Scientific Linux Security Update : resteasy-base on SL7.x (noarch)
High Nessus Plugin ID 95859
SynopsisThe remote Scientific Linux host is missing one or more security updates.
DescriptionSecurity Fix(es) :
- It was discovered that under certain conditions RESTEasy could be forced to parse a request with SerializableProvider, resulting in deserialization of potentially untrusted data. An attacker could possibly use this flaw to execute arbitrary code with the permissions of the application using RESTEasy.
Additional Changes :
SolutionUpdate the affected packages.