Description

A flaw was found in RESTEasy, where an incorrect response to an HTTP request is provided. This flaw allows an attacker to gain access to privileged information. The highest threat from this vulnerability is to confidentiality and integrity. Versions before resteasy 2.0.0.Alpha3 are affected.

Remediation

References

https://bugzilla.redhat.com/show_bug.cgi?id=1899354

https://security.netapp.com/advisory/ntap-20210702-0003/

Related Vulnerabilities

CVE-2022-40309 Vulnerability in maven package org.apache.archiva:maven2-repository

CVE-2023-29215 Vulnerability in maven package org.apache.linkis:linkis-common

CVE-2023-26126 Vulnerability in npm package m.static

CVE-2023-3691 Vulnerability in maven package org.webjars.bowergithub.layui:layui

CVE-2022-39975 Vulnerability in maven package com.liferay.portal:release.portal.bom

Severity

Medium

Classification

CWE-567 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Tags

Issue Tracking Vendor Advisory Third Party Advisory