Use of unsafe third-party libraries #1
Description
Brief description of bug
Self-Diagnosis
- I did a vulnerability check on this project
- The results show that this project uses a third-party library with security vulnerabilities
- The library used by this project:resteasy-pom-1.2.GA.pom. Exist in the National Information Security Vulnerability Database
Environment(for bug reports)
- Operating System:Mac OS
The results of My vulnerability test
-------------------- Vulnerabilities Report --------------------
Found 2 vulnerabilities in target JAVA project
[1]
- CVE No: CVE-2014-3490
- CVE Level: high
- CVE Jar Name: resteasy-pom-1.2.GA.pom
- CVE Method Name: org.jboss.resteasy.plugins.providers.jaxb.ExternalEntityUnmarshaller.unmarshal
- CVE Vulnerable Line: 159
- File Containing This CVE in Project:
(1)- File Name: providers/jaxb/src/main/java/org/jboss/resteasy/plugins/providers/jaxb/ExternalEntityUnmarshaller.java
- Line: 134
- Column: 13
[2]
- CVE No: CVE-2014-3490
- CVE Level: high
- CVE Jar Name: resteasy-pom-1.2.GA.pom
- CVE Method Name: org.jboss.resteasy.plugins.providers.jaxb.ExternalEntityUnmarshaller.unmarshal
- CVE Vulnerable Line: 206
- File Containing This CVE in Project:
(1)- File Name: providers/jaxb/src/main/java/org/jboss/resteasy/plugins/providers/jaxb/ExternalEntityUnmarshaller.java
- Line: 134
- Column: 13