Known Vulnerabilities for Resteasy by Redhat
Listed below are 10 of the newest known vulnerabilities associated with "Resteasy" by "Redhat".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2021-20293 | A reflected Cross-Site Scripting (XSS) flaw was found in RESTEasy in all versions of RESTEasy up to 4.6.0.Final, where it did... | 6.1 - MEDIUM | 2021-06-10 | 2021-09-20 |
| CVE-2021-20289 | A flaw was found in RESTEasy in all versions of RESTEasy up to 4.6.0.Final. The endpoint class and method names are returned ... | 5.3 - MEDIUM | 2021-03-26 | 2022-05-10 |
| CVE-2020-25724 | A flaw was found in RESTEasy, where an incorrect response to an HTTP request is provided. This flaw allows an attacker to gai... | 4.3 - MEDIUM | 2021-05-26 | 2022-05-13 |
| CVE-2020-25633 | A flaw was found in RESTEasy client in all versions of RESTEasy up to 4.5.6.Final. It may allow client users to obtain the se... | 5.3 - MEDIUM | 2020-09-18 | 2023-11-07 |
| CVE-2020-14326 | A vulnerability was found in RESTEasy, where RootNode incorrectly caches routes. This issue results in hash flooding, leading... | 7.5 - HIGH | 2021-06-02 | 2022-07-15 |
| CVE-2020-10688 | A cross-site scripting (XSS) flaw was found in RESTEasy in versions before 3.11.1.Final and before 4.5.3.Final, where it did ... | 6.1 - MEDIUM | 2021-05-27 | 2022-05-13 |
| CVE-2020-1695 | A flaw was found in all resteasy 3.x.x versions prior to 3.12.0.Final and all resteasy 4.x.x versions prior to 4.6.0.Final, w... | 7.5 - HIGH | 2020-05-19 | 2023-11-07 |
| CVE-2018-1051 | It was found that the fix for CVE-2016-9606 in versions 3.0.22 and 3.1.2 was incomplete and Yaml unmarshalling in Resteasy is... | 8.1 - HIGH | 2018-01-25 | 2019-10-09 |
| CVE-2016-6346 | RESTEasy enables GZIPInterceptor, which allows remote attackers to cause a denial of service via unspecified vectors. | 7.5 - HIGH | 2016-09-07 | 2019-05-14 |
| CVE-2016-6345 | RESTEasy allows remote authenticated users to obtain sensitive information by leveraging "insufficient use of random values" ... | 6.5 - MEDIUM | 2016-09-07 | 2016-09-08 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Redhat | Resteasy | 4.6.0 | All | All | All |
| Application | Redhat | Resteasy | 4.5.8 | - | All | All |
| Application | Redhat | Resteasy | 4.5.8 | sp1 | All | All |
| Application | Redhat | Resteasy | 4.5.7 | All | All | All |
| Application | Redhat | Resteasy | 4.5.6 | All | All | All |
| Application | Redhat | Resteasy | 4.5.5 | All | All | All |
| Application | Redhat | Resteasy | 4.5.4 | All | All | All |
| Application | Redhat | Resteasy | 4.5.3 | All | All | All |
| Application | Redhat | Resteasy | 4.5.2 | All | All | All |
| Application | Redhat | Resteasy | 4.5.1 | All | All | All |
| Application | Redhat | Resteasy | 4.5.0 | All | All | All |
| Application | Redhat | Resteasy | 4.4.2 | All | All | All |
| Application | Redhat | Resteasy | 4.4.1 | All | All | All |
| Application | Redhat | Resteasy | 4.4.0 | - | All | All |
| Application | Redhat | Resteasy | 4.4.0 | continuous_release1 | All | All |
| Application | Redhat | Resteasy | 4.3.1 | All | All | All |
| Application | Redhat | Resteasy | 4.3.0 | All | All | All |
| Application | Redhat | Resteasy | 4.2.0 | All | All | All |
| Application | Redhat | Resteasy | 4.1.1 | All | All | All |
| Application | Redhat | Resteasy | 4.1.0 | All | All | All |