Back to bug 1372129
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Jason Shepherd | 2016-09-01 01:26:36 UTC | Blocks | 1371804 | |
| Jason Shepherd | 2016-09-01 01:27:36 UTC | Depends On | 1372130 | |
| Jason Shepherd | 2016-09-01 02:18:36 UTC | Blocks | 1372141 | |
| Jason Shepherd | 2016-09-01 07:24:24 UTC | Doc Text | It was found that in some configurations the JacksonJsonpInterceptor is activated by default in RESTEasy. An attacker could use this flaw to launch a Cross Site Scripting Inclusion attack. | |
| Jason Shepherd | 2016-09-02 05:35:26 UTC | Blocks | 1372565 | |
| Jason Shepherd | 2016-09-02 05:38:37 UTC | Blocks | 1372568 | |
| Jason Shepherd | 2016-09-02 05:42:39 UTC | Blocks | 1372571 | |
| Kurt Seifried | 2017-07-14 21:15:27 UTC | CC | lzap, mhulan, tbrisker | |
| Whiteboard | impact=low,public=20160901,reported=20160829,source=researcher,cvss2=2.6/AV:N/AC:H/Au:N/C:P/I:N/A:N,cvss3=3.1/CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N,eap-7/REST=wontfix,fedora-all/resteasy=affected,eap-6/RESTEasy=wontfix,eap-5/jbossas=wontfix,bpms-6/Build and Assembly=wontfix,brms-6/Build and Assembly=wontfix,jdg-6/Build=wontfix,jdv-6/Productization=wontfix,brms-5/Security=wontfix,soap-5/Security=wontfix,fsw-6/SwitchYard=wontfix,fuse-6/SwitchYard=new,jon-3/REST=wontfix,jpp-6/Requirements=wontfix,rhsso-7/Core=wontfix,rhev-m-3/vdsm-jsonrpc-java=new,rhn_satellite_6/Security=new,sam-1/katello=new | impact=low,public=20160901,reported=20160829,source=researcher,cvss2=2.6/AV:N/AC:H/Au:N/C:P/I:N/A:N,cvss3=3.1/CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N,eap-7/REST=wontfix,fedora-all/resteasy=affected,eap-6/RESTEasy=wontfix,eap-5/jbossas=wontfix,bpms-6/Build and Assembly=wontfix,brms-6/Build and Assembly=wontfix,jdg-6/Build=wontfix,jdv-6/Productization=wontfix,brms-5/Security=wontfix,soap-5/Security=wontfix,fsw-6/SwitchYard=wontfix,fuse-6/SwitchYard=new,jon-3/REST=wontfix,jpp-6/Requirements=wontfix,rhsso-7/Core=wontfix,rhev-m-3/vdsm-jsonrpc-java=new,rhn_satellite_6/Security=affected,sam-1/katello=new | ||
| Kurt Seifried | 2017-07-14 21:16:11 UTC | Depends On | 1471280, 1471279 | |
| Bryan Kearney | 2017-08-08 20:44:57 UTC | CC | bcourt, mstead | |
| Kurt Seifried | 2017-08-15 17:00:56 UTC | Whiteboard | impact=low,public=20160901,reported=20160829,source=researcher,cvss2=2.6/AV:N/AC:H/Au:N/C:P/I:N/A:N,cvss3=3.1/CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N,eap-7/REST=wontfix,fedora-all/resteasy=affected,eap-6/RESTEasy=wontfix,eap-5/jbossas=wontfix,bpms-6/Build and Assembly=wontfix,brms-6/Build and Assembly=wontfix,jdg-6/Build=wontfix,jdv-6/Productization=wontfix,brms-5/Security=wontfix,soap-5/Security=wontfix,fsw-6/SwitchYard=wontfix,fuse-6/SwitchYard=new,jon-3/REST=wontfix,jpp-6/Requirements=wontfix,rhsso-7/Core=wontfix,rhev-m-3/vdsm-jsonrpc-java=new,rhn_satellite_6/Security=affected,sam-1/katello=new | impact=low,public=20160901,reported=20160829,source=researcher,cvss2=2.6/AV:N/AC:H/Au:N/C:P/I:N/A:N,cvss3=3.1/CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N,eap-7/REST=wontfix,fedora-all/resteasy=affected,eap-6/RESTEasy=wontfix,eap-5/jbossas=wontfix,bpms-6/Build and Assembly=wontfix,brms-6/Build and Assembly=wontfix,jdg-6/Build=wontfix,jdv-6/Productization=wontfix,brms-5/Security=wontfix,soap-5/Security=wontfix,fsw-6/SwitchYard=wontfix,fuse-6/SwitchYard=new,jon-3/REST=wontfix,jpp-6/Requirements=wontfix,rhsso-7/Core=wontfix,rhev-m-3/vdsm-jsonrpc-java=new,rhn_satellite_6/Security=notaffected,sam-1/katello=new |
| Kurt Seifried | 2017-08-15 17:09:55 UTC | Depends On | 1481780 | |
| Scott Herold | 2017-09-12 15:28:53 UTC | CC | sherold | |
| PnT Account Manager | 2017-12-07 23:58:18 UTC | CC | felias | |
| Oved Ourfali | 2018-01-04 09:48:09 UTC | CC | oourfali | |
| PnT Account Manager | 2018-01-30 20:39:45 UTC | CC | hchiorea | |
| PnT Account Manager | 2018-02-06 19:24:35 UTC | CC | hfnukal | |
| PnT Account Manager | 2018-03-05 15:03:20 UTC | CC | bazulay | |
| Chess Hazlett | 2018-04-20 15:36:42 UTC | CC | drieden, pdrozd, sthorger | |
| Whiteboard | impact=low,public=20160901,reported=20160829,source=researcher,cvss2=2.6/AV:N/AC:H/Au:N/C:P/I:N/A:N,cvss3=3.1/CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N,eap-7/REST=wontfix,fedora-all/resteasy=affected,eap-6/RESTEasy=wontfix,eap-5/jbossas=wontfix,bpms-6/Build and Assembly=wontfix,brms-6/Build and Assembly=wontfix,jdg-6/Build=wontfix,jdv-6/Productization=wontfix,brms-5/Security=wontfix,soap-5/Security=wontfix,fsw-6/SwitchYard=wontfix,fuse-6/SwitchYard=new,jon-3/REST=wontfix,jpp-6/Requirements=wontfix,rhsso-7/Core=wontfix,rhev-m-3/vdsm-jsonrpc-java=new,rhn_satellite_6/Security=notaffected,sam-1/katello=new | impact=low,public=20160901,reported=20160829,source=researcher,cvss2=2.6/AV:N/AC:H/Au:N/C:P/I:N/A:N,cvss3=3.1/CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N,eap-7/REST=wontfix,fedora-all/resteasy=affected,eap-6/RESTEasy=wontfix,eap-5/jbossas=wontfix,bpms-6/Build and Assembly=wontfix,brms-6/Build and Assembly=wontfix,jdg-6/Build=notaffected,jdv-6/Productization=wontfix,brms-5/Security=wontfix,soap-5/Security=wontfix,fsw-6/SwitchYard=wontfix,fuse-6/SwitchYard=new,jon-3/REST=wontfix,jpp-6/Requirements=notaffected,rhsso-7/Core=notaffected,rhev-m-3/vdsm-jsonrpc-java=new,rhn_satellite_6/Security=notaffected,sam-1/katello=new,jdg-7/resteasy=affected | ||
| PnT Account Manager | 2018-05-10 18:17:47 UTC | CC | pavelp | |
| PnT Account Manager | 2018-06-29 22:14:16 UTC | CC | kseifried | |
| PnT Account Manager | 2018-11-05 22:46:46 UTC | CC | ylavi | |
| Gil Klein | 2019-04-14 12:59:08 UTC | CC | gklein | |
| PnT Account Manager | 2019-04-22 21:31:11 UTC | CC | tjay | |
| Marek Goldmann | 2019-06-08 07:56:12 UTC | CC | mgoldman | |
| Lukáš Petrovický | 2019-09-24 14:08:53 UTC | CC | lpetrovi | |
| Product Security DevOps Team | 2019-09-29 13:55:15 UTC | Whiteboard | impact=low,public=20160901,reported=20160829,source=researcher,cvss2=2.6/AV:N/AC:H/Au:N/C:P/I:N/A:N,cvss3=3.1/CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N,eap-7/REST=wontfix,fedora-all/resteasy=affected,eap-6/RESTEasy=wontfix,eap-5/jbossas=wontfix,bpms-6/Build and Assembly=wontfix,brms-6/Build and Assembly=wontfix,jdg-6/Build=notaffected,jdv-6/Productization=wontfix,brms-5/Security=wontfix,soap-5/Security=wontfix,fsw-6/SwitchYard=wontfix,fuse-6/SwitchYard=new,jon-3/REST=wontfix,jpp-6/Requirements=notaffected,rhsso-7/Core=notaffected,rhev-m-3/vdsm-jsonrpc-java=new,rhn_satellite_6/Security=notaffected,sam-1/katello=new,jdg-7/resteasy=affected | |
| PnT Account Manager | 2019-11-05 01:06:54 UTC | CC | psakar | |
| Jeff Fearn 🐞 | 2020-04-27 01:34:16 UTC | CC | jbpapp-maint | |
| Jeff Fearn 🐞 | 2020-04-27 01:37:45 UTC | CC | Rhev-m-bugs | |
| PnT Account Manager | 2020-10-16 22:24:50 UTC | CC | pgier | |
| PnT Account Manager | 2020-10-20 21:09:10 UTC | CC | vhalbert | |
| PnT Account Manager | 2020-11-12 22:19:43 UTC | CC | miburman | |
| Cedric Buissart | 2021-01-08 16:51:21 UTC | Depends On | 1914374 | |
| Cedric Buissart | 2021-01-08 16:53:46 UTC | Fixed In Version | resteasy 3.1.0.CR1, resteasy 3.0.20.Final | |
| Red Hat Bugzilla | 2021-03-23 23:37:57 UTC | CC | dblechte | |
| Red Hat Bugzilla | 2021-09-01 04:30:07 UTC | CC | spinder | |
| Red Hat Bugzilla | 2021-10-15 11:52:05 UTC | CC | kconner | |
| Joshua Padman | 2021-10-21 00:54:56 UTC | Status | NEW | CLOSED |
| Resolution | --- | ERRATA | ||
| Last Closed | 2021-10-21 00:54:56 UTC | |||
| Tomer Brisker | 2021-12-14 18:47:58 UTC | CC | tbrisker |
Back to bug 1372129