6 matches found
Linux Distros Unpatched Vulnerability : CVE-2021-20293
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A reflected Cross-Site Scripting XSS flaw was found in RESTEasy in all versions of RESTEasy up to 4.6.0.Final, where it did not properly handle URL encoding whe...
RHEL 8 : resteasy (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - RESTEasy: PathParam in RESTEasy can lead to a reflected XSS attack CVE-2021-20293 Note that Nessus has not tested f...
Moderate: Red Hat Security Advisory: Red Hat Integration - Service Registry release and security update [2.0.2.GA]
An update to the images for Red Hat Integration Service Registry is now available from the Red Hat Container Catalog. The purpose of this text-only errata is to inform you about the security issues fixed in this release. Red Hat Product Security has rated this update as having a security impact o...
com.wavefront:proxy (>=11.0 <=11.0-RC3), com.wavefront:proxy-test (>=999.0 <=9999.0-RC2) +1 more potentially affected by CVE-2021-20293 via org.jboss.resteasy:resteasy-bom (>=3.13.0.Final <=3.13.2.Final)
org.jboss.resteasy:resteasy-bom MAVEN version =3.13.0.Final, =11.0, =999.0, =999.0, =999.7 Source cves: CVE-2021-20293 Source advisory: OSV:GHSA-5H26-C766-G93V...
CVE-2021-20293
Removed by vendor...
CVE-2021-20293
A reflected Cross-Site Scripting XSS flaw was found in RESTEasy in all versions of RESTEasy up to 4.6.0.Final, where it did not properly handle URL encoding when calling @javax.ws.rs.PathParam without any @Produces MediaType. This flaw allows an attacker to launch a reflected XSS attack. The...