Loading...

XML

Word

Printable

Details

Type: Component Upgrade
Resolution: Done
Priority: Major
Fix Version/s: 5.0.6.Final, 6.2.3.Final, 7.0.0.Alpha1
Affects Version/s: 5.0.5.Final
Component/s: None
Labels:
None

Git Pull Request:
https://github.com/resteasy/resteasy/pull/3382, https://github.com/resteasy/resteasy/pull/3380, https://github.com/resteasy/resteasy/pull/3383, https://github.com/resteasy/resteasy/pull/3423

Description

Tag: https://github.com/apache/james-mime4j/releases/tag/apache-mime4j-project-0.8.9

6.3 Diff: https://github.com/apache/james-mime4j/compare/apache-mime4j-project-0.8.8...apache-mime4j-project-0.8.9
5.0 Diff: https://github.com/apache/james-mime4j/compare/apache-mime4j-project-0.8.3...apache-mime4j-project-0.8.9

[INFO] |  \- org.jboss.resteasy:resteasy-multipart-provider:jar:5.0.5.Final:compile
[INFO] |     +- org.apache.james:apache-mime4j-dom:jar:0.8.3:compile
[INFO] |     |  \- org.apache.james:apache-mime4j-core:jar:0.8.3:compile
[INFO] |     \- org.apache.james:apache-mime4j-storage:jar:0.8.3:compile

resteasy-multipart-provider:jar:5.0.5.Final depends upon a version of mime4j which appears to be vulnerable, see https://nvd.nist.gov/vuln/detail/CVE-2022-45787

Attachments

Issue Links

is cloned by

RESTEASY-3467 Upgrade mime4j to version 0.8.11

Resolved

is incorporated by

WFLY-17638 Upgrade RESTEasy from 6.2.2.Final to 6.2.3.Final

Closed

Activity

People

Assignee:: James Perkins

Reporter:: Federico Grilli

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 2023/01/10 2:18 PM

Updated:: 2024/03/13 2:36 PM

Resolved:: 2023/01/11 1:19 AM