VulnerableCode Package Details - pkg:rpm/redhat/resteasy@1.2.1-10.CP02

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:rpm/redhat/resteasy@1.2.1-10.CP02_patch01.1.ep5?arch=el4

purl	pkg:rpm/redhat/resteasy@1.2.1-10.CP02_patch01.1.ep5?arch=el4

Next non-vulnerable version	None.
Latest non-vulnerable version	None.
Risk	3.1

Vulnerabilities affecting this package (2)

Vulnerability	Summary	Fixed by
VCID-hqb2-4hwy-mkg6 Aliases: CVE-2012-0818 GHSA-wrrh-g7h3-gqmx	Information Exposure RESTEasy allows remote attackers to read arbitrary files via an external entity reference in a DOM document, aka an XML external entity (XXE) injection attack.	There are no reported fixed by versions.
VCID-q1bb-9urq-77gy Aliases: CVE-2011-5245 GHSA-g4jg-gpwv-p7wv	Exposure of Sensitive Information to an Unauthorized Actor in RESTEasy The readFrom function in providers.jaxb.JAXBXmlTypeProvider in RESTEasy before 2.3.2 allows remote attackers to read arbitrary files via an external entity reference in a Java Architecture for XML Binding (JAXB) input, aka an XML external entity (XXE) injection attack, a similar vulnerability to CVE-2012-0818.	There are no reported fixed by versions.

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-01T14:56:07.484666+00:00	RedHat Importer	Affected by	VCID-hqb2-4hwy-mkg6	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0818.json	38.0.0
2026-04-01T14:56:07.380063+00:00	RedHat Importer	Affected by	VCID-q1bb-9urq-77gy	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-5245.json	38.0.0