Uploaded image for project: 'CXF'
  1. CXF
  2. CXF-4172

Default JAX-RS XML, JSON and Form providers are open to the hash collision attacks

    XMLWordPrintableJSON

    Details

    • Estimated Complexity:
      Unknown

      Description

      Default XML, JSON and Form providers using the Maps internally are open to the hash collision attacks.

      This includes JAXBElementProvider and JSONProvider (JAXB-driven), SourceProvider, FormEncodingProvider.

        Attachments

          Activity

            People

            • Assignee:
              sergey_beryozkin Sergey Beryozkin
              Reporter:
              sergey_beryozkin Sergey Beryozkin
            • Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: