Red Hat RESTEasy 3.15.0 Alpha 1

CPE Details

Red Hat RESTEasy 3.15.0 Alpha 1
3.15.0
2021-01-14
18h35 +00:00
2021-01-14
18h35 +00:00
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:redhat:resteasy:3.15.0:alpha1:*:*:*:*:*:*

Informations

Vendor

redhat

Product

resteasy

Version

3.15.0

Update

alpha1

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2021-20293 2021-06-10 09h09 +00:00 A reflected Cross-Site Scripting (XSS) flaw was found in RESTEasy in all versions of RESTEasy up to 4.6.0.Final, where it did not properly handle URL encoding when calling @javax.ws.rs.PathParam without any @Produces MediaType. This flaw allows an attacker to launch a reflected XSS attack. The highest threat from this vulnerability is to data confidentiality and integrity.
6.1
Medium
CVE-2021-20289 2021-03-26 15h28 +00:00 A flaw was found in RESTEasy in all versions of RESTEasy up to 4.6.0.Final. The endpoint class and method names are returned as part of the exception response when RESTEasy cannot convert one of the request URI path or query values to the matching JAX-RS resource method's parameter value. The highest threat from this vulnerability is to data confidentiality.
5.3
Medium