Approved changes feed: RSS · Atom
cpe:2.3:a:n/a:resteasy:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | N/A (22f567d3-1203-528c-8f0e-3eb9c2f6ca78) |
|---|---|
| Product | Resteasy (554d7438-f25f-5528-997f-fa95a78096d3) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2023-0482 |
vulnerable | 2026-06-08 05:52:05.159938 |
Details available
In RESTEasy the insecure File.createTempFile() is used in the DataSourceProvider, FileProvider and Mime4JWorkaround classes which creates temp files with insecure permissions that could be read by a local user.
Published: 2023-02-17T00:00:00.000Z
Updated: 2025-03-18T16:02:42.237Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-20293 |
vulnerable | 2026-06-08 05:29:08.920523 |
Details available
A reflected Cross-Site Scripting (XSS) flaw was found in RESTEasy in all versions of RESTEasy up to 4.6.0.Final, where it did not properly handle URL encoding when calling @javax.ws.rs.PathParam without any @Produces MediaType. This flaw allows an attacker to launch a reflected XSS attack. The highest threat from this vulnerability is to data confidentiality and integrity.
Published: 2021-06-10T11:09:47.000Z
Updated: 2024-08-03T17:37:24.125Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-20289 |
vulnerable | 2026-06-08 05:29:08.900266 |
Details available
A flaw was found in RESTEasy in all versions of RESTEasy up to 4.6.0.Final. The endpoint class and method names are returned as part of the exception response when RESTEasy cannot convert one of the request URI path or query values to the matching JAX-RS resource method's parameter value. The highest threat from this vulnerability is to data confidentiality.
Published: 2021-03-26T16:28:44.000Z
Updated: 2024-08-03T17:37:23.769Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2020-25724 |
vulnerable | 2026-06-08 05:23:49.262081 |
Details available
A flaw was found in RESTEasy, where an incorrect response to an HTTP request is provided. This flaw allows an attacker to gain access to privileged information. The highest threat from this vulnerability is to confidentiality and integrity. Versions before resteasy 2.0.0.Alpha3 are affected.
Published: 2021-05-26T20:52:06.000Z
Updated: 2024-08-04T15:40:36.746Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2020-14326 |
vulnerable | 2026-06-08 05:19:22.985655 |
Details available
A vulnerability was found in RESTEasy, where RootNode incorrectly caches routes. This issue results in hash flooding, leading to slower requests with higher CPU time spent searching and adding the entry. This flaw allows an attacker to cause a denial of service.
Published: 2021-06-02T11:23:23.000Z
Updated: 2024-08-04T12:39:36.403Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2020-10688 |
vulnerable | 2026-06-08 05:16:35.638669 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.