Ron Sigal - Security Researcher - Exploit Intelligence Platform

CVE-2016-9606 NOMISEC HIGH WORKING POC

JBoss RESTEasy < 3.1.2 - Remote Code Execution via YamlProvider Unmarshalling

JBoss RESTEasy before version 3.1.2 could be forced into parsing a request with YamlProvider, resulting in unmarshalling of potentially untrusted data which could allow an attacker to execute arbitrary code with RESTEasy application permissions.

CVSS 8.1

View Code

CVE-2017-7561 NOMISEC HIGH WORKING POC

Red Hat JBoss EAP 3.0.7-3.0.25.Final - Server-Side Cache Poisoning via JAX-RS Component

Red Hat JBoss EAP version 3.0.7 through before 4.0.0.Beta1 is vulnerable to a server-side cache poisoning or CORS requests in the JAX-RS component resulting in a moderate impact.

CVSS 7.5

View Code

CVE-2020-1695 NOMISEC HIGH WRITEUP

Resteasy 3.0.0-3.11.9 and 4.0.0-4.5.9 - HTTP Response Header Injection via Improper Input Validation

A flaw was found in all resteasy 3.x.x versions prior to 3.12.0.Final and all resteasy 4.x.x versions prior to 4.6.0.Final, where an improper input validation results in returning an illegal header that integrates into the server's response. This flaw may result in an injection, which leads to unexpected behavior when the HTTP response is constructed.

CVSS 7.5

View Code

CVE-2020-1695 NOMISEC HIGH WRITEUP

Resteasy 3.0.0-3.11.9 and 4.0.0-4.5.9 - HTTP Response Header Injection via Improper Input Validation

A flaw was found in all resteasy 3.x.x versions prior to 3.12.0.Final and all resteasy 4.x.x versions prior to 4.6.0.Final, where an improper input validation results in returning an illegal header that integrates into the server's response. This flaw may result in an injection, which leads to unexpected behavior when the HTTP response is constructed.

CVSS 7.5

View Code

CVE-2016-9606 NOMISEC HIGH WORKING POC

JBoss RESTEasy < 3.1.2 - Remote Code Execution via YamlProvider Unmarshalling

JBoss RESTEasy before version 3.1.2 could be forced into parsing a request with YamlProvider, resulting in unmarshalling of potentially untrusted data which could allow an attacker to execute arbitrary code with RESTEasy application permissions.

CVSS 8.1

View Code

CVE-2017-7561 NOMISEC HIGH WORKING POC

Red Hat JBoss EAP 3.0.7-3.0.25.Final - Server-Side Cache Poisoning via JAX-RS Component

Red Hat JBoss EAP version 3.0.7 through before 4.0.0.Beta1 is vulnerable to a server-side cache poisoning or CORS requests in the JAX-RS component resulting in a moderate impact.

CVSS 7.5

View Code