OESA-2021-1171
- Source
- https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2021-1171
- Import Source
- https://repo.openeuler.org/security/data/osv/OESA-2021-1171.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/OESA-2021-1171
- Upstream
- Published
- 2021-05-06T11:02:52Z
- Modified
- 2025-08-12T05:07:03.985017Z
- Summary
- resteasy security update
- Details
-
%global desc \ RESTEasy contains a JBoss project that provides frameworks to help\ build RESTful Web Services and RESTful Java applications. It is a fully\ certified and portable implementation of the JAX-RS specification. %{desc} %global extdesc %{desc}\ \ This package contains
Security Fix(es):
A flaw was found in RESTEasy in all versions of RESTEasy up to 4.6.0.Final. The endpoint class and method names are returned as part of the exception response when RESTEasy cannot convert one of the request URI path or query values to the matching JAX-RS resource method's parameter value. The highest threat from this vulnerability is to data confidentiality.(CVE-2021-20289)
- Database specific
{ "severity": "Medium" }- References
Affected packages
openEuler:20.03-LTS-SP1 / resteasy
Package
- Name
- resteasy
- Purl
- pkg:rpm/openEuler/resteasy&distro=openEuler-20.03-LTS-SP1
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.0.19-3.oe1
Ecosystem specific
{
"src": [
"resteasy-3.0.19-3.oe1.src.rpm"
],
"noarch": [
"resteasy-netty3-3.0.19-3.oe1.noarch.rpm",
"resteasy-atom-provider-3.0.19-3.oe1.noarch.rpm",
"resteasy-3.0.19-3.oe1.noarch.rpm",
"resteasy-client-3.0.19-3.oe1.noarch.rpm",
"resteasy-jackson2-provider-3.0.19-3.oe1.noarch.rpm",
"resteasy-jackson-provider-3.0.19-3.oe1.noarch.rpm",
"resteasy-jettison-provider-3.0.19-3.oe1.noarch.rpm",
"resteasy-test-3.0.19-3.oe1.noarch.rpm",
"resteasy-yaml-provider-3.0.19-3.oe1.noarch.rpm",
"resteasy-core-3.0.19-3.oe1.noarch.rpm",
"resteasy-multipart-provider-3.0.19-3.oe1.noarch.rpm",
"resteasy-validator-provider-11-3.0.19-3.oe1.noarch.rpm",
"resteasy-jaxb-provider-3.0.19-3.oe1.noarch.rpm",
"resteasy-optional-3.0.19-3.oe1.noarch.rpm",
"resteasy-javadoc-3.0.19-3.oe1.noarch.rpm",
"resteasy-json-p-provider-3.0.19-3.oe1.noarch.rpm"
]
}