Uploaded image for project: 'RESTEasy'
  1. RESTEasy
  2. RESTEASY-659

RestEasy and XXE injection - Services that accept XML are vulnerable to XXE attacks, Part III: Fastinfoset

    XMLWordPrintable

Details

    • Bug
    • Status: Closed (View Workflow)
    • Major
    • Resolution: Done
    • 2.3.2.Final
    • 2.3.3.Final
    • jaxrs
    • None
    • Medium

    Description

      For description, see RESTEASY-637 and RESTEASY-647. I fixed the problem for org.w3c.dom.Document inputs and JAXB XML inputs, but not for fastinfoset representation.

      Attachments

        Issue Links

          Activity

            People

              rsigal@redhat.com Ronald Sigal
              adkathuria_jira anuj kathuria (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: