Lucene search
RedhatResteasy
2 matches found
CVE-2012-0818
RESTEasy before 2.3.1 allows remote attackers to read arbitrary files via an external entity reference in a DOM document, aka an XML external entity (XXE) injection attack.
5CVSS9.2AI score0.01376EPSS
CVE-2011-5245
The readFrom function in providers.jaxb.JAXBXmlTypeProvider in RESTEasy before 2.3.2 allows remote attackers to read arbitrary files via an external entity reference in a Java Architecture for XML Binding (JAXB) input, aka an XML external entity (XXE) injection attack, a similar vulnerability to CV...
5CVSS9.2AI score0.01376EPSS