Search for packages
| purl | pkg:maven/org.jboss.resteasy/resteasy-bom@4.6.1.Alpha1 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
| This package is not known to be affected by vulnerabilities. | ||
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-dww4-f31f-h7az | A reflected Cross-Site Scripting (XSS) flaw was found in RESTEasy in all versions of RESTEasy up to 4.6.0.Final, where it did not properly handle URL encoding when calling @javax.ws.rs.PathParam without any @Produces MediaType. This flaw allows an attacker to launch a reflected XSS attack. The highest threat from this vulnerability is to data confidentiality and integrity. |
CVE-2021-20293
GHSA-5h26-c766-g93v |
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-16T21:26:13.619913+00:00 | GitLab Importer | Fixing | VCID-dww4-f31f-h7az | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.jboss.resteasy/resteasy-bom/CVE-2021-20293.yml | 38.4.0 |
| 2026-04-11T22:39:05.772072+00:00 | GitLab Importer | Fixing | VCID-dww4-f31f-h7az | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.jboss.resteasy/resteasy-bom/CVE-2021-20293.yml | 38.3.0 |
| 2026-04-02T22:49:42.254074+00:00 | GitLab Importer | Fixing | VCID-dww4-f31f-h7az | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.jboss.resteasy/resteasy-bom/CVE-2021-20293.yml | 38.1.0 |
| 2026-04-01T17:07:37.765959+00:00 | GitLab Importer | Fixing | VCID-dww4-f31f-h7az | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.jboss.resteasy/resteasy-bom/CVE-2021-20293.yml | 38.0.0 |