Vulnerabilities > Redhat > Resteasy > 3.11.2
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-06-10 | CVE-2021-20293 | A reflected Cross-Site Scripting (XSS) flaw was found in RESTEasy in all versions of RESTEasy up to 4.6.0.Final, where it did not properly handle URL encoding when calling @javax.ws.rs.PathParam without any @Produces MediaType. | 6.1 |
| 2021-03-26 | CVE-2021-20289 | A flaw was found in RESTEasy in all versions of RESTEasy up to 4.6.0.Final. | 5.3 |
| 2020-09-18 | CVE-2020-25633 | Information Exposure Through an Error Message vulnerability in multiple products A flaw was found in RESTEasy client in all versions of RESTEasy up to 4.5.6.Final. | 5.3 |
| 2020-05-19 | CVE-2020-1695 | A flaw was found in all resteasy 3.x.x versions prior to 3.12.0.Final and all resteasy 4.x.x versions prior to 4.6.0.Final, where an improper input validation results in returning an illegal header that integrates into the server's response. | 7.5 |