CPE-5468333E-B8EB-44FF-A9F5-D9291025CF94 Detail

CPE Details

Red Hat RESTEasy 3.0.15

Vendor

redhat

Product

resteasy

Version

3.0.15

Created

2019-03-21
12h05 +00:00

Modified

2019-03-21
12h05 +00:00

Official links

CPE NVD

Alerte pour un CPE

Stay informed of any changes for a specific CPE.

Notifications manage

List of Notifications

Alerte pour un CPE

Stay informed of any changes for a specific CPE.

Parameters

You can specify a title that will be retrieved in the alerts that will be sent out.

CPE ID

Planning

Month

Next run calculation

Day

Weekday

Hour

Minute

Creation date

Last execution

Next execution

Functionality requiring a connection

This feature, which allows you to receive alerts, is only active when you are logged into your account.

CPE Name: cpe:2.3:a:redhat:resteasy:3.0.15:::::::*

Informations

Vendor

redhat

Product

resteasy

Version

3.0.15

Related CVE

Open and find in CVE List

CVE ID	Published	Description	Score	Severity
CVE-2021-20293	2021-06-10 09h09 +00:00	A reflected Cross-Site Scripting (XSS) flaw was found in RESTEasy in all versions of RESTEasy up to 4.6.0.Final, where it did not properly handle URL encoding when calling @javax.ws.rs.PathParam without any @Produces MediaType. This flaw allows an attacker to launch a reflected XSS attack. The highest threat from this vulnerability is to data confidentiality and integrity.	6.1	Medium
CVE-2020-10688	2021-05-27 16h45 +00:00	A cross-site scripting (XSS) flaw was found in RESTEasy in versions before 3.11.1.Final and before 4.5.3.Final, where it did not properly handle URL encoding when the RESTEASY003870 exception occurs. An attacker could use this flaw to launch a reflected XSS attack.	6.1	Medium
CVE-2021-20289	2021-03-26 15h28 +00:00	A flaw was found in RESTEasy in all versions of RESTEasy up to 4.6.0.Final. The endpoint class and method names are returned as part of the exception response when RESTEasy cannot convert one of the request URI path or query values to the matching JAX-RS resource method's parameter value. The highest threat from this vulnerability is to data confidentiality.	5.3	Medium
CVE-2020-25633	2020-09-18 16h10 +00:00	A flaw was found in RESTEasy client in all versions of RESTEasy up to 4.5.6.Final. It may allow client users to obtain the server's potentially sensitive information when the server got WebApplicationException from the RESTEasy client call. The highest threat from this vulnerability is to data confidentiality.	5.3	Medium
CVE-2020-1695	2020-05-19 12h13 +00:00	A flaw was found in all resteasy 3.x.x versions prior to 3.12.0.Final and all resteasy 4.x.x versions prior to 4.6.0.Final, where an improper input validation results in returning an illegal header that integrates into the server's response. This flaw may result in an injection, which leads to unexpected behavior when the HTTP response is constructed.	7.5	High
CVE-2016-9606	2018-03-09 20h00 +00:00	JBoss RESTEasy before version 3.1.2 could be forced into parsing a request with YamlProvider, resulting in unmarshalling of potentially untrusted data which could allow an attacker to execute arbitrary code with RESTEasy application permissions.	8.1	High

Red Hat RESTEasy 3.0.15

CPE Details

CPE Name: cpe:2.3:a:redhat:resteasy:3.0.15:*:*:*:*:*:*:*

Informations

Vendor

Product

Version

Related CVE

CPE Name: cpe:2.3:a:redhat:resteasy:3.0.15:::::::*