← back
CVE-2014-7839

CVE-2014-7839

EPSS 2.0%
DocumentProvider in RESTEasy 2.3.7 and 3.0.9 does not configure the (1) external-general-entities or (2) external-parameter-entities features, which allows remote attackers to conduct XML external entity (XXE) attacks via unspecified vectors.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://rhn.redhat.com/errata/RHSA-2015-0675.htmlhttp://rhn.redhat.com/errata/RHSA-2015-0773.htmlhttp://rhn.redhat.com/errata/RHSA-2015-0850.htmlhttp://rhn.redhat.com/errata/RHSA-2015-0851.htmlhttp://secunia.com/advisories/62580https://issues.jboss.org/browse/RESTEASY-1130