Package "resteasy3.0"
Name: |
resteasy3.0
|
Description: |
This package is just an umbrella for a group of other packages,
it has no description. Description samples from packages in group:
- RESTEasy 3.0 -- Framework for RESTful Web services and Java applications
|
Latest version: |
3.0.26-6ubuntu0.24.04.1 |
Release: |
noble (24.04) |
Level: |
security |
Repository: |
universe |
Links
Other versions of "resteasy3.0" in Noble
Packages in group
Deleted packages are displayed in grey.
Changelog
resteasy3.0 (3.0.26-6ubuntu0.24.04.1) noble-security; urgency=medium
* SECURITY UPDATE: Several vulnerabilities and information disclosures
- CVE-2021-20289.patch: Endpoint information unexpectedly disclosed
- CVE-2023-0482.patch: Temporary files created with insecure permissions
- CVE-2024-9622.patch: Denial of service through failed http decoder state
- switch-to-java-8.patch: Allows using newer languages futures in patches
- pre-CVE-2020-25633.patch: Ajustments to CVE-2020-25633 backport
- CVE-2020-25633.patch: Server information disclosure during exception
-- Noam Nedelec-Salmon <email address hidden> Mon, 07 Jul 2025 13:24:41 +0200
|
CVE-2021-20289 |
A flaw was found in RESTEasy in all versions of RESTEasy up to 4.6.0.Final. The endpoint class and method names are returned as part of the exception |
CVE-2023-0482 |
In RESTEasy the insecure File.createTempFile() is used in the DataSourceProvider, FileProvider and Mime4JWorkaround classes which creates temp files |
CVE-2024-9622 |
A vulnerability was found in the resteasy-netty4 library arising from improper handling of HTTP requests using smuggling techniques. When an HTTP smu |
CVE-2020-25633 |
A flaw was found in RESTEasy client in all versions of RESTEasy up to 4.5.6.Final. It may allow client users to obtain the server's potentially sensi |
|
About
-
Send Feedback to @ubuntu_updates