cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2020-25633,https://securityvulnerability.io/vulnerability/CVE-2020-25633,,A flaw was found in RESTEasy client in all versions of RESTEasy up to 4.5.6.Final. It may allow client users to obtain the server's potentially sensitive information when the server got WebApplicationException from the RESTEasy client call. The highest threat from this vulnerability is to data confidentiality.,Red Hat,Resteasy-client,5.3,MEDIUM,0.0008399999933317304,false,false,false,false,,false,false,2020-09-18T18:10:44.000Z,0
CVE-2020-1695,https://securityvulnerability.io/vulnerability/CVE-2020-1695,,"A flaw was found in all resteasy 3.x.x versions prior to 3.12.0.Final and all resteasy 4.x.x versions prior to 4.6.0.Final, where an improper input validation results in returning an illegal header that integrates into the server's response. This flaw may result in an injection, which leads to unexpected behavior when the HTTP response is constructed.",Red Hat,Resteasy,7.5,HIGH,0.0010999999940395355,false,false,false,false,,false,false,2020-05-19T14:13:10.000Z,0
CVE-2016-9606,https://securityvulnerability.io/vulnerability/CVE-2016-9606,,"JBoss RESTEasy before version 3.1.2 could be forced into parsing a request with YamlProvider, resulting in unmarshalling of potentially untrusted data which could allow an attacker to execute arbitrary code with RESTEasy application permissions.",Red Hat,Resteasy,8.1,HIGH,0.021560000255703926,false,false,false,false,,false,false,2018-03-09T20:29:00.000Z,0
CVE-2018-1051,https://securityvulnerability.io/vulnerability/CVE-2018-1051,,It was found that the fix for CVE-2016-9606 in versions 3.0.22 and 3.1.2 was incomplete and Yaml unmarshalling in Resteasy is still possible via `Yaml.load()` in YamlProvider.,Red Hat,Resteasy,8.1,HIGH,0.001509999972768128,false,false,false,false,,false,false,2018-01-25T20:00:00.000Z,0
CVE-2017-7561,https://securityvulnerability.io/vulnerability/CVE-2017-7561,,Red Hat JBoss EAP version 3.0.7 through before 4.0.0.Beta1 is vulnerable to a server-side cache poisoning or CORS requests in the JAX-RS component resulting in a moderate impact.,Red Hat,Resteasy,7.5,HIGH,0.006180000025779009,false,false,false,false,,false,false,2017-09-13T17:29:00.000Z,0