Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2020-25633

Опубликовано: 18 сент. 2020
Источник: debian
EPSS Низкий

Описание

A flaw was found in RESTEasy client in all versions of RESTEasy up to 4.5.6.Final. It may allow client users to obtain the server's potentially sensitive information when the server got WebApplicationException from the RESTEasy client call. The highest threat from this vulnerability is to data confidentiality.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
resteasyunfixedpackage
resteasy3.0unfixedpackage
resteasy3.0ignoredtrixiepackage
resteasy3.0ignoredbookwormpackage
resteasy3.0ignoredbullseyepackage
resteasy3.0ignoredbusterpackage

Примечания

  • https://bugzilla.redhat.com/show_bug.cgi?id=1879042

  • https://issues.redhat.com/browse/RESTEASY-2721

  • https://issues.redhat.com/browse/RESTEASY-2728

  • https://issues.redhat.com/browse/RESTEASY-2781

  • Fixed in 3.11.3, 4.6.0, 3.14.0, 4.4.3, 3.5.9

EPSS

Процентиль: 51%
0.00276
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2020-25633

CVSS3: 5.3
ubuntu
больше 5 лет назад

A flaw was found in RESTEasy client in all versions of RESTEasy up to 4.5.6.Final. It may allow client users to obtain the server's potentially sensitive information when the server got WebApplicationException from the RESTEasy client call. The highest threat from this vulnerability is to data confidentiality.

redhat логотип

CVE-2020-25633

CVSS3: 5.3
redhat
больше 5 лет назад

A flaw was found in RESTEasy client in all versions of RESTEasy up to 4.5.6.Final. It may allow client users to obtain the server's potentially sensitive information when the server got WebApplicationException from the RESTEasy client call. The highest threat from this vulnerability is to data confidentiality.

nvd логотип

CVE-2020-25633

CVSS3: 5.3
nvd
больше 5 лет назад

A flaw was found in RESTEasy client in all versions of RESTEasy up to 4.5.6.Final. It may allow client users to obtain the server's potentially sensitive information when the server got WebApplicationException from the RESTEasy client call. The highest threat from this vulnerability is to data confidentiality.

github логотип

GHSA-hr32-mgpm-qf2f

CVSS3: 5.3
github
больше 4 лет назад

Generation of Error Message Containing Sensitive Information in RESTEasy client

fstec логотип

BDU:2025-11755

CVSS3: 5.3
fstec
больше 5 лет назад

Уязвимость программного средства RESTEasy, связанная с генерацией сообщений об ошибке, содержащего конфиденциальную информацию, позволяющая нарушителю раскрыть конфиденциальную информацию

EPSS

Процентиль: 51%
0.00276
Низкий