Linux Distros Unpatched Vulnerability : CVE-2020-10688

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A cross-site scripting XSS flaw was found in RESTEasy in versions before 3.11.1.Final and before 4.5.3.Final, where it did not properly handle URL encoding when...

Linux Distros Unpatched Vulnerability : CVE-2020-14326

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in RESTEasy, where RootNode incorrectly caches routes. This issue results in hash flooding, leading to slower requests with higher CPU...

ROS-20250812-05

A vulnerability in the framework that enables the development and deployment of RESTful services and RESTEasy applications is related to the insecure creation of temporary files. Exploitation of the vulnerability could allow an attacker to gain access to confidential information...

ROS-20250807-05

The vulnerability of the RESTEasy software tool is related to incorrect input data validation, leading to the return of an invalid header that is integrated into the server response. Exploitation of the vulnerability could Allow an attacker acting remotely to execute arbitrary code A vulnerabilit...

io.quarkus:quarkus-resteasy: Memory Leak in Quarkus RESTEasy Classic When Client Requests Timeout

A flaw was found in the quarkus-resteasy extension, which causes memory leaks when client requests with low timeouts are made. If a client request times out, a buffer is not released correctly, leading to increased memory usage and eventual application crash due to OutOfMemoryError...

Security Bulletin: Vulnerabilities in quarkus-resteasy affects IBM watsonx Orchestrate with watsonx Assistant Cartridge

Summary Potential vulnerability in quarkus-resteasy has been identified that affects IBM watsonx Orchestrate with watsonx Assistant Cartridge - UAB Component. The vulnerability has been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2025-1634 DESCRIPTION: ...

Ubuntu: Security Advisory (USN-7630-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.04 : RESTEasy vulnerabilities (USN-7630-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.04 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7630-1 advisory. It was discovered that RESTEasy made insufficient use of random values in asynchronous jobs. An...

USN-7630-1: RESTEasy vulnerabilities

It was discovered that RESTEasy made insufficient use of random values in asynchronous jobs. An attacker could possibly use this issue to steal user data. This issue only affected Ubuntu 14.04 LTS. CVE-2016-6345 It was discovered that RESTEasy enabled a vulnerable GZIP decompression module by...

USN-7630-1 resteasy, resteasy3.0 vulnerabilities

It was discovered that RESTEasy made insufficient use of random values in asynchronous jobs. An attacker could possibly use this issue to steal user data. This issue only affected Ubuntu 16.04 LTS. CVE-2016-6345 It was discovered that RESTEasy enabled a vulnerable GZIP decompression module by...

io.quarkus:quarkus-resteasy: Memory Leak in Quarkus RESTEasy Classic When Client Requests Timeout

A flaw was found in the quarkus-resteasy extension, which causes memory leaks when client requests with low timeouts are made. If a client request times out, a buffer is not released correctly, leading to increased memory usage and eventual application crash due to OutOfMemoryError...

Security Bulletin: IBM i Modernization Engine for Lifecycle Integration is vulnerable to multiple vulnerabilities

Summary There are multiple vulnerabilities in components of IBM i Modernization Engine for Lifecycle Integration as described in the Vulnerability Details section. Google Guava and Apache James MIME4J could allow a local authenticated attacker to obtain sensitive information. Pivota Spring...

io.hawt:hawtio-wildfly (=2.17.7), io.kokuwa.keycloak:keycloak-event-metrics (>=0.1.0 <=1.0.0) +133 more potentially affected by CVE-2024-12369 via org.wildfly.security:wildfly-elytron-http-oidc (>=1.17.0.Final <=2.2.8.Final)

org.wildfly.security:wildfly-elytron-http-oidc MAVEN version =1.17.0.Final, =0.1.0, =9.4.45.v20220203, =9.4.45.v20220203, =9.4.45.v20220203, =10.0.8, =12.0.1, =12.0.1, =12.0.1, =10.0.10, =13.0.0.CR1, =3.1.0.Final, =3.1.1.Alpha1 - org.jboss.resteasy.spring:galleon-feature-pack-layers-metadata-test...

Security Bulletin: IBM Observability with Instana (OnPrem) is affected by multiple security vulnerabilities

Summary Multiple vulnerabilities were remediated in IBM Observability with Instana OnPrem build 1.0.291 Vulnerability Details CVEID:CVE-2021-20293 DESCRIPTION: RESTEasy is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit thi...

Ubuntu: Security Advisory (USN-7351-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-7351-1: RESTEasy vulnerabilities

Nikos Papadopoulos discovered that RESTEasy improperly handled URL encoding when certain errors occur. An attacker could possibly use this issue to modify the app's behavior for other users through the network. CVE-2020-10688 Mirko Selber discovered that RESTEasy improperly validated user input...

USN-7351-1 resteasy vulnerabilities

Nikos Papadopoulos discovered that RESTEasy improperly handled URL encoding when certain errors occur. An attacker could possibly use this issue to modify the app's behavior for other users through the network. CVE-2020-10688 Mirko Selber discovered that RESTEasy improperly validated user input...

Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 : RESTEasy vulnerabilities (USN-7351-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7351-1 advisory. Nikos Papadopoulos discovered that RESTEasy improperly handled URL encoding when certain errors occur. An attacker could...

Denial Of Service (DoS)

io.quarkus, quarkus-resteasy is vulnerable to Denial Of Service DoS. The vulnerability is due to improper resource management, where a buffer is not correctly released when a client request times out. It allows an attacker to trigger memory leaks by sending multiple client requests with low...

Linux Distros Unpatched Vulnerability : CVE-2020-25633

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in RESTEasy client in all versions of RESTEasy up to 4.5.6.Final. It may allow client users to obtain the server's potentially sensitive...