Description
A cross-site scripting (XSS) flaw was found in RESTEasy in versions before 3.11.1.Final and before 4.5.3.Final, where it did not properly handle URL encoding when the RESTEASY003870 exception occurs. An attacker could use this flaw to launch a reflected XSS attack.
Analysis
No analysis available yet.
Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).
| Vendor | Product | Default status | Versions | ||||||
|---|---|---|---|---|---|---|---|---|---|
| n/a | RESTEasy | affected |
|
Configuration 1 [-]
|
Configuration 2 [-]
| AND |
|
Configuration 3 [-]
| AND |
|
| Package | CPE | Advisory | Released Date |
|---|---|---|---|
| EAP-CD 19 Tech Preview | |||
| resteasy | cpe:/a:redhat:jboss_enterprise_application_platform_cd:19 | RHSA-2020:2333 | 2020-05-28T00:00:00Z |
| Red Hat Fuse 7.9 | |||
| resteasy | cpe:/a:redhat:jboss_fuse:7 | RHSA-2021:3140 | 2021-08-11T00:00:00Z |
| Red Hat JBoss EAP 7 | |||
| resteasy | cpe:/a:redhat:jboss_enterprise_application_platform:7 | RHSA-2020:2515 | 2020-06-10T00:00:00Z |
| Red Hat JBoss Enterprise Application Platform 7.3 for RHEL 6 | |||
| eap7-activemq-artemis-0:2.9.0-4.redhat_00010.1.el6eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6 | RHSA-2020:2511 | 2020-06-11T00:00:00Z |
| eap7-apache-cxf-0:3.3.5-1.redhat_00001.1.el6eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6 | RHSA-2020:2511 | 2020-06-11T00:00:00Z |
| eap7-bouncycastle-0:1.60.0-2.redhat_00002.1.el6eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6 | RHSA-2020:2511 | 2020-06-11T00:00:00Z |
| eap7-codehaus-jackson-0:1.9.13-10.redhat_00007.1.el6eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6 | RHSA-2020:2511 | 2020-06-11T00:00:00Z |
| eap7-cryptacular-0:1.2.4-1.redhat_00001.1.el6eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6 | RHSA-2020:2511 | 2020-06-11T00:00:00Z |
| eap7-elytron-web-0:1.6.1-1.Final_redhat_00001.1.el6eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6 | RHSA-2020:2511 | 2020-06-11T00:00:00Z |
| eap7-glassfish-jaxb-0:2.3.3-4.b02_redhat_00001.1.el6eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6 | RHSA-2020:2511 | 2020-06-11T00:00:00Z |
| eap7-glassfish-jsf-0:2.3.9-10.SP09_redhat_00001.1.el6eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6 | RHSA-2020:2511 | 2020-06-11T00:00:00Z |
| eap7-hal-console-0:3.2.8-1.Final_redhat_00001.1.el6eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6 | RHSA-2020:2511 | 2020-06-11T00:00:00Z |
| eap7-hibernate-0:5.3.16-1.Final_redhat_00001.1.el6eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6 | RHSA-2020:2511 | 2020-06-11T00:00:00Z |
| eap7-infinispan-0:9.4.18-1.Final_redhat_00001.1.el6eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6 | RHSA-2020:2511 | 2020-06-11T00:00:00Z |
| eap7-ironjacamar-0:1.4.20-1.Final_redhat_00001.1.el6eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6 | RHSA-2020:2511 | 2020-06-11T00:00:00Z |
| eap7-jackson-annotations-0:2.10.3-1.redhat_00001.1.el6eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6 | RHSA-2020:2511 | 2020-06-11T00:00:00Z |
| eap7-jackson-core-0:2.10.3-1.redhat_00001.1.el6eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6 | RHSA-2020:2511 | 2020-06-11T00:00:00Z |
| eap7-jackson-databind-0:2.10.3-1.redhat_00001.1.el6eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6 | RHSA-2020:2511 | 2020-06-11T00:00:00Z |
| eap7-jackson-jaxrs-providers-0:2.10.3-1.redhat_00001.1.el6eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6 | RHSA-2020:2511 | 2020-06-11T00:00:00Z |
| eap7-jackson-modules-base-0:2.10.3-1.redhat_00001.1.el6eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6 | RHSA-2020:2511 | 2020-06-11T00:00:00Z |
| eap7-jackson-modules-java8-0:2.10.3-1.redhat_00001.1.el6eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6 | RHSA-2020:2511 | 2020-06-11T00:00:00Z |
| eap7-jaegertracing-jaeger-client-java-0:0.34.3-1.redhat_00001.1.el6eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6 | RHSA-2020:2511 | 2020-06-11T00:00:00Z |
| eap7-jakarta-el-0:3.0.3-1.redhat_00002.1.el6eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6 | RHSA-2020:2511 | 2020-06-11T00:00:00Z |
| eap7-jandex-0:2.1.2-1.Final_redhat_00001.1.el6eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6 | RHSA-2020:2511 | 2020-06-11T00:00:00Z |
| eap7-jasypt-0:1.9.3-1.redhat_00001.1.el6eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6 | RHSA-2020:2511 | 2020-06-11T00:00:00Z |
| eap7-jboss-ejb-client-0:4.0.31-1.Final_redhat_00001.1.el6eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6 | RHSA-2020:2511 | 2020-06-11T00:00:00Z |
| eap7-jboss-genericjms-0:2.0.4-1.Final_redhat_00001.1.el6eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6 | RHSA-2020:2511 | 2020-06-11T00:00:00Z |
| eap7-jboss-jsf-api_2.3_spec-0:3.0.0-3.SP02_redhat_00001.1.el6eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6 | RHSA-2020:2511 | 2020-06-11T00:00:00Z |
| eap7-jboss-modules-0:1.10.0-1.Final_redhat_00001.1.el6eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6 | RHSA-2020:2511 | 2020-06-11T00:00:00Z |
| eap7-jboss-remoting-0:5.0.18-1.Final_redhat_00001.1.el6eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6 | RHSA-2020:2511 | 2020-06-11T00:00:00Z |
| eap7-jboss-remoting-jmx-0:3.0.4-1.Final_redhat_00001.1.el6eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6 | RHSA-2020:2511 | 2020-06-11T00:00:00Z |
| eap7-jboss-server-migration-0:1.7.1-5.Final_redhat_00006.1.el6eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6 | RHSA-2020:2511 | 2020-06-11T00:00:00Z |
| eap7-jboss-vfs-0:3.2.15-1.Final_redhat_00001.1.el6eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6 | RHSA-2020:2511 | 2020-06-11T00:00:00Z |
| eap7-jboss-weld-3.1-api-0:3.1.0-6.SP2_redhat_00001.1.el6eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6 | RHSA-2020:2511 | 2020-06-11T00:00:00Z |
| eap7-microprofile-config-0:1.4.0-1.redhat_00003.1.el6eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6 | RHSA-2020:2511 | 2020-06-11T00:00:00Z |
| eap7-microprofile-health-0:2.2.0-1.redhat_00001.1.el6eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6 | RHSA-2020:2511 | 2020-06-11T00:00:00Z |
| eap7-microprofile-metrics-0:2.3.0-1.redhat_00001.1.el6eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6 | RHSA-2020:2511 | 2020-06-11T00:00:00Z |
| eap7-microprofile-opentracing-0:1.3.3-1.redhat_00001.1.el6eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6 | RHSA-2020:2511 | 2020-06-11T00:00:00Z |
| eap7-microprofile-rest-client-0:1.4.0-1.redhat_00004.1.el6eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6 | RHSA-2020:2511 | 2020-06-11T00:00:00Z |
| eap7-opensaml-0:3.3.1-1.redhat_00002.1.el6eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6 | RHSA-2020:2511 | 2020-06-11T00:00:00Z |
| eap7-picketbox-0:5.0.3-7.Final_redhat_00006.1.el6eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6 | RHSA-2020:2511 | 2020-06-11T00:00:00Z |
| eap7-picketlink-bindings-0:2.5.5-23.SP12_redhat_00012.1.el6eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6 | RHSA-2020:2511 | 2020-06-11T00:00:00Z |
| eap7-resteasy-0:3.11.2-3.Final_redhat_00002.1.el6eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6 | RHSA-2020:2511 | 2020-06-11T00:00:00Z |
| eap7-slf4j-jboss-logmanager-0:1.0.4-1.GA_redhat_00001.1.el6eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6 | RHSA-2020:2511 | 2020-06-11T00:00:00Z |
| eap7-smallrye-config-0:1.6.2-3.redhat_00004.1.el6eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6 | RHSA-2020:2511 | 2020-06-11T00:00:00Z |
| eap7-smallrye-health-0:2.2.0-1.redhat_00004.1.el6eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6 | RHSA-2020:2511 | 2020-06-11T00:00:00Z |
| eap7-smallrye-metrics-0:2.4.0-1.redhat_00004.1.el6eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6 | RHSA-2020:2511 | 2020-06-11T00:00:00Z |
| eap7-smallrye-opentracing-0:1.3.4-1.redhat_00004.1.el6eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6 | RHSA-2020:2511 | 2020-06-11T00:00:00Z |
| eap7-snakeyaml-0:1.24.0-2.redhat_00001.1.el6eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6 | RHSA-2020:2511 | 2020-06-11T00:00:00Z |
| eap7-stax2-api-0:4.2.0-1.redhat_00001.1.el6eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6 | RHSA-2020:2511 | 2020-06-11T00:00:00Z |
| eap7-sun-istack-commons-0:3.0.10-1.redhat_00001.1.el6eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6 | RHSA-2020:2511 | 2020-06-11T00:00:00Z |
| eap7-undertow-0:2.0.30-3.SP3_redhat_00001.1.el6eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6 | RHSA-2020:2511 | 2020-06-11T00:00:00Z |
| eap7-weld-core-0:3.1.4-1.Final_redhat_00001.1.el6eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6 | RHSA-2020:2511 | 2020-06-11T00:00:00Z |
| eap7-wildfly-0:7.3.1-5.GA_redhat_00003.1.el6eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6 | RHSA-2020:2511 | 2020-06-11T00:00:00Z |
| eap7-wildfly-elytron-0:1.10.6-1.Final_redhat_00001.1.el6eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6 | RHSA-2020:2511 | 2020-06-11T00:00:00Z |
| eap7-wildfly-http-client-0:1.0.20-1.Final_redhat_00001.1.el6eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6 | RHSA-2020:2511 | 2020-06-11T00:00:00Z |
| eap7-wildfly-naming-client-0:1.0.12-1.Final_redhat_00001.1.el6eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6 | RHSA-2020:2511 | 2020-06-11T00:00:00Z |
| eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6 | RHSA-2020:2511 | 2020-06-11T00:00:00Z |
| eap7-woodstox-core-0:6.0.3-1.redhat_00001.1.el6eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6 | RHSA-2020:2511 | 2020-06-11T00:00:00Z |
| eap7-wss4j-0:2.2.5-1.redhat_00001.1.el6eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6 | RHSA-2020:2511 | 2020-06-11T00:00:00Z |
| Red Hat JBoss Enterprise Application Platform 7.3 for RHEL 7 | |||
| eap7-activemq-artemis-0:2.9.0-4.redhat_00010.1.el7eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7 | RHSA-2020:2512 | 2020-06-11T00:00:00Z |
| eap7-apache-cxf-0:3.3.5-1.redhat_00001.1.el7eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7 | RHSA-2020:2512 | 2020-06-11T00:00:00Z |
| eap7-bouncycastle-0:1.60.0-2.redhat_00002.1.el7eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7 | RHSA-2020:2512 | 2020-06-11T00:00:00Z |
| eap7-codehaus-jackson-0:1.9.13-10.redhat_00007.1.el7eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7 | RHSA-2020:2512 | 2020-06-11T00:00:00Z |
| eap7-cryptacular-0:1.2.4-1.redhat_00001.1.el7eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7 | RHSA-2020:2512 | 2020-06-11T00:00:00Z |
| eap7-elytron-web-0:1.6.1-1.Final_redhat_00001.1.el7eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7 | RHSA-2020:2512 | 2020-06-11T00:00:00Z |
| eap7-glassfish-jaxb-0:2.3.3-4.b02_redhat_00001.1.el7eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7 | RHSA-2020:2512 | 2020-06-11T00:00:00Z |
| eap7-glassfish-jsf-0:2.3.9-10.SP09_redhat_00001.1.el7eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7 | RHSA-2020:2512 | 2020-06-11T00:00:00Z |
| eap7-hal-console-0:3.2.8-1.Final_redhat_00001.1.el7eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7 | RHSA-2020:2512 | 2020-06-11T00:00:00Z |
| eap7-hibernate-0:5.3.16-1.Final_redhat_00001.1.el7eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7 | RHSA-2020:2512 | 2020-06-11T00:00:00Z |
| eap7-infinispan-0:9.4.18-1.Final_redhat_00001.1.el7eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7 | RHSA-2020:2512 | 2020-06-11T00:00:00Z |
| eap7-ironjacamar-0:1.4.20-1.Final_redhat_00001.1.el7eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7 | RHSA-2020:2512 | 2020-06-11T00:00:00Z |
| eap7-jackson-annotations-0:2.10.3-1.redhat_00001.1.el7eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7 | RHSA-2020:2512 | 2020-06-11T00:00:00Z |
| eap7-jackson-core-0:2.10.3-1.redhat_00001.1.el7eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7 | RHSA-2020:2512 | 2020-06-11T00:00:00Z |
| eap7-jackson-databind-0:2.10.3-1.redhat_00001.1.el7eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7 | RHSA-2020:2512 | 2020-06-11T00:00:00Z |
| eap7-jackson-jaxrs-providers-0:2.10.3-1.redhat_00001.1.el7eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7 | RHSA-2020:2512 | 2020-06-11T00:00:00Z |
| eap7-jackson-modules-base-0:2.10.3-1.redhat_00001.1.el7eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7 | RHSA-2020:2512 | 2020-06-11T00:00:00Z |
| eap7-jackson-modules-java8-0:2.10.3-1.redhat_00001.1.el7eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7 | RHSA-2020:2512 | 2020-06-11T00:00:00Z |
| eap7-jaegertracing-jaeger-client-java-0:0.34.3-1.redhat_00001.1.el7eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7 | RHSA-2020:2512 | 2020-06-11T00:00:00Z |
| eap7-jakarta-el-0:3.0.3-1.redhat_00002.1.el7eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7 | RHSA-2020:2512 | 2020-06-11T00:00:00Z |
| eap7-jandex-0:2.1.2-1.Final_redhat_00001.1.el7eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7 | RHSA-2020:2512 | 2020-06-11T00:00:00Z |
| eap7-jasypt-0:1.9.3-1.redhat_00001.1.el7eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7 | RHSA-2020:2512 | 2020-06-11T00:00:00Z |
| eap7-jboss-ejb-client-0:4.0.31-1.Final_redhat_00001.1.el7eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7 | RHSA-2020:2512 | 2020-06-11T00:00:00Z |
| eap7-jboss-genericjms-0:2.0.4-1.Final_redhat_00001.1.el7eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7 | RHSA-2020:2512 | 2020-06-11T00:00:00Z |
| eap7-jboss-jsf-api_2.3_spec-0:3.0.0-3.SP02_redhat_00001.1.el7eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7 | RHSA-2020:2512 | 2020-06-11T00:00:00Z |
| eap7-jboss-modules-0:1.10.0-1.Final_redhat_00001.1.el7eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7 | RHSA-2020:2512 | 2020-06-11T00:00:00Z |
| eap7-jboss-remoting-0:5.0.18-1.Final_redhat_00001.1.el7eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7 | RHSA-2020:2512 | 2020-06-11T00:00:00Z |
| eap7-jboss-remoting-jmx-0:3.0.4-1.Final_redhat_00001.1.el7eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7 | RHSA-2020:2512 | 2020-06-11T00:00:00Z |
| eap7-jboss-server-migration-0:1.7.1-5.Final_redhat_00006.1.el7eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7 | RHSA-2020:2512 | 2020-06-11T00:00:00Z |
| eap7-jboss-vfs-0:3.2.15-1.Final_redhat_00001.1.el7eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7 | RHSA-2020:2512 | 2020-06-11T00:00:00Z |
| eap7-jboss-weld-3.1-api-0:3.1.0-6.SP2_redhat_00001.1.el7eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7 | RHSA-2020:2512 | 2020-06-11T00:00:00Z |
| eap7-microprofile-config-0:1.4.0-1.redhat_00003.1.el7eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7 | RHSA-2020:2512 | 2020-06-11T00:00:00Z |
| eap7-microprofile-health-0:2.2.0-1.redhat_00001.1.el7eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7 | RHSA-2020:2512 | 2020-06-11T00:00:00Z |
| eap7-microprofile-metrics-0:2.3.0-1.redhat_00001.1.el7eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7 | RHSA-2020:2512 | 2020-06-11T00:00:00Z |
| eap7-microprofile-opentracing-0:1.3.3-1.redhat_00001.1.el7eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7 | RHSA-2020:2512 | 2020-06-11T00:00:00Z |
| eap7-microprofile-rest-client-0:1.4.0-1.redhat_00004.1.el7eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7 | RHSA-2020:2512 | 2020-06-11T00:00:00Z |
| eap7-opensaml-0:3.3.1-1.redhat_00002.1.el7eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7 | RHSA-2020:2512 | 2020-06-11T00:00:00Z |
| eap7-picketbox-0:5.0.3-7.Final_redhat_00006.1.el7eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7 | RHSA-2020:2512 | 2020-06-11T00:00:00Z |
| eap7-picketlink-bindings-0:2.5.5-23.SP12_redhat_00012.1.el7eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7 | RHSA-2020:2512 | 2020-06-11T00:00:00Z |
| eap7-resteasy-0:3.11.2-3.Final_redhat_00002.1.el7eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7 | RHSA-2020:2512 | 2020-06-11T00:00:00Z |
| eap7-slf4j-jboss-logmanager-0:1.0.4-1.GA_redhat_00001.1.el7eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7 | RHSA-2020:2512 | 2020-06-11T00:00:00Z |
| eap7-smallrye-config-0:1.6.2-3.redhat_00004.1.el7eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7 | RHSA-2020:2512 | 2020-06-11T00:00:00Z |
| eap7-smallrye-health-0:2.2.0-1.redhat_00004.1.el7eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7 | RHSA-2020:2512 | 2020-06-11T00:00:00Z |
| eap7-smallrye-metrics-0:2.4.0-1.redhat_00004.1.el7eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7 | RHSA-2020:2512 | 2020-06-11T00:00:00Z |
| eap7-smallrye-opentracing-0:1.3.4-1.redhat_00004.1.el7eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7 | RHSA-2020:2512 | 2020-06-11T00:00:00Z |
| eap7-snakeyaml-0:1.24.0-2.redhat_00001.1.el7eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7 | RHSA-2020:2512 | 2020-06-11T00:00:00Z |
| eap7-stax2-api-0:4.2.0-1.redhat_00001.1.el7eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7 | RHSA-2020:2512 | 2020-06-11T00:00:00Z |
| eap7-sun-istack-commons-0:3.0.10-1.redhat_00001.1.el7eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7 | RHSA-2020:2512 | 2020-06-11T00:00:00Z |
| eap7-undertow-0:2.0.30-3.SP3_redhat_00001.1.el7eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7 | RHSA-2020:2512 | 2020-06-11T00:00:00Z |
| eap7-weld-core-0:3.1.4-1.Final_redhat_00001.1.el7eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7 | RHSA-2020:2512 | 2020-06-11T00:00:00Z |
| eap7-wildfly-0:7.3.1-5.GA_redhat_00003.1.el7eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7 | RHSA-2020:2512 | 2020-06-11T00:00:00Z |
| eap7-wildfly-elytron-0:1.10.6-1.Final_redhat_00001.1.el7eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7 | RHSA-2020:2512 | 2020-06-11T00:00:00Z |
| eap7-wildfly-http-client-0:1.0.20-1.Final_redhat_00001.1.el7eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7 | RHSA-2020:2512 | 2020-06-11T00:00:00Z |
| eap7-wildfly-naming-client-0:1.0.12-1.Final_redhat_00001.1.el7eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7 | RHSA-2020:2512 | 2020-06-11T00:00:00Z |
| eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7 | RHSA-2020:2512 | 2020-06-11T00:00:00Z |
| eap7-woodstox-core-0:6.0.3-1.redhat_00001.1.el7eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7 | RHSA-2020:2512 | 2020-06-11T00:00:00Z |
| eap7-wss4j-0:2.2.5-1.redhat_00001.1.el7eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7 | RHSA-2020:2512 | 2020-06-11T00:00:00Z |
| Red Hat JBoss Enterprise Application Platform 7.3 for RHEL 8 | |||
| eap7-activemq-artemis-0:2.9.0-4.redhat_00010.1.el8eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8 | RHSA-2020:2513 | 2020-06-11T00:00:00Z |
| eap7-apache-cxf-0:3.3.5-1.redhat_00001.1.el8eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8 | RHSA-2020:2513 | 2020-06-11T00:00:00Z |
| eap7-bouncycastle-0:1.60.0-2.redhat_00002.1.el8eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8 | RHSA-2020:2513 | 2020-06-11T00:00:00Z |
| eap7-codehaus-jackson-0:1.9.13-10.redhat_00007.1.el8eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8 | RHSA-2020:2513 | 2020-06-11T00:00:00Z |
| eap7-cryptacular-0:1.2.4-1.redhat_00001.1.el8eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8 | RHSA-2020:2513 | 2020-06-11T00:00:00Z |
| eap7-elytron-web-0:1.6.1-1.Final_redhat_00001.1.el8eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8 | RHSA-2020:2513 | 2020-06-11T00:00:00Z |
| eap7-glassfish-jaxb-0:2.3.3-4.b02_redhat_00001.1.el8eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8 | RHSA-2020:2513 | 2020-06-11T00:00:00Z |
| eap7-glassfish-jsf-0:2.3.9-10.SP09_redhat_00001.1.el8eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8 | RHSA-2020:2513 | 2020-06-11T00:00:00Z |
| eap7-hal-console-0:3.2.8-1.Final_redhat_00001.1.el8eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8 | RHSA-2020:2513 | 2020-06-11T00:00:00Z |
| eap7-hibernate-0:5.3.16-1.Final_redhat_00001.1.el8eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8 | RHSA-2020:2513 | 2020-06-11T00:00:00Z |
| eap7-infinispan-0:9.4.18-1.Final_redhat_00001.1.el8eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8 | RHSA-2020:2513 | 2020-06-11T00:00:00Z |
| eap7-ironjacamar-0:1.4.20-1.Final_redhat_00001.1.el8eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8 | RHSA-2020:2513 | 2020-06-11T00:00:00Z |
| eap7-jackson-annotations-0:2.10.3-1.redhat_00001.1.el8eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8 | RHSA-2020:2513 | 2020-06-11T00:00:00Z |
| eap7-jackson-core-0:2.10.3-1.redhat_00001.1.el8eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8 | RHSA-2020:2513 | 2020-06-11T00:00:00Z |
| eap7-jackson-databind-0:2.10.3-1.redhat_00001.1.el8eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8 | RHSA-2020:2513 | 2020-06-11T00:00:00Z |
| eap7-jackson-jaxrs-providers-0:2.10.3-1.redhat_00001.1.el8eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8 | RHSA-2020:2513 | 2020-06-11T00:00:00Z |
| eap7-jackson-modules-base-0:2.10.3-1.redhat_00001.1.el8eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8 | RHSA-2020:2513 | 2020-06-11T00:00:00Z |
| eap7-jackson-modules-java8-0:2.10.3-1.redhat_00001.1.el8eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8 | RHSA-2020:2513 | 2020-06-11T00:00:00Z |
| eap7-jaegertracing-jaeger-client-java-0:0.34.3-1.redhat_00001.1.el8eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8 | RHSA-2020:2513 | 2020-06-11T00:00:00Z |
| eap7-jakarta-el-0:3.0.3-1.redhat_00002.1.el8eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8 | RHSA-2020:2513 | 2020-06-11T00:00:00Z |
| eap7-jandex-0:2.1.2-1.Final_redhat_00001.1.el8eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8 | RHSA-2020:2513 | 2020-06-11T00:00:00Z |
| eap7-jasypt-0:1.9.3-1.redhat_00001.1.el8eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8 | RHSA-2020:2513 | 2020-06-11T00:00:00Z |
| eap7-jboss-ejb-client-0:4.0.31-1.Final_redhat_00001.1.el8eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8 | RHSA-2020:2513 | 2020-06-11T00:00:00Z |
| eap7-jboss-genericjms-0:2.0.4-1.Final_redhat_00001.1.el8eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8 | RHSA-2020:2513 | 2020-06-11T00:00:00Z |
| eap7-jboss-jsf-api_2.3_spec-0:3.0.0-3.SP02_redhat_00001.1.el8eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8 | RHSA-2020:2513 | 2020-06-11T00:00:00Z |
| eap7-jboss-modules-0:1.10.0-1.Final_redhat_00001.1.el8eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8 | RHSA-2020:2513 | 2020-06-11T00:00:00Z |
| eap7-jboss-remoting-0:5.0.18-1.Final_redhat_00001.1.el8eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8 | RHSA-2020:2513 | 2020-06-11T00:00:00Z |
| eap7-jboss-remoting-jmx-0:3.0.4-1.Final_redhat_00001.1.el8eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8 | RHSA-2020:2513 | 2020-06-11T00:00:00Z |
| eap7-jboss-server-migration-0:1.7.1-5.Final_redhat_00006.1.el8eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8 | RHSA-2020:2513 | 2020-06-11T00:00:00Z |
| eap7-jboss-vfs-0:3.2.15-1.Final_redhat_00001.1.el8eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8 | RHSA-2020:2513 | 2020-06-11T00:00:00Z |
| eap7-jboss-weld-3.1-api-0:3.1.0-6.SP2_redhat_00001.1.el8eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8 | RHSA-2020:2513 | 2020-06-11T00:00:00Z |
| eap7-microprofile-config-0:1.4.0-1.redhat_00003.1.el8eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8 | RHSA-2020:2513 | 2020-06-11T00:00:00Z |
| eap7-microprofile-health-0:2.2.0-1.redhat_00001.1.el8eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8 | RHSA-2020:2513 | 2020-06-11T00:00:00Z |
| eap7-microprofile-metrics-0:2.3.0-1.redhat_00001.1.el8eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8 | RHSA-2020:2513 | 2020-06-11T00:00:00Z |
| eap7-microprofile-opentracing-0:1.3.3-1.redhat_00001.1.el8eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8 | RHSA-2020:2513 | 2020-06-11T00:00:00Z |
| eap7-microprofile-rest-client-0:1.4.0-1.redhat_00004.1.el8eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8 | RHSA-2020:2513 | 2020-06-11T00:00:00Z |
| eap7-opensaml-0:3.3.1-1.redhat_00002.1.el8eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8 | RHSA-2020:2513 | 2020-06-11T00:00:00Z |
| eap7-picketbox-0:5.0.3-7.Final_redhat_00006.1.el8eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8 | RHSA-2020:2513 | 2020-06-11T00:00:00Z |
| eap7-picketlink-bindings-0:2.5.5-23.SP12_redhat_00012.1.el8eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8 | RHSA-2020:2513 | 2020-06-11T00:00:00Z |
| eap7-resteasy-0:3.11.2-3.Final_redhat_00002.1.el8eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8 | RHSA-2020:2513 | 2020-06-11T00:00:00Z |
| eap7-slf4j-jboss-logmanager-0:1.0.4-1.GA_redhat_00001.1.el8eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8 | RHSA-2020:2513 | 2020-06-11T00:00:00Z |
| eap7-smallrye-config-0:1.6.2-3.redhat_00004.1.el8eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8 | RHSA-2020:2513 | 2020-06-11T00:00:00Z |
| eap7-smallrye-health-0:2.2.0-1.redhat_00004.1.el8eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8 | RHSA-2020:2513 | 2020-06-11T00:00:00Z |
| eap7-smallrye-metrics-0:2.4.0-1.redhat_00004.1.el8eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8 | RHSA-2020:2513 | 2020-06-11T00:00:00Z |
| eap7-smallrye-opentracing-0:1.3.4-1.redhat_00004.1.el8eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8 | RHSA-2020:2513 | 2020-06-11T00:00:00Z |
| eap7-snakeyaml-0:1.24.0-2.redhat_00001.1.el8eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8 | RHSA-2020:2513 | 2020-06-11T00:00:00Z |
| eap7-stax2-api-0:4.2.0-1.redhat_00001.1.el8eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8 | RHSA-2020:2513 | 2020-06-11T00:00:00Z |
| eap7-sun-istack-commons-0:3.0.10-1.redhat_00001.1.el8eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8 | RHSA-2020:2513 | 2020-06-11T00:00:00Z |
| eap7-undertow-0:2.0.30-3.SP3_redhat_00001.1.el8eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8 | RHSA-2020:2513 | 2020-06-11T00:00:00Z |
| eap7-weld-core-0:3.1.4-1.Final_redhat_00001.1.el8eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8 | RHSA-2020:2513 | 2020-06-11T00:00:00Z |
| eap7-wildfly-0:7.3.1-5.GA_redhat_00003.1.el8eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8 | RHSA-2020:2513 | 2020-06-11T00:00:00Z |
| eap7-wildfly-elytron-0:1.10.6-1.Final_redhat_00001.1.el8eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8 | RHSA-2020:2513 | 2020-06-11T00:00:00Z |
| eap7-wildfly-http-client-0:1.0.20-1.Final_redhat_00001.1.el8eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8 | RHSA-2020:2513 | 2020-06-11T00:00:00Z |
| eap7-wildfly-naming-client-0:1.0.12-1.Final_redhat_00001.1.el8eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8 | RHSA-2020:2513 | 2020-06-11T00:00:00Z |
| eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8 | RHSA-2020:2513 | 2020-06-11T00:00:00Z |
| eap7-woodstox-core-0:6.0.3-1.redhat_00001.1.el8eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8 | RHSA-2020:2513 | 2020-06-11T00:00:00Z |
| eap7-wss4j-0:2.2.5-1.redhat_00001.1.el8eap | cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8 | RHSA-2020:2513 | 2020-06-11T00:00:00Z |
| Red Hat Runtimes Spring Boot 2.2.6 | |||
| resteasy | cpe:/a:redhat:openshift_application_runtimes:1.0 | RHSA-2020:3806 | 2020-09-23T00:00:00Z |
| Text-Only RHOAR | |||
| cpe:/a:redhat:openshift_application_runtimes:1.0 | RHSA-2020:2905 | 2020-07-23T00:00:00Z | |
No data available yet.
Remediation
No remediation available yet.
Tracking
Sign in to view the affected projects.
Advisories
| Source | ID | Title |
|---|---|---|
 EUVD |
EUVD-2021-1240 | A cross-site scripting (XSS) flaw was found in RESTEasy in versions before 3.11.1.Final and before 4.5.3.Final, where it did not properly handle URL encoding when the RESTEASY003870 exception occurs. An attacker could use this flaw to launch a reflected XSS attack. |
 Github GHSA |
GHSA-29qj-rvv6-qrmv | Cross-site scripting in RESTEasy |
 Ubuntu USN |
USN-7351-1 | RESTEasy vulnerabilities |
| Ubuntu USN |
USN-7630-1 | RESTEasy vulnerabilities |
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: redhat
Published:
Updated: 2024-08-04T11:06:11.147Z
Reserved: 2020-03-20T00:00:00.000Z
Link: CVE-2020-10688
Vulnrichment
No data.
NVD
Status : Modified
Published: 2021-05-27T19:15:07.643
Modified: 2024-11-21T04:55:51.450
Link: CVE-2020-10688
Redhat
OpenCVE Enrichment
No data.
Weaknesses