Approved changes feed: RSS · Atom

cpe:2.3:a:n/a:resteasy:*:*:*:*:*:*:*:*

part: a version: * update: *

VendorN/A (22f567d3-1203-528c-8f0e-3eb9c2f6ca78)
ProductResteasy (554d7438-f25f-5528-997f-fa95a78096d3)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from gcve-enriched-dumps CVE data

PURL mappings

PURLSourceLast updated
No PURL mappings for this CPE yet.

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2023-0482 vulnerable 2026-06-08 05:52:05.159938 Details available
In RESTEasy the insecure File.createTempFile() is used in the DataSourceProvider, FileProvider and Mime4JWorkaround classes which creates temp files with insecure permissions that could be read by a local user.
Published: 2023-02-17T00:00:00.000Z
Updated: 2025-03-18T16:02:42.237Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-20293 vulnerable 2026-06-08 05:29:08.920523 Details available
A reflected Cross-Site Scripting (XSS) flaw was found in RESTEasy in all versions of RESTEasy up to 4.6.0.Final, where it did not properly handle URL encoding when calling @javax.ws.rs.PathParam without any @Produces MediaType. This flaw allows an attacker to launch a reflected XSS attack. The highest threat from this vulnerability is to data confidentiality and integrity.
Published: 2021-06-10T11:09:47.000Z
Updated: 2024-08-03T17:37:24.125Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-20289 vulnerable 2026-06-08 05:29:08.900266 Details available
A flaw was found in RESTEasy in all versions of RESTEasy up to 4.6.0.Final. The endpoint class and method names are returned as part of the exception response when RESTEasy cannot convert one of the request URI path or query values to the matching JAX-RS resource method's parameter value. The highest threat from this vulnerability is to data confidentiality.
Published: 2021-03-26T16:28:44.000Z
Updated: 2024-08-03T17:37:23.769Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2020-25724 vulnerable 2026-06-08 05:23:49.262081 Details available
A flaw was found in RESTEasy, where an incorrect response to an HTTP request is provided. This flaw allows an attacker to gain access to privileged information. The highest threat from this vulnerability is to confidentiality and integrity. Versions before resteasy 2.0.0.Alpha3 are affected.
Published: 2021-05-26T20:52:06.000Z
Updated: 2024-08-04T15:40:36.746Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2020-14326 vulnerable 2026-06-08 05:19:22.985655 Details available
A vulnerability was found in RESTEasy, where RootNode incorrectly caches routes. This issue results in hash flooding, leading to slower requests with higher CPU time spent searching and adding the entry. This flaw allows an attacker to cause a denial of service.
Published: 2021-06-02T11:23:23.000Z
Updated: 2024-08-04T12:39:36.403Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2020-10688 vulnerable 2026-06-08 05:16:35.638669 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.