Org.jboss.resteasy:resteasy-core
This hub aggregates every CVE we track for Org.jboss.resteasy:resteasy-core, a product in the oss libraries space. Use it to gauge the current risk picture and drill into individual advisories.
4
CVEs tracked
0
Critical
0
High
0
In CISA KEV
Severity distribution
MEDIUM4
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2024-072026-06
Latest CVEs
The 4 most recently published vulnerabilities affecting Org.jboss.resteasy:resteasy-core.
- CVE-2023-0482In RESTEasy the insecure File.createTempFile() is used in the DataSourceProvider, FileProvider and Mime4JWorkaround classes which creates temp files with insecure permissions that could be read by ...5.5
- CVE-2021-20293A reflected Cross-Site Scripting (XSS) flaw was found in RESTEasy in all versions of RESTEasy up to 4.6.0.Final, where it did not properly handle URL encoding when calling @javax.ws.rs.PathParam wi...6.1
- CVE-2020-10688A cross-site scripting (XSS) flaw was found in RESTEasy in versions before 3.11.1.Final and before 4.5.3.Final, where it did not properly handle URL encoding when the RESTEASY003870 exception occur...6.1
- CVE-2021-20289A flaw was found in RESTEasy in all versions of RESTEasy up to 4.6.0.Final. The endpoint class and method names are returned as part of the exception response when RESTEasy cannot convert one of th...5.3
Product normalization is registry-driven with AI assist and human review. How it works