| Summary: | resteasy new security issue CVE-2020-25633 | ||
|---|---|---|---|
| Product: | Mageia | Reporter: | David Walser <luigiwalser> |
| Component: | Security | Assignee: | Java Stack Maintainers <java> |
| Status: | NEW --- | QA Contact: | Sec team <security> |
| Severity: | major | ||
| Priority: | Normal | CC: | geiger.david68210, zombie_ryushu |
| Version: | Cauldron | ||
| Target Milestone: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | MGA9TOO | ||
| Source RPM: | resteasy-3.0.26-1.mga8.src.rpm | CVE: | CVE-2020-25633 |
| Status comment: | No fix available as of end of 2020 | ||
| Bug Depends on: | 27794 | ||
| Bug Blocks: | 24817 | ||
|
Description
David Walser
2020-12-05 14:37:23 CET
David Walser
2020-12-05 14:37:52 CET
CC:
(none) =>
zombie_ryushu
David Walser
2020-12-05 14:38:05 CET
Blocks:
24817 =>
(none)
David Walser
2020-12-05 14:38:20 CET
Blocks:
(none) =>
24817
David Walser
2020-12-09 23:55:52 CET
Depends on:
(none) =>
27794
David Walser
2020-12-27 22:32:47 CET
Status comment:
(none) =>
No fix available as of end of 2020
David Walser
2020-12-28 17:10:13 CET
Whiteboard:
MGA7TOO =>
MGA8TOO, MGA7TOO A flaw was found in RESTEasy client in all versions of RESTEasy up to 4.5.6.Final. It may allow client users to obtain the server's potentially sensitive information when the server got WebApplicationException from the RESTEasy client call. The highest threat from this vulnerability is to data confidentiality. CVE:
(none) =>
CVE-2020-25633 Removing Mageia 7 from whiteboard due to EOL: https://blog.mageia.org/en/2021/06/08/mageia-7-will-reach-end-of-support-on-30th-of-june-the-king-is-dead-long-live-the-king/ Whiteboard:
MGA8TOO, MGA7TOO =>
MGA8TOO Removing Mageia 8 from whiteboard due to EOL. Whiteboard:
MGA8TOO =>
MGA9TOO |