GHSA-wrrh-g7h3-gqmx
Suggest an improvement- Source
- https://github.com/advisories/GHSA-wrrh-g7h3-gqmx
- Import Source
- https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-wrrh-g7h3-gqmx/GHSA-wrrh-g7h3-gqmx.json
- JSON Data
- https://api.osv.dev/v1/vulns/GHSA-wrrh-g7h3-gqmx
- Aliases
-
- CVE-2012-0818
- Published
- 2022-05-17T01:49:58Z
- Modified
- 2024-12-03T06:03:01.875838Z
- Summary
- Exposure of Sensitive Information to an Unauthorized Actor in RESTEasy
- Details
-
RESTEasy before 2.3.1 allows remote attackers to read arbitrary files via an external entity reference in a DOM document, aka an XML external entity (XXE) injection attack.
- Database specific
{ "nvd_published_at": "2012-11-23T20:55:00Z", "cwe_ids": [ "CWE-200" ], "severity": "MODERATE", "github_reviewed": true, "github_reviewed_at": "2022-07-13T18:42:09Z" }- References
-
- https://nvd.nist.gov/vuln/detail/CVE-2012-0818
- https://github.com/resteasy/resteasy/commit/71ace879cf92d323bfa4d3e88db0c3059109bbf6
- https://web.archive.org/web/20200229045254/https://www.securityfocus.com/bid/51766
- https://web.archive.org/web/20200229044434/http://www.securityfocus.com/bid/51748
- https://issues.jboss.org/browse/RESTEASY-637
- https://github.com/resteasy/Resteasy
- https://exchange.xforce.ibmcloud.com/vulnerabilities/72808
- https://bugzilla.redhat.com/show_bug.cgi?id=785631
- https://access.redhat.com/security/cve/CVE-2012-0818
- https://access.redhat.com/errata/RHSA-2014:0372
- https://access.redhat.com/errata/RHSA-2014:0371
- https://access.redhat.com/errata/RHSA-2013:1263
- https://access.redhat.com/errata/RHSA-2012:1125
- https://access.redhat.com/errata/RHSA-2012:1059
- https://access.redhat.com/errata/RHSA-2012:1058
- https://access.redhat.com/errata/RHSA-2012:1057
- https://access.redhat.com/errata/RHSA-2012:1056
- https://access.redhat.com/errata/RHSA-2012:0519
- https://access.redhat.com/errata/RHSA-2012:0441
- https://access.redhat.com/errata/RHSA-2012:0421
- http://rhn.redhat.com/errata/RHSA-2012-0441.html
- http://rhn.redhat.com/errata/RHSA-2012-0519.html
- http://rhn.redhat.com/errata/RHSA-2012-1056.html
- http://rhn.redhat.com/errata/RHSA-2012-1057.html
- http://rhn.redhat.com/errata/RHSA-2012-1058.html
- http://rhn.redhat.com/errata/RHSA-2012-1059.html
- http://rhn.redhat.com/errata/RHSA-2012-1125.html
- http://rhn.redhat.com/errata/RHSA-2014-0371.html
- http://rhn.redhat.com/errata/RHSA-2014-0372.html
Affected packages
Maven / org.jboss.resteasy:resteasy-client
Package
- Name
- org.jboss.resteasy:resteasy-client
- View open source insights on deps.dev
- Purl
- pkg:maven/org.jboss.resteasy/resteasy-client