VulnerableCode Package Details - pkg:deb/debian/resteasy3.0@3.0.26-1?distro=trixie

Search for packages

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerability

Summary

Fixed by

This package is not known to be affected by vulnerabilities.

Vulnerability	Summary	Aliases
VCID-17rd-f1mq-kfgr	Exposure of Sensitive Information to an Unauthorized Actor RESTEasy allows remote authenticated users to obtain sensitive information by leveraging "insufficient use of random values" in async jobs.	CVE-2016-6345 GHSA-vxhj-3x7p-jxp5
VCID-6qhb-4jya-hffz	Inconsistent Interpretation of HTTP Requests in Red Hat JBoss EAP Red Hat JBoss EAP version 3.0.7.Final until 3.0.25.Final, 3.5.0.CR1, and 4.0.0.Beta1 is vulnerable to a server-side cache poisoning or CORS requests in the JAX-RS component resulting in a moderate impact.	CVE-2017-7561 GHSA-57q5-x8jf-g7h8
VCID-7uh1-a5ng-rqch	JacksonJsonpInterceptor susceptible to cross-site script inclusion (XSSI) attack JacksonJsonpInterceptor in RESTEasy might allow remote attackers to conduct a cross-site script inclusion (XSSI) attack.	CVE-2016-6348 GHSA-9xfc-j5mf-9w5p
VCID-jms5-sctw-mkc5	Cross-site Scripting Cross-site scripting (XSS) vulnerability in the default exception handler in RESTEasy allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.	CVE-2016-6347 GHSA-r346-rmrg-qpgh
VCID-p3uc-ee2b-fff5	Improper Input Validation JBoss RESTEasy before version 3.1.2 could be forced into parsing a request with YamlProvider, resulting in unmarshalling of potentially untrusted data which could allow an attacker to execute arbitrary code with RESTEasy application permissions.	CVE-2016-9606 GHSA-hgjr-xwj3-jfvw
VCID-wbgc-tuj3-47by	Uncontrolled Resource Consumption RESTEasy enables `GZIPInterceptor`, which allows remote attackers to cause a denial of service via unspecified vectors.	CVE-2016-6346 GHSA-wxvr-vqfp-9cqw

Vulnerability

Summary

Aliases

VCID-17rd-f1mq-kfgr

Exposure of Sensitive Information to an Unauthorized Actor RESTEasy allows remote authenticated users to obtain sensitive information by leveraging "insufficient use of random values" in async jobs.

CVE-2016-6345
GHSA-vxhj-3x7p-jxp5

VCID-6qhb-4jya-hffz

Inconsistent Interpretation of HTTP Requests in Red Hat JBoss EAP Red Hat JBoss EAP version 3.0.7.Final until 3.0.25.Final, 3.5.0.CR1, and 4.0.0.Beta1 is vulnerable to a server-side cache poisoning or CORS requests in the JAX-RS component resulting in a moderate impact.

CVE-2017-7561
GHSA-57q5-x8jf-g7h8

VCID-7uh1-a5ng-rqch

JacksonJsonpInterceptor susceptible to cross-site script inclusion (XSSI) attack JacksonJsonpInterceptor in RESTEasy might allow remote attackers to conduct a cross-site script inclusion (XSSI) attack.

CVE-2016-6348
GHSA-9xfc-j5mf-9w5p

VCID-jms5-sctw-mkc5

Cross-site Scripting Cross-site scripting (XSS) vulnerability in the default exception handler in RESTEasy allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

CVE-2016-6347
GHSA-r346-rmrg-qpgh

VCID-p3uc-ee2b-fff5

Improper Input Validation JBoss RESTEasy before version 3.1.2 could be forced into parsing a request with YamlProvider, resulting in unmarshalling of potentially untrusted data which could allow an attacker to execute arbitrary code with RESTEasy application permissions.

CVE-2016-9606
GHSA-hgjr-xwj3-jfvw

VCID-wbgc-tuj3-47by

Uncontrolled Resource Consumption RESTEasy enables `GZIPInterceptor`, which allows remote attackers to cause a denial of service via unspecified vectors.

CVE-2016-6346
GHSA-wxvr-vqfp-9cqw

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T13:31:23.414825+00:00	Debian Importer	Fixing	VCID-17rd-f1mq-kfgr	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T13:18:03.480271+00:00	Debian Importer	Fixing	VCID-p3uc-ee2b-fff5	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T12:15:37.952255+00:00	Debian Importer	Fixing	VCID-jms5-sctw-mkc5	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T09:09:56.499341+00:00	Debian Importer	Fixing	VCID-6qhb-4jya-hffz	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T09:01:26.954125+00:00	Debian Importer	Fixing	VCID-wbgc-tuj3-47by	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T08:37:44.103534+00:00	Debian Importer	Fixing	VCID-7uh1-a5ng-rqch	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-13T09:20:01.674506+00:00	Debian Importer	Fixing	VCID-17rd-f1mq-kfgr	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T09:09:44.030864+00:00	Debian Importer	Fixing	VCID-p3uc-ee2b-fff5	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T08:23:07.575075+00:00	Debian Importer	Fixing	VCID-jms5-sctw-mkc5	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-11T18:08:09.105972+00:00	Debian Importer	Fixing	VCID-6qhb-4jya-hffz	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-11T18:03:02.118787+00:00	Debian Importer	Fixing	VCID-wbgc-tuj3-47by	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-11T17:48:11.778485+00:00	Debian Importer	Fixing	VCID-7uh1-a5ng-rqch	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-03T07:52:02.518691+00:00	Debian Importer	Fixing	VCID-6qhb-4jya-hffz	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:52:02.487607+00:00	Debian Importer	Fixing	VCID-p3uc-ee2b-fff5	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:52:02.432717+00:00	Debian Importer	Fixing	VCID-7uh1-a5ng-rqch	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:52:02.405335+00:00	Debian Importer	Fixing	VCID-jms5-sctw-mkc5	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:52:02.378116+00:00	Debian Importer	Fixing	VCID-wbgc-tuj3-47by	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:52:02.350204+00:00	Debian Importer	Fixing	VCID-17rd-f1mq-kfgr	https://security-tracker.debian.org/tracker/data/json	38.1.0