Resteasy@2.0.0 Security Vulnerabilities and Issues — Resteasy@2.0.0 CVE List

Lucene search

RedhatResteasy2.0.0

3 matches found

CVE•added 2021/05/26 9:15 p.m.•101 views

CVE-2020-25724

A flaw was found in RESTEasy, where an incorrect response to an HTTP request is provided. This flaw allows an attacker to gain access to privileged information. The highest threat from this vulnerability is to confidentiality and integrity. Versions before resteasy 2.0.0.Alpha3 are affected.

4.3CVSS4.3AI score0.00132EPSS

CVE•added 2012/11/23 8:55 p.m.•94 views

CVE-2012-0818

RESTEasy before 2.3.1 allows remote attackers to read arbitrary files via an external entity reference in a DOM document, aka an XML external entity (XXE) injection attack.

5CVSS9.2AI score0.01376EPSS

CVE•added 2012/11/23 8:55 p.m.•78 views

CVE-2011-5245

The readFrom function in providers.jaxb.JAXBXmlTypeProvider in RESTEasy before 2.3.2 allows remote attackers to read arbitrary files via an external entity reference in a Java Architecture for XML Binding (JAXB) input, aka an XML external entity (XXE) injection attack, a similar vulnerability to CV...

5CVSS9.2AI score0.01376EPSS