Description
RESTEasy enables GZIPInterceptor, which allows remote attackers to cause a denial of service via unspecified vectors.
Remediation
References
http://www.securityfocus.com/bid/92744
https://bugzilla.redhat.com/show_bug.cgi?id=1372120
https://access.redhat.com/errata/RHSA-2018:0005
https://access.redhat.com/errata/RHSA-2018:0004
https://access.redhat.com/errata/RHSA-2018:0003
https://access.redhat.com/errata/RHSA-2018:0002
https://access.redhat.com/errata/RHSA-2017:1676
https://access.redhat.com/errata/RHSA-2017:1675
http://rhn.redhat.com/errata/RHSA-2017-0829.html
http://rhn.redhat.com/errata/RHSA-2017-0828.html
http://rhn.redhat.com/errata/RHSA-2017-0827.html
http://rhn.redhat.com/errata/RHSA-2017-0826.html
http://rhn.redhat.com/errata/RHSA-2017-0517.html
https://access.redhat.com/errata/RHSA-2018:2143
https://access.redhat.com/errata/RHSA-2019:1222
Related Vulnerabilities
CVE-2018-8041 Vulnerability in maven package org.apache.camel:camel-mail
CVE-2023-26920 Vulnerability in maven package org.webjars.npm:fast-xml-parser
CVE-2019-1003005 Vulnerability in maven package org.jenkins-ci.plugins:script-security
CVE-2022-31692 Vulnerability in maven package org.springframework.security:spring-security-web
CVE-2016-11023 Vulnerability in maven package org.odata4j:odata4j-core