6:42 a.m.
our sonatype scan reported below vulnerability for RestEasy jaxrs 3.15.1
Final.CVE-2021-20289 when will be a new version release with this fix.
3:48 p.m.
This was resolved with RESTEASY-2843
<https://issues.redhat.com/browse/RESTEASY-2843> [1] and will be included
in 3.15.2. However it's not a critical CVE and it's has an easy workaround
of using an ExceptionMapper or another way of not having endpoints return
the raw exception.
[1]: https://issues.redhat.com/browse/RESTEASY-2843
On Tue, Apr 27, 2021 at 3:42 AM Aishwarya soma <aishsoma555(a)gmail.com>
wrote:
our sonatype scan reported below vulnerability for RestEasy jaxrs
3.15.1
Final.CVE-2021-20289 when will be a new version release with this fix.
_______________________________________________
resteasy-dev mailing list -- resteasy-dev(a)lists.jboss.org
To unsubscribe send an email to resteasy-dev-leave(a)lists.jboss.org
--
James R. Perkins
JBoss by Red Hat
1092
days inactive
1093
days old
1 comments
2 participants
participants (2)
-
Aishwarya soma -
James Perkins