CVE-2020-25724

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2020-25724
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-25724.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2020-25724
Aliases
Downstream
Published
2021-05-26T21:15:08.107Z
Modified
2026-04-10T04:25:14.177431Z
Severity
  • 4.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N CVSS Calculator
Summary
[none]
Details

A flaw was found in RESTEasy, where an incorrect response to an HTTP request is provided. This flaw allows an attacker to gain access to privileged information. The highest threat from this vulnerability is to confidentiality and integrity. Versions before resteasy 2.0.0.Alpha3 are affected.

References

Affected packages

Git / github.com/quarkusio/quarkus

Affected ranges

Type
GIT
Repo
https://github.com/quarkusio/quarkus
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
b0497d9ebf114a347f0dd5959a43e60ad56355dd
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
e7156393ea6b21c2a1fe35773ae46a403f1c8c0b
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
e338b0f4a32f2a9788c378edb3e7a574758145f7
Database specific 
{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "2.0.0-alpha1"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "2.0.0-alpha2"
        },
        {
            "introduced": "0"
        },
        {
            "fixed": "1.11.2"
        }
    ]
}
Type
GIT
Repo
https://github.com/resteasy/resteasy
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
f66257f367f3a7d19396906444c153b801f82551
Database specific 
{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "fixed": "2.0.0"
        }
    ]
}

Affected versions

2.*
2.0.0.Alpha1
2.0.0.Alpha2
Other
RESTEASY_1_2_1_GA@881
RESTEASY_JAXRS_1_0_0_GA@546
RESTEASY_JAXRS_1_0_BETA-9@447
RESTEASY_JAXRS_1_0_BETA_2@134
RESTEASY_JAXRS_1_0_BETA_2@137
RESTEASY_JAXRS_1_0_BETA_3@146
RESTEASY_JAXRS_1_0_BETA_4@166
RESTEASY_JAXRS_1_0_BETA_5@182
RESTEASY_JAXRS_1_0_BETA_6@339
RESTEASY_JAXRS_1_0_BETA_7@344
RESTEASY_JAXRS_1_0_BETA_8@346
RESTEASY_JAXRS_1_0_RC1@540
RESTEASY_JAXRS_1_1-RC1@600
RESTEASY_JAXRS_1_1-RC2@663
RESTEASY_JAXRS_1_1_GA@746
RESTEASY_JAXRS_1_2_GA@861
RESTEASY_JAXRS_2_0_0_GA@1122
RESTEASY_JAXRS_2_0_BETA_1@911
RESTEASY_JAXRS_2_0_BETA_2@991
RESTEASY_JAXRS_2_0_BETA_3@1068
RESTEASY_JAXRS_2_0_BETA_4@1071
RESTEASY_JAXRS_2_0_RC1@1115
RESTEASY_JAXRS_BETA1@99

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-25724.json"