CVE-2018-1051 is a vulnerability in Red Hat Resteasy
Published on January 25, 2018
It was found that the fix for CVE-2016-9606 in versions 3.0.22 and 3.1.2 was incomplete and Yaml unmarshalling in Resteasy is still possible via `Yaml.load()` in YamlProvider.
Weakness Type
Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
Products Associated with CVE-2018-1051
Want to know whenever a new CVE is published for Red Hat Resteasy? stack.watch will email you.
Affected Versions
Red Hat, Inc. resteasy:- Version after 3.0.22 is affected.
- Version after 3.1.2 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.