UBUNTU-CVE-2020-1695

See a problem?
Please try reporting it to the source first.

Source

https://ubuntu.com/security/CVE-2020-1695

Import Source

https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2020/UBUNTU-CVE-2020-1695.json

JSON Data

https://api.osv.dev/v1/vulns/UBUNTU-CVE-2020-1695

Upstream

CVE-2020-1695

Downstream

USN-7351-1

USN-7630-1

Related

Published

2020-05-19T15:15:00Z

Modified

2025-07-16T16:51:55Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N CVSS Calculator
7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N CVSS Calculator
Ubuntu - medium

Summary

[none]

Details

A flaw was found in all resteasy 3.x.x versions prior to 3.12.0.Final and all resteasy 4.x.x versions prior to 4.6.0.Final, where an improper input validation results in returning an illegal header that integrates into the server's response. This flaw may result in an injection, which leads to unexpected behavior when the HTTP response is constructed.

References

Affected packages

Ubuntu:Pro:16.04:LTS / resteasy

Package

Name: resteasy
Purl: pkg:deb/ubuntu/resteasy@3.0.6-3ubuntu0.1~esm1?arch=source&distro=esm-apps/xenial

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.0.6-3ubuntu0.1~esm1

Affected versions

3.*

3.0.6-3

Ecosystem specific

{
    "availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
    "binaries": [
        {
            "binary_name": "libresteasy-java",
            "binary_version": "3.0.6-3ubuntu0.1~esm1"
        }
    ]
}

Ubuntu:Pro:18.04:LTS / resteasy3.0

Package

Name: resteasy3.0
Purl: pkg:deb/ubuntu/resteasy3.0@3.0.26-1~18.04.1~esm1?arch=source&distro=esm-apps/bionic

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.0.26-1~18.04.1~esm1

Affected versions

3.*

3.0.19-1

3.0.19-2

3.0.26-1~18.04

Ecosystem specific

{
    "availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
    "binaries": [
        {
            "binary_name": "libresteasy3.0-java",
            "binary_version": "3.0.26-1~18.04.1~esm1"
        }
    ]
}

Ubuntu:Pro:20.04:LTS / resteasy

Package

Name: resteasy
Purl: pkg:deb/ubuntu/resteasy@3.6.2-2ubuntu0.20.04.1~esm1?arch=source&distro=esm-apps/focal

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.6.2-2ubuntu0.20.04.1~esm1

Affected versions

3.*

3.6.2-2

Ecosystem specific

{
    "availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
    "binaries": [
        {
            "binary_name": "libresteasy-java",
            "binary_version": "3.6.2-2ubuntu0.20.04.1~esm1"
        }
    ]
}

Ubuntu:Pro:20.04:LTS / resteasy3.0

Package

Name: resteasy3.0
Purl: pkg:deb/ubuntu/resteasy3.0@3.0.26-1ubuntu0.1~esm1?arch=source&distro=esm-apps/focal

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.0.26-1ubuntu0.1~esm1

Affected versions

3.*

3.0.26-1

Ecosystem specific

{
    "availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
    "binaries": [
        {
            "binary_name": "libresteasy3.0-java",
            "binary_version": "3.0.26-1ubuntu0.1~esm1"
        }
    ]
}

Ubuntu:22.04:LTS / resteasy

Package

Name: resteasy
Purl: pkg:deb/ubuntu/resteasy@3.6.2-2?arch=source&distro=jammy

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

3.*

3.6.2-2

Ubuntu:22.04:LTS / resteasy3.0

Package

Name: resteasy3.0
Purl: pkg:deb/ubuntu/resteasy3.0@3.0.26-2?arch=source&distro=jammy

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.0.26-2

Ecosystem specific

{
    "availability": "No subscription required",
    "binaries": [
        {
            "binary_name": "libresteasy3.0-java",
            "binary_version": "3.0.26-2"
        }
    ]
}

Ubuntu:Pro:22.04:LTS / resteasy

Package

Name: resteasy
Purl: pkg:deb/ubuntu/resteasy@3.6.2-2ubuntu0.22.04.1~esm1?arch=source&distro=esm-apps/jammy

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.6.2-2ubuntu0.22.04.1~esm1

Affected versions

3.*

3.6.2-2

Ecosystem specific

{
    "availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
    "binaries": [
        {
            "binary_name": "libresteasy-java",
            "binary_version": "3.6.2-2ubuntu0.22.04.1~esm1"
        }
    ]
}

Ubuntu:24.04:LTS / resteasy

Package

Name: resteasy
Purl: pkg:deb/ubuntu/resteasy@3.6.2-2?arch=source&distro=noble

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

3.*

3.6.2-2

Ubuntu:Pro:24.04:LTS / resteasy

Package

Name: resteasy
Purl: pkg:deb/ubuntu/resteasy@3.6.2-2ubuntu0.24.04.1~esm1?arch=source&distro=esm-apps/noble

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.6.2-2ubuntu0.24.04.1~esm1

Affected versions

3.*

3.6.2-2

Ecosystem specific

{
    "availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
    "binaries": [
        {
            "binary_name": "libresteasy-java",
            "binary_version": "3.6.2-2ubuntu0.24.04.1~esm1"
        }
    ]
}

Ubuntu:25.04 / resteasy

Package

Name: resteasy
Purl: pkg:deb/ubuntu/resteasy@3.6.2-3ubuntu0.25.04.1?arch=source&distro=plucky

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.6.2-3ubuntu0.25.04.1

Affected versions

3.*

3.6.2-2

3.6.2-3

Ecosystem specific

{
    "availability": "No subscription required",
    "binaries": [
        {
            "binary_name": "libresteasy-java",
            "binary_version": "3.6.2-3ubuntu0.25.04.1"
        }
    ]
}