Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:maven/org.jboss.resteasy/resteasy-client-microprofile@3.9.3.SP1

Type maven

Namespace org.jboss.resteasy

Name resteasy-client-microprofile

Version 3.9.3.SP1

Qualifiers

Subpath

Is_vulnerable true

Next_non_vulnerable_version 4.5.7.Final

Latest_non_vulnerable_version 4.5.7.Final

Affected_by_vulnerabilities

url VCID-kzsn-ccve-m7df

vulnerability_id VCID-kzsn-ccve-m7df

summary A flaw was found in RESTEasy client in all versions of RESTEasy up to 4.5.6.Final. It may allow client users to obtain the server's potentially sensitive information when the server got WebApplicationException from the RESTEasy client call. The highest threat from this vulnerability is to data confidentiality.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25633.json

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25633.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-25633

reference_id

reference_type

scores

value	0.00193
scoring_system	epss
scoring_elements	0.4118
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-25633

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-25633

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-25633

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25633
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25633

reference_url

https://github.com/resteasy/Resteasy/pull/2665/commits/13c808b5967242eec1e877edbc0014a84dcd6eb0

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/resteasy/Resteasy/pull/2665/commits/13c808b5967242eec1e877edbc0014a84dcd6eb0

reference_url

https://issues.redhat.com/browse/RESTEASY-2820

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://issues.redhat.com/browse/RESTEASY-2820

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2020-25633

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2020-25633

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014983
reference_id	1014983
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014983

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1879042
reference_id	1879042
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1879042

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=970585
reference_id	970585
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=970585

reference_url	https://github.com/advisories/GHSA-hr32-mgpm-qf2f
reference_id	GHSA-hr32-mgpm-qf2f
reference_type
scores
url	https://github.com/advisories/GHSA-hr32-mgpm-qf2f

reference_url	https://access.redhat.com/errata/RHSA-2021:0246
reference_id	RHSA-2021:0246
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0246

reference_url	https://access.redhat.com/errata/RHSA-2021:0247
reference_id	RHSA-2021:0247
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0247

reference_url	https://access.redhat.com/errata/RHSA-2021:0248
reference_id	RHSA-2021:0248
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0248

reference_url	https://access.redhat.com/errata/RHSA-2021:0250
reference_id	RHSA-2021:0250
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0250

reference_url	https://access.redhat.com/errata/RHSA-2021:0295
reference_id	RHSA-2021:0295
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0295

reference_url	https://access.redhat.com/errata/RHSA-2021:0327
reference_id	RHSA-2021:0327
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0327

reference_url	https://access.redhat.com/errata/RHSA-2021:1004
reference_id	RHSA-2021:1004
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:1004

reference_url	https://access.redhat.com/errata/RHSA-2021:1313
reference_id	RHSA-2021:1313
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:1313

reference_url	https://access.redhat.com/errata/RHSA-2021:2858
reference_id	RHSA-2021:2858
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:2858

reference_url	https://access.redhat.com/errata/RHSA-2021:3140
reference_id	RHSA-2021:3140
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:3140

reference_url	https://usn.ubuntu.com/7351-1/
reference_id	USN-7351-1
reference_type
scores
url	https://usn.ubuntu.com/7351-1/

reference_url	https://usn.ubuntu.com/7630-1/
reference_id	USN-7630-1
reference_type
scores
url	https://usn.ubuntu.com/7630-1/

fixed_packages

url pkg:maven/org.jboss.resteasy/resteasy-client-microprofile@3.14.0.Final

purl pkg:maven/org.jboss.resteasy/resteasy-client-microprofile@3.14.0.Final

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-kzsn-ccve-m7df

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jboss.resteasy/resteasy-client-microprofile@3.14.0.Final

url	pkg:maven/org.jboss.resteasy/resteasy-client-microprofile@4.5.7.Final
purl	pkg:maven/org.jboss.resteasy/resteasy-client-microprofile@4.5.7.Final
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.jboss.resteasy/resteasy-client-microprofile@4.5.7.Final

aliases CVE-2020-25633, GHSA-hr32-mgpm-qf2f

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kzsn-ccve-m7df

Fixing_vulnerabilities

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jboss.resteasy/resteasy-client-microprofile@3.9.3.SP1

Package Instance