Search for packages
| purl | pkg:maven/org.jboss.resteasy/resteasy-jaxb-provider@2.2.2.GA |
| Next non-vulnerable version | 3.0.9.Final |
| Latest non-vulnerable version | 3.0.9.Final |
| Risk | 3.1 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-q1bb-9urq-77gy
Aliases: CVE-2011-5245 GHSA-g4jg-gpwv-p7wv |
Exposure of Sensitive Information to an Unauthorized Actor in RESTEasy The readFrom function in providers.jaxb.JAXBXmlTypeProvider in RESTEasy before 2.3.2 allows remote attackers to read arbitrary files via an external entity reference in a Java Architecture for XML Binding (JAXB) input, aka an XML external entity (XXE) injection attack, a similar vulnerability to CVE-2012-0818. |
Affected by 0 other vulnerabilities. Affected by 1 other vulnerability. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-16T21:53:44.786067+00:00 | GitLab Importer | Affected by | VCID-q1bb-9urq-77gy | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.jboss.resteasy/resteasy-jaxb-provider/CVE-2011-5245.yml | 38.4.0 |
| 2026-04-11T23:09:09.854835+00:00 | GitLab Importer | Affected by | VCID-q1bb-9urq-77gy | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.jboss.resteasy/resteasy-jaxb-provider/CVE-2011-5245.yml | 38.3.0 |
| 2026-04-02T23:17:52.869223+00:00 | GitLab Importer | Affected by | VCID-q1bb-9urq-77gy | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.jboss.resteasy/resteasy-jaxb-provider/CVE-2011-5245.yml | 38.1.0 |
| 2026-04-01T17:38:07.562070+00:00 | GitLab Importer | Affected by | VCID-q1bb-9urq-77gy | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.jboss.resteasy/resteasy-jaxb-provider/CVE-2011-5245.yml | 38.0.0 |