Loading...

XML

Word

Printable

Type: Bug
Resolution: Duplicate
Priority: Major
Fix Version/s: None
Affects Version/s: 7.1.0.CR2
Component/s: Documentation
Labels:
None

CDW devel_ack:
CDW docs_ack:
CDW pm_ack:
CDW qa_ack:
CDW release:
Target Release:

7.1.z.GA

SFDC Cases Counter:
SFDC Cases Open:
SFDC Cases Links:

Book: Developing applications for Web Services
Chapter: 2.5.13. YAML Provider

Could you please add a note which says that it is not recommended to use yaml provider because of the security vulnerability:

RESTEasy has a provider for YAML using the SnakeYAML library.
The usage of the module is not recommended due to security issue in SnakeYAML library used by RESTEasy for unmarshaling. If you want to enable this anyway,
you must update the following dependencies into the project POM file of your application...

clones

JBEAP-13479 [7.0] Development guide for Webservices - Yaml provider note that it is not recommended

Closed

relates to

JBEAP-13414 [7.1] Fix Migration guide for EAP 7.1

Closed

Assignee:: Nidhi Chaudhary

Reporter:: Katerina Odabasi (Inactive)

Tester:: Katerina Odabasi (Inactive)

QA Contact:: Katerina Odabasi (Inactive)

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Created:: 2017/10/12 5:51 AM

Updated:: 2017/11/16 4:56 PM

Resolved:: 2017/11/16 4:56 PM

Details

Description

Attachments

Issue Links

Activity

People

Dates

Hide