/REST=wontfix,jpp-6/Requirements=new,rhsso-7/Core=new,rhev-m-3/vdsm-jsonrpc-java=new,rhn_satellite_6/Security=affected,sam-1/katello=new | ||
| Kurt Seifried | 2017-07-14 21:15:54 UTC | Depends On | 1471278, 1471277 | |
| Bryan Kearney | 2017-08-08 20:44:50 UTC | CC | bcourt, mstead | |
| Scott Herold | 2017-09-12 15:34:01 UTC | CC | sherold | |
| PnT Account Manager | 2017-12-07 23:58:13 UTC | CC | felias | |
| Oved Ourfali | 2018-01-04 09:49:40 UTC | CC | oourfali | |
| PnT Account Manager | 2018-02-06 19:24:27 UTC | CC | hfnukal | |
| PnT Account Manager | 2018-03-05 15:03:13 UTC | CC | bazulay | |
| Chess Hazlett | 2018-04-20 15:15:22 UTC | CC | drieden, pdrozd, sthorger | |
| Whiteboard | impact=moderate,public=20160901,reported=20160829,source=researcher,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,cvss3=5.4/CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N,cwe=CWE-20,eap-7/REST=affected,fedora-all/resteasy=affected,eap-6/RESTEasy=notaffected,eap-5/jbossas=wontfix,bpms-6/Build and Assembly=notaffected,brms-6/Build and Assembly=notaffected,jdg-6/Build=new,jdv-6/Productization=notaffected,brms-5/Security=wontfix,soap-5/Security=wontfix,fsw-6/SwitchYard=notaffected,fuse-6/SwitchYard=affected,jon-3/REST=wontfix,jpp-6/Requirements=new,rhsso-7/Core=new,rhev-m-3/vdsm-jsonrpc-java=new,rhn_satellite_6/Security=affected,sam-1/katello=new | impact=moderate,public=20160901,reported=20160829,source=researcher,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,cvss3=5.4/CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N,cwe=CWE-20,eap-7/REST=affected,fedora-all/resteasy=affected,eap-6/RESTEasy=notaffected,eap-5/jbossas=wontfix,bpms-6/Build and Assembly=notaffected,brms-6/Build and Assembly=notaffected,jdg-6/Build=affected,jdv-6/Productization=notaffected,brms-5/Security=wontfix,soap-5/Security=wontfix,fsw-6/SwitchYard=notaffected,fuse-6/SwitchYard=affected,jon-3/REST=wontfix,jpp-6/Requirements=notaffected,rhsso-7/Core=notaffected,rhev-m-3/vdsm-jsonrpc-java=new,rhn_satellite_6/Security=affected,sam-1/katello=new | ||
| Chess Hazlett | 2018-04-20 15:25:47 UTC | Whiteboard | impact=moderate,public=20160901,reported=20160829,source=researcher,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,cvss3=5.4/CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N,cwe=CWE-20,eap-7/REST=affected,fedora-all/resteasy=affected,eap-6/RESTEasy=notaffected,eap-5/jbossas=wontfix,bpms-6/Build and Assembly=notaffected,brms-6/Build and Assembly=notaffected,jdg-6/Build=affected,jdv-6/Productization=notaffected,brms-5/Security=wontfix,soap-5/Security=wontfix,fsw-6/SwitchYard=notaffected,fuse-6/SwitchYard=affected,jon-3/REST=wontfix,jpp-6/Requirements=notaffected,rhsso-7/Core=notaffected,rhev-m-3/vdsm-jsonrpc-java=new,rhn_satellite_6/Security=affected,sam-1/katello=new | impact=moderate,public=20160901,reported=20160829,source=researcher,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,cvss3=5.4/CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N,cwe=CWE-20,eap-7/REST=affected,fedora-all/resteasy=affected,eap-6/RESTEasy=notaffected,eap-5/jbossas=wontfix,bpms-6/Build and Assembly=notaffected,brms-6/Build and Assembly=notaffected,jdg-6/Build=notaffected,jdv-6/Productization=notaffected,brms-5/Security=wontfix,soap-5/Security=wontfix,fsw-6/SwitchYard=notaffected,fuse-6/SwitchYard=affected,jon-3/REST=wontfix,jpp-6/Requirements=notaffected,rhsso-7/Core=notaffected,rhev-m-3/vdsm-jsonrpc-java=new,rhn_satellite_6/Security=affected,sam-1/katello=new,jdg-7/resteasy=affected |
| PnT Account Manager | 2018-05-10 18:17:41 UTC | CC | pavelp | |
| Kurt Seifried | 2018-06-13 16:58:18 UTC | CC | mrike, rchan | |
| Whiteboard | impact=moderate,public=20160901,reported=20160829,source=researcher,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,cvss3=5.4/CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N,cwe=CWE-20,eap-7/REST=affected,fedora-all/resteasy=affected,eap-6/RESTEasy=notaffected,eap-5/jbossas=wontfix,bpms-6/Build and Assembly=notaffected,brms-6/Build and Assembly=notaffected,jdg-6/Build=notaffected,jdv-6/Productization=notaffected,brms-5/Security=wontfix,soap-5/Security=wontfix,fsw-6/SwitchYard=notaffected,fuse-6/SwitchYard=affected,jon-3/REST=wontfix,jpp-6/Requirements=notaffected,rhsso-7/Core=notaffected,rhev-m-3/vdsm-jsonrpc-java=new,rhn_satellite_6/Security=affected,sam-1/katello=new,jdg-7/resteasy=affected | impact=moderate,public=20160901,reported=20160829,source=researcher,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,cvss3=5.4/CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N,cwe=CWE-20,eap-7/REST=affected,fedora-all/resteasy=affected,eap-6/RESTEasy=notaffected,eap-5/jbossas=wontfix,bpms-6/Build and Assembly=notaffected,brms-6/Build and Assembly=notaffected,jdg-6/Build=notaffected,jdv-6/Productization=notaffected,brms-5/Security=wontfix,soap-5/Security=wontfix,fsw-6/SwitchYard=notaffected,fuse-6/SwitchYard=affected,jon-3/REST=wontfix,jpp-6/Requirements=notaffected,rhsso-7/Core=notaffected,rhev-m-3/vdsm-jsonrpc-java=new,rhn_satellite_6/Security=wontfix,sam-1/katello=new,jdg-7/resteasy=affected | ||
| Kurt Seifried | 2018-06-13 16:59:35 UTC | Depends On | 1590941 | |
| Marek Hulan | 2018-06-14 06:02:49 UTC | CC | mhulan | |
| PnT Account Manager | 2018-06-29 22:14:09 UTC | CC | kseifried | |
| PnT Account Manager | 2018-11-05 22:46:38 UTC | CC | ylavi | |
| PnT Account Manager | 2018-11-09 22:32:15 UTC | CC | hghasemb | |
| Gil Klein | 2019-04-14 12:45:23 UTC | CC | gklein | |
| PnT Account Manager | 2019-04-22 21:31:09 UTC | CC | tjay | |
| Marek Goldmann | 2019-06-08 08:53:25 UTC | CC | mgoldman | |
| PnT Account Manager | 2019-06-18 21:34:42 UTC | CC | mrike | |
| Lukáš Petrovický | 2019-09-24 14:07:58 UTC | CC | lpetrovi | |
| Product Security DevOps Team | 2019-09-29 13:55:15 UTC | Whiteboard | impact=moderate,public=20160901,reported=20160829,source=researcher,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,cvss3=5.4/CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N,cwe=CWE-20,eap-7/REST=affected,fedora-all/resteasy=affected,eap-6/RESTEasy=notaffected,eap-5/jbossas=wontfix,bpms-6/Build and Assembly=notaffected,brms-6/Build and Assembly=notaffected,jdg-6/Build=notaffected,jdv-6/Productization=notaffected,brms-5/Security=wontfix,soap-5/Security=wontfix,fsw-6/SwitchYard=notaffected,fuse-6/SwitchYard=affected,jon-3/REST=wontfix,jpp-6/Requirements=notaffected,rhsso-7/Core=notaffected,rhev-m-3/vdsm-jsonrpc-java=new,rhn_satellite_6/Security=wontfix,sam-1/katello=new,jdg-7/resteasy=affected | |
| Dinesh Prasanth | 2019-10-21 19:40:55 UTC | Status | NEW | CLOSED |
| CC | dmoluguw | |||
| Resolution | --- | CURRENTRELEASE | ||
| Last Closed | 2019-10-21 19:40:55 UTC | |||
| Cedric Buissart | 2021-01-08 16:50:47 UTC | Depends On | 1914372 | |
| Cedric Buissart | 2021-01-08 16:53:33 UTC | Fixed In Version | resteasy 3.1.0.CR1, resteasy 3.0.20.Final | |
| Cedric Buissart | 2021-03-24 13:09:01 UTC | Status | CLOSED | NEW |
| Resolution | CURRENTRELEASE | --- | ||
| Keywords | Reopened | |||
| Red Hat Bugzilla | 2021-09-01 04:30:10 UTC | CC | spinder | |
| Red Hat Bugzilla | 2021-10-15 11:52:09 UTC | CC | kconner | |
| Joshua Padman | 2021-10-21 00:54:45 UTC | Status | NEW | CLOSED |
| Resolution | --- | ERRATA | ||
| Last Closed | 2019-10-21 19:40:55 UTC | 2021-10-21 00:54:45 UTC | ||
| Tomer Brisker | 2021-12-14 18:47:58 UTC | CC | tbrisker |
Back to bug 1372124