CVE-2020-25633
Description
A flaw was found in RESTEasy client in all versions of RESTEasy up to 4.5.6.Final. It may allow client users to obtain the servers potentially sensitive information when the server got WebApplicationException from the RESTEasy client call. The highest threat from this vulnerability is to data confidentiality.
Risk Information
Base Score
5.3
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
EPSS Score
Exploitation Probability
0.276
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Vulnerabilities CVE-2020-25633 are fixed in JBoss-resteasy-client 4.5.7 | Windows |
| Vulnerabilities CVE-2020-25633 are fixed in JBoss-resteasy-client 3.14.0 | Windows |
| Vulnerabilities CVE-2020-25633 are fixed in JBoss-resteasy-client-microprofile 4.5.7 | Windows |
| Vulnerabilities CVE-2020-25633 are fixed in JBoss-resteasy-client-microprofile 3.14.0 | Windows |
| RESTEasy -- Framework for RESTful Web services and Java applications (USN-7351-1) libresteasy-java_3.6.2-2ubuntu0.24.10.1_all.deb | Linux |
| Vulnerabilities CVE-2020-25633 are fixed in JBoss-resteasy-client for Linux 4.5.7 | Linux |
| Vulnerabilities CVE-2020-25633 are fixed in JBoss-resteasy-client for Linux 3.14.0 | Linux |
| Vulnerabilities CVE-2020-25633 are fixed in JBoss-resteasy-client-microprofile for Linux 4.5.7 | Linux |
| Vulnerabilities CVE-2020-25633 are fixed in JBoss-resteasy-client-microprofile for Linux 3.14.0 | Linux |
| A project that provides various frameworks to help you build RESTful Web Services and RESTful Java applications (USN-7630-1) USN-7630-1 libresteasy-java_3.6.2-3ubuntu0.25.04.1_all.deb | Linux |
| A project that provides various frameworks to help you build RESTful Web Services and RESTful Java applications (USN-7630-1) USN-7630-1 libresteasy3.0-java_3.0.26-3ubuntu0.1_all.deb | Linux |
| A project that provides various frameworks to help you build RESTful Web Services and RESTful Java applications (USN-7630-1) USN-7630-1 libresteasy3.0-java_3.0.26-6ubuntu0.24.04.1_all.deb | Linux |
| A project that provides various frameworks to help you build RESTful Web Services and RESTful Java applications (USN-7630-1) USN-7630-1 libresteasy3.0-java_3.0.26-6ubuntu0.24.10.1_all.deb | Linux |
| A project that provides various frameworks to help you build RESTful Web Services and RESTful Java applications (USN-7630-1) USN-7630-1 libresteasy3.0-java_3.0.26-6ubuntu0.25.04.1_all.deb | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234