VulnerableCode Package Details - pkg:maven/org.jboss.resteasy/resteasy-bom@4.5.6.Final

Search for packages

Vulnerability	Summary	Fixed by
VCID-dww4-f31f-h7az Aliases: CVE-2021-20293 GHSA-5h26-c766-g93v	A reflected Cross-Site Scripting (XSS) flaw was found in RESTEasy in all versions of RESTEasy up to 4.6.0.Final, where it did not properly handle URL encoding when calling @javax.ws.rs.PathParam without any @Produces MediaType. This flaw allows an attacker to launch a reflected XSS attack. The highest threat from this vulnerability is to data confidentiality and integrity.	4.6.1.Alpha1 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-dww4-f31f-h7az
Aliases:
CVE-2021-20293
GHSA-5h26-c766-g93v

A reflected Cross-Site Scripting (XSS) flaw was found in RESTEasy in all versions of RESTEasy up to 4.6.0.Final, where it did not properly handle URL encoding when calling @javax.ws.rs.PathParam without any @Produces MediaType. This flaw allows an attacker to launch a reflected XSS attack. The highest threat from this vulnerability is to data confidentiality and integrity.

4.6.1.Alpha1
Affected by 0 other vulnerabilities.

Vulnerability	Summary	Aliases
VCID-6265-k551-gyfv	Uncontrolled Resource Consumption A vulnerability was found in RESTEasy, where RootNode incorrectly caches routes. This issue results in hash flooding, leading to slower requests with higher CPU time spent searching and adding the entry. This flaw allows an attacker to cause a denial of service.	CVE-2020-14326 GHSA-37g7-8vjj-pjpj

Vulnerability

Summary

Aliases

VCID-6265-k551-gyfv

Uncontrolled Resource Consumption A vulnerability was found in RESTEasy, where RootNode incorrectly caches routes. This issue results in hash flooding, leading to slower requests with higher CPU time spent searching and adding the entry. This flaw allows an attacker to cause a denial of service.

CVE-2020-14326
GHSA-37g7-8vjj-pjpj

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T21:43:11.558573+00:00	GitLab Importer	Fixing	VCID-6265-k551-gyfv	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.jboss.resteasy/resteasy-bom/CVE-2020-14326.yml	38.4.0
2026-04-16T21:26:13.588457+00:00	GitLab Importer	Affected by	VCID-dww4-f31f-h7az	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.jboss.resteasy/resteasy-bom/CVE-2021-20293.yml	38.4.0
2026-04-11T22:58:46.283996+00:00	GitLab Importer	Fixing	VCID-6265-k551-gyfv	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.jboss.resteasy/resteasy-bom/CVE-2020-14326.yml	38.3.0
2026-04-11T22:39:05.735923+00:00	GitLab Importer	Affected by	VCID-dww4-f31f-h7az	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.jboss.resteasy/resteasy-bom/CVE-2021-20293.yml	38.3.0
2026-04-02T23:07:32.475273+00:00	GitLab Importer	Fixing	VCID-6265-k551-gyfv	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.jboss.resteasy/resteasy-bom/CVE-2020-14326.yml	38.1.0
2026-04-02T22:49:42.221179+00:00	GitLab Importer	Affected by	VCID-dww4-f31f-h7az	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.jboss.resteasy/resteasy-bom/CVE-2021-20293.yml	38.1.0
2026-04-01T17:07:37.719543+00:00	GitLab Importer	Affected by	VCID-dww4-f31f-h7az	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.jboss.resteasy/resteasy-bom/CVE-2021-20293.yml	38.0.0
2026-04-01T16:00:09.167113+00:00	GHSA Importer	Fixing	VCID-6265-k551-gyfv	https://github.com/advisories/GHSA-37g7-8vjj-pjpj	38.0.0
2026-04-01T13:06:50.195300+00:00	GithubOSV Importer	Fixing	VCID-6265-k551-gyfv	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/03/GHSA-37g7-8vjj-pjpj/GHSA-37g7-8vjj-pjpj.json	38.0.0
2026-04-01T12:49:43.545921+00:00	GitLab Importer	Fixing	VCID-6265-k551-gyfv	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.jboss.resteasy/resteasy-bom/CVE-2020-14326.yml	38.0.0