Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:maven/org.jboss.resteasy/resteasy-jaxrs@1.2.1.GA

Type maven

Namespace org.jboss.resteasy

Name resteasy-jaxrs

Version 1.2.1.GA

Qualifiers

Subpath

Is_vulnerable true

Next_non_vulnerable_version 2.3.1

Latest_non_vulnerable_version 4.7.0.Final

Affected_by_vulnerabilities

url VCID-df6d-zkkc-nug5

vulnerability_id VCID-df6d-zkkc-nug5

summary

Information Exposure Through an Error Message
A flaw was found in RESTEasy where the endpoint class and method names are returned as part of the exception response when RESTEasy cannot convert one of the request URI path or query values to the matching JAX-RS resource method's parameter value. The highest threat from this vulnerability is to data confidentiality.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20289.json

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20289.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-20289

reference_id

reference_type

scores

value	0.00084
scoring_system	epss
scoring_elements	0.24458
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-20289

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=1935927

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://bugzilla.redhat.com/show_bug.cgi?id=1935927

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=1941544

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://bugzilla.redhat.com/show_bug.cgi?id=1941544

reference_url

https://issues.redhat.com/browse/RESTEASY-2843

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://issues.redhat.com/browse/RESTEASY-2843

reference_url

https://security.netapp.com/advisory/ntap-20210528-0008

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20210528-0008

reference_url

https://www.oracle.com/security-alerts/cpuapr2022.html

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpuapr2022.html

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2021-20289

reference_id

CVE-2021-20289

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2021-20289

reference_url	https://access.redhat.com/errata/RHSA-2021:3700
reference_id	RHSA-2021:3700
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:3700

reference_url	https://access.redhat.com/errata/RHSA-2021:3880
reference_id	RHSA-2021:3880
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:3880

reference_url	https://access.redhat.com/errata/RHSA-2021:4100
reference_id	RHSA-2021:4100
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4100

reference_url	https://access.redhat.com/errata/RHSA-2021:4676
reference_id	RHSA-2021:4676
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4676

reference_url	https://access.redhat.com/errata/RHSA-2021:4677
reference_id	RHSA-2021:4677
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4677

reference_url	https://access.redhat.com/errata/RHSA-2021:4679
reference_id	RHSA-2021:4679
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4679

reference_url	https://access.redhat.com/errata/RHSA-2021:4767
reference_id	RHSA-2021:4767
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4767

reference_url	https://access.redhat.com/errata/RHSA-2021:5149
reference_id	RHSA-2021:5149
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5149

reference_url	https://access.redhat.com/errata/RHSA-2021:5150
reference_id	RHSA-2021:5150
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5150

reference_url	https://access.redhat.com/errata/RHSA-2021:5151
reference_id	RHSA-2021:5151
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5151

reference_url	https://access.redhat.com/errata/RHSA-2021:5154
reference_id	RHSA-2021:5154
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5154

reference_url	https://access.redhat.com/errata/RHSA-2021:5170
reference_id	RHSA-2021:5170
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5170

reference_url	https://access.redhat.com/errata/RHSA-2022:0146
reference_id	RHSA-2022:0146
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0146

reference_url	https://access.redhat.com/errata/RHSA-2022:0151
reference_id	RHSA-2022:0151
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0151

reference_url	https://access.redhat.com/errata/RHSA-2022:0152
reference_id	RHSA-2022:0152
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0152

reference_url	https://access.redhat.com/errata/RHSA-2022:0155
reference_id	RHSA-2022:0155
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0155

reference_url	https://access.redhat.com/errata/RHSA-2022:0164
reference_id	RHSA-2022:0164
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0164

reference_url	https://access.redhat.com/errata/RHSA-2022:1179
reference_id	RHSA-2022:1179
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1179

reference_url	https://access.redhat.com/errata/RHSA-2022:6407
reference_id	RHSA-2022:6407
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:6407

fixed_packages

url pkg:maven/org.jboss.resteasy/resteasy-jaxrs@3.11.5.Final

purl pkg:maven/org.jboss.resteasy/resteasy-jaxrs@3.11.5.Final

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-fz1g-gucy-guhv

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jboss.resteasy/resteasy-jaxrs@3.11.5.Final

url	pkg:maven/org.jboss.resteasy/resteasy-jaxrs@3.15.2.Final
purl	pkg:maven/org.jboss.resteasy/resteasy-jaxrs@3.15.2.Final
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.jboss.resteasy/resteasy-jaxrs@3.15.2.Final

url	pkg:maven/org.jboss.resteasy/resteasy-jaxrs@4.5.10.Final
purl	pkg:maven/org.jboss.resteasy/resteasy-jaxrs@4.5.10.Final
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.jboss.resteasy/resteasy-jaxrs@4.5.10.Final

url	pkg:maven/org.jboss.resteasy/resteasy-jaxrs@4.7.0.Final
purl	pkg:maven/org.jboss.resteasy/resteasy-jaxrs@4.7.0.Final
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.jboss.resteasy/resteasy-jaxrs@4.7.0.Final

aliases CVE-2021-20289, GHSA-244r-fcj3-ghjq

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-df6d-zkkc-nug5

url VCID-fz1g-gucy-guhv

vulnerability_id VCID-fz1g-gucy-guhv

summary

Information Exposure Through an Error Message
A flaw was found in RESTEasy client. It may allow client users to obtain the server's potentially sensitive information when the server got `WebApplicationException` from the RESTEasy client call. The highest threat from this vulnerability is to data confidentiality.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25633.json

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25633.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-25633

reference_id

reference_type

scores

value	0.00193
scoring_system	epss
scoring_elements	0.41095
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-25633

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-25633

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-25633

reference_url

https://github.com/resteasy/Resteasy/pull/2665/commits/13c808b5967242eec1e877edbc0014a84dcd6eb0

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/resteasy/Resteasy/pull/2665/commits/13c808b5967242eec1e877edbc0014a84dcd6eb0

reference_url

https://issues.redhat.com/browse/RESTEASY-2820

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://issues.redhat.com/browse/RESTEASY-2820

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014983
reference_id	1014983
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014983

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1879042
reference_id	1879042
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1879042

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=970585
reference_id	970585
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=970585

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2020-25633

reference_id

CVE-2020-25633

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2020-25633

reference_url	https://github.com/advisories/GHSA-hr32-mgpm-qf2f
reference_id	GHSA-hr32-mgpm-qf2f
reference_type
scores
url	https://github.com/advisories/GHSA-hr32-mgpm-qf2f

reference_url	https://access.redhat.com/errata/RHSA-2021:0246
reference_id	RHSA-2021:0246
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0246

reference_url	https://access.redhat.com/errata/RHSA-2021:0247
reference_id	RHSA-2021:0247
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0247

reference_url	https://access.redhat.com/errata/RHSA-2021:0248
reference_id	RHSA-2021:0248
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0248

reference_url	https://access.redhat.com/errata/RHSA-2021:0250
reference_id	RHSA-2021:0250
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0250

reference_url	https://access.redhat.com/errata/RHSA-2021:0295
reference_id	RHSA-2021:0295
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0295

reference_url	https://access.redhat.com/errata/RHSA-2021:0327
reference_id	RHSA-2021:0327
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0327

reference_url	https://access.redhat.com/errata/RHSA-2021:1004
reference_id	RHSA-2021:1004
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:1004

reference_url	https://access.redhat.com/errata/RHSA-2021:1313
reference_id	RHSA-2021:1313
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:1313

reference_url	https://access.redhat.com/errata/RHSA-2021:2858
reference_id	RHSA-2021:2858
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:2858

reference_url	https://access.redhat.com/errata/RHSA-2021:3140
reference_id	RHSA-2021:3140
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:3140

fixed_packages

url	pkg:maven/org.jboss.resteasy/resteasy-jaxrs@3.14.0.Final
purl	pkg:maven/org.jboss.resteasy/resteasy-jaxrs@3.14.0.Final
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.jboss.resteasy/resteasy-jaxrs@3.14.0.Final

aliases CVE-2020-25633, GHSA-hr32-mgpm-qf2f

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fz1g-gucy-guhv

url VCID-gxga-8ssu-aqbq

vulnerability_id VCID-gxga-8ssu-aqbq

summary

Cross-site Scripting
Cross-site scripting (XSS) vulnerability in the default exception handler in RESTEasy allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6347.json

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6347.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-6347

reference_id

reference_type

scores

value	0.00093
scoring_system	epss
scoring_elements	0.26066
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-6347

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=1372124

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://bugzilla.redhat.com/show_bug.cgi?id=1372124

reference_url

http://www.securityfocus.com/bid/92759

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.securityfocus.com/bid/92759

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=837170
reference_id	837170
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=837170

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-6347

reference_id

CVE-2016-6347

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2016-6347

fixed_packages

url pkg:maven/org.jboss.resteasy/resteasy-jaxrs@3.1.0.Final

purl pkg:maven/org.jboss.resteasy/resteasy-jaxrs@3.1.0.Final

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-df6d-zkkc-nug5

vulnerability	VCID-fz1g-gucy-guhv

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jboss.resteasy/resteasy-jaxrs@3.1.0.Final

aliases CVE-2016-6347, GHSA-r346-rmrg-qpgh

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gxga-8ssu-aqbq

url VCID-rq78-91tu-j7cc

vulnerability_id VCID-rq78-91tu-j7cc

summary

Information Exposure
RESTEasy allows remote attackers to read arbitrary files via an external entity reference in a DOM document, aka an XML external entity (XXE) injection attack.

references

reference_url

http://rhn.redhat.com/errata/RHSA-2012-0441.html

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://rhn.redhat.com/errata/RHSA-2012-0441.html

reference_url

http://rhn.redhat.com/errata/RHSA-2012-0519.html

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://rhn.redhat.com/errata/RHSA-2012-0519.html

reference_url

http://rhn.redhat.com/errata/RHSA-2012-1056.html

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://rhn.redhat.com/errata/RHSA-2012-1056.html

reference_url

http://rhn.redhat.com/errata/RHSA-2012-1057.html

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://rhn.redhat.com/errata/RHSA-2012-1057.html

reference_url

http://rhn.redhat.com/errata/RHSA-2012-1058.html

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://rhn.redhat.com/errata/RHSA-2012-1058.html

reference_url

http://rhn.redhat.com/errata/RHSA-2012-1059.html

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://rhn.redhat.com/errata/RHSA-2012-1059.html

reference_url

http://rhn.redhat.com/errata/RHSA-2012-1125.html

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://rhn.redhat.com/errata/RHSA-2012-1125.html

reference_url

http://rhn.redhat.com/errata/RHSA-2014-0371.html

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://rhn.redhat.com/errata/RHSA-2014-0371.html

reference_url

http://rhn.redhat.com/errata/RHSA-2014-0372.html

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://rhn.redhat.com/errata/RHSA-2014-0372.html

reference_url

https://access.redhat.com/errata/RHSA-2012:0421

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2012:0421

reference_url

https://access.redhat.com/errata/RHSA-2012:0441

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2012:0441

reference_url

https://access.redhat.com/errata/RHSA-2012:0519

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2012:0519

reference_url

https://access.redhat.com/errata/RHSA-2012:1056

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2012:1056

reference_url

https://access.redhat.com/errata/RHSA-2012:1057

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2012:1057

reference_url

https://access.redhat.com/errata/RHSA-2012:1058

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2012:1058

reference_url

https://access.redhat.com/errata/RHSA-2012:1059

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2012:1059

reference_url

https://access.redhat.com/errata/RHSA-2012:1125

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2012:1125

reference_url

https://access.redhat.com/errata/RHSA-2013:1263

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2013:1263

reference_url

https://access.redhat.com/errata/RHSA-2014:0371

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2014:0371

reference_url

https://access.redhat.com/errata/RHSA-2014:0372

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2014:0372

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0818.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0818.json

reference_url

https://access.redhat.com/security/cve/CVE-2012-0818

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/security/cve/CVE-2012-0818

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2012-0818

reference_id

reference_type

scores

value	0.01376
scoring_system	epss
scoring_elements	0.80588
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2012-0818

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=785631

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://bugzilla.redhat.com/show_bug.cgi?id=785631

reference_url

https://exchange.xforce.ibmcloud.com/vulnerabilities/72808

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://exchange.xforce.ibmcloud.com/vulnerabilities/72808

reference_url

https://github.com/resteasy/Resteasy

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/resteasy/Resteasy

reference_url

https://github.com/resteasy/resteasy/commit/71ace879cf92d323bfa4d3e88db0c3059109bbf6

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/resteasy/resteasy/commit/71ace879cf92d323bfa4d3e88db0c3059109bbf6

reference_url

https://issues.jboss.org/browse/RESTEASY-637

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://issues.jboss.org/browse/RESTEASY-637

reference_url	https://issues.jboss.org/browse/RESTEASY-647
reference_id
reference_type
scores
url	https://issues.jboss.org/browse/RESTEASY-647

reference_url	https://issues.jboss.org/browse/RESTEASY-659
reference_id
reference_type
scores
url	https://issues.jboss.org/browse/RESTEASY-659

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2012-0818

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2012-0818

reference_url

https://web.archive.org/web/20200229044434/http://www.securityfocus.com/bid/51748

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://web.archive.org/web/20200229044434/http://www.securityfocus.com/bid/51748

reference_url

https://web.archive.org/web/20200229045254/https://www.securityfocus.com/bid/51766

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://web.archive.org/web/20200229045254/https://www.securityfocus.com/bid/51766

fixed_packages

url pkg:maven/org.jboss.resteasy/resteasy-jaxrs@2.3.1.GA

purl pkg:maven/org.jboss.resteasy/resteasy-jaxrs@2.3.1.GA

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-df6d-zkkc-nug5

vulnerability	VCID-fz1g-gucy-guhv

vulnerability	VCID-gxga-8ssu-aqbq

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jboss.resteasy/resteasy-jaxrs@2.3.1.GA

url	pkg:maven/org.jboss.resteasy/resteasy-jaxrs@2.3.1
purl	pkg:maven/org.jboss.resteasy/resteasy-jaxrs@2.3.1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.jboss.resteasy/resteasy-jaxrs@2.3.1

aliases CVE-2012-0818, GHSA-wrrh-g7h3-gqmx

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rq78-91tu-j7cc

Fixing_vulnerabilities

url VCID-pj5d-vfar-q7ac

vulnerability_id VCID-pj5d-vfar-q7ac

summary

Uncontrolled Resource Consumption
RESTEasy enables `GZIPInterceptor`, which allows remote attackers to cause a denial of service via unspecified vectors.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6346.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6346.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-6346

reference_id

reference_type

scores

value	0.01184
scoring_system	epss
scoring_elements	0.79116
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-6346

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=1372120

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://bugzilla.redhat.com/show_bug.cgi?id=1372120

reference_url

https://github.com/resteasy/Resteasy

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/resteasy/Resteasy

reference_url

https://github.com/resteasy/resteasy/pull/1303

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/resteasy/resteasy/pull/1303

reference_url

https://issues.jboss.org/browse/JBEAP-11180

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://issues.jboss.org/browse/JBEAP-11180

reference_url

http://www.securityfocus.com/bid/92744

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://www.securityfocus.com/bid/92744

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=837170
reference_id	837170
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=837170

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-6346

reference_id

CVE-2016-6346

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2016-6346

reference_url	https://access.redhat.com/errata/RHSA-2017:0517
reference_id	RHSA-2017:0517
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:0517

reference_url	https://access.redhat.com/errata/RHSA-2017:0826
reference_id	RHSA-2017:0826
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:0826

reference_url	https://access.redhat.com/errata/RHSA-2017:0827
reference_id	RHSA-2017:0827
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:0827

reference_url	https://access.redhat.com/errata/RHSA-2017:0828
reference_id	RHSA-2017:0828
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:0828

reference_url	https://access.redhat.com/errata/RHSA-2017:0829
reference_id	RHSA-2017:0829
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:0829

fixed_packages

url pkg:maven/org.jboss.resteasy/resteasy-jaxrs@1.2.1.GA

purl pkg:maven/org.jboss.resteasy/resteasy-jaxrs@1.2.1.GA

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-df6d-zkkc-nug5

vulnerability	VCID-fz1g-gucy-guhv

vulnerability	VCID-gxga-8ssu-aqbq

vulnerability	VCID-rq78-91tu-j7cc

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jboss.resteasy/resteasy-jaxrs@1.2.1.GA

url pkg:maven/org.jboss.resteasy/resteasy-jaxrs@3.0.20.Final

purl pkg:maven/org.jboss.resteasy/resteasy-jaxrs@3.0.20.Final

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-df6d-zkkc-nug5

vulnerability	VCID-fz1g-gucy-guhv

vulnerability	VCID-gxga-8ssu-aqbq

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jboss.resteasy/resteasy-jaxrs@3.0.20.Final

aliases CVE-2016-6346, GHSA-wxvr-vqfp-9cqw

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pj5d-vfar-q7ac

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jboss.resteasy/resteasy-jaxrs@1.2.1.GA

Package Instance