CVE-2020-10688 – RESTEasy: RESTEASY003870 exception in RESTEasy can lead to a reflected XSS attack
https://notcve.org/view.php?id=CVE-2020-10688
A cross-site scripting (XSS) flaw was found in RESTEasy in versions before 3.11.1.Final and before 4.5.3.Final, where it did not properly handle URL encoding when the RESTEASY003870 exception occurs. An attacker could use this flaw to launch a reflected XSS attack. Se encontró un fallo de tipo cross-site scripting (XSS) en RESTEasy en versiones anteriores a 3.11.1.Final y anteriores a 4.5.3.Final, donde no manejaba apropiadamente la codificación de URL cuando ocurre la excepción RESTEASY003870. Un atacante podría usar este fallo para lanzar un ataque XSS reflejado A cross-site scripting (XSS) flaw was found in RESTEasy, where it did not properly handle URL encoding when the RESTEASY003870 exception occurs. An attacker could use this flaw to launch a reflected XSS attack. • https://bugzilla.redhat.com/show_bug.cgi?id=1814974 https://github.com/quarkusio/quarkus/issues/7248 https://issues.redhat.com/browse/RESTEASY-2519 https://security.netapp.com/advisory/ntap-20210706-0008 https://access.redhat.com/security/cve/CVE-2020-10688 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2020-1695 – resteasy: Improper validation of response header in MediaTypeHeaderDelegate.java class
https://notcve.org/view.php?id=CVE-2020-1695
A flaw was found in all resteasy 3.x.x versions prior to 3.12.0.Final and all resteasy 4.x.x versions prior to 4.6.0.Final, where an improper input validation results in returning an illegal header that integrates into the server's response. This flaw may result in an injection, which leads to unexpected behavior when the HTTP response is constructed. Se detectó un fallo en todas las versiones de resteasy 3.xx anteriores a 3.12.0.Final y en todas las versiones de resteasy 4.xx anteriores a 4.6.0.Final, donde una comprobación de entrada inapropiada resulta en la devolución de un encabezado ilegal que se integra en la respuesta del servidor. Este fallo puede resultar en una inyección, lo que conlleva a un comportamiento inesperado cuando es construida la respuesta HTTP. A flaw was found in Resteasy, where an improper input validation results in returning an illegal header that integrates into the server's response. • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1695 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IJDMT443YZWCBS5NS76XZ7TL3GK7BXHL https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RX22C6I56BJUER76IIPYHGZIWBQIU3CQ https://access.redhat.com/security/cve/CVE-2020-1695 https://bugzilla.redhat.com/show_bug.cgi?id=1730462 • CWE-20: Improper Input Validation •
CVE-2018-1051
https://notcve.org/view.php?id=CVE-2018-1051
It was found that the fix for CVE-2016-9606 in versions 3.0.22 and 3.1.2 was incomplete and Yaml unmarshalling in Resteasy is still possible via `Yaml.load()` in YamlProvider. Se descubrió que la solución para CVE-2016-9606 en las versiones 3.0.22 y 3.1.2 era incompleta y sigue siendo posible deserializar Yaml en Resteasy mediante la función Yaml.load() en YamlProvider. • https://bugzilla.redhat.com/show_bug.cgi?id=1535411 • CWE-20: Improper Input Validation CWE-502: Deserialization of Untrusted Data •
CVE-2016-9606 – Resteasy: Yaml unmarshalling vulnerable to RCE
https://notcve.org/view.php?id=CVE-2016-9606
JBoss RESTEasy before version 3.1.2 could be forced into parsing a request with YamlProvider, resulting in unmarshalling of potentially untrusted data which could allow an attacker to execute arbitrary code with RESTEasy application permissions. JBoss RESTEasy, en versiones anteriores a la 3.1.2, podría ser forzado a analizar una petición con YamlProvider, lo que resulta en la deserialización de datos potencialmente no fiables. Esto podría permitir que un atacante ejecute código arbitrario con permisos de aplicación RESTEasy. It was discovered that under certain conditions RESTEasy could be forced to parse a request with YamlProvider, resulting in unmarshalling of potentially untrusted data. An attacker could possibly use this flaw execute arbitrary code with the permissions of the application using RESTEasy. • http://rhn.redhat.com/errata/RHSA-2017-1255.html http://rhn.redhat.com/errata/RHSA-2017-1409.html http://www.securityfocus.com/bid/94940 http://www.securitytracker.com/id/1038524 https://access.redhat.com/errata/RHSA-2017:1253 https://access.redhat.com/errata/RHSA-2017:1254 https://access.redhat.com/errata/RHSA-2017:1256 https://access.redhat.com/errata/RHSA-2017:1260 https://access.redhat.com/errata/RHSA-2017:1410 https://access.redhat.com/errata/RHSA-2017:1411 h • CWE-20: Improper Input Validation •
CVE-2014-7839 – RESTeasy: External entities expanded by DocumentProvider
https://notcve.org/view.php?id=CVE-2014-7839
DocumentProvider in RESTEasy 2.3.7 and 3.0.9 does not configure the (1) external-general-entities or (2) external-parameter-entities features, which allows remote attackers to conduct XML external entity (XXE) attacks via unspecified vectors. DocumentProvider en RESTEasy 2.3.7 y 3.0.9 no configura las caracteristicas (1) external-general-entities o (2) external-parameter-entities, lo que permite a atacantes remotos realizar ataques de entidad externa XML (XXE) a través de vectores no especificados. It was found that the RESTEasy DocumentProvider did not set the external-parameter-entities and external-general-entities features appropriately, thus allowing external entity expansion. A remote attacker able to send XML requests to a RESTEasy endpoint could use this flaw to read files accessible to the user running the application server, and potentially perform other more advanced XML eXternal Entity (XXE) attacks. • http://rhn.redhat.com/errata/RHSA-2015-0675.html http://rhn.redhat.com/errata/RHSA-2015-0773.html http://rhn.redhat.com/errata/RHSA-2015-0850.html http://rhn.redhat.com/errata/RHSA-2015-0851.html http://secunia.com/advisories/62580 https://issues.jboss.org/browse/RESTEASY-1130 https://access.redhat.com/security/cve/CVE-2014-7839 https://bugzilla.redhat.com/show_bug.cgi?id=1165328 • CWE-20: Improper Input Validation CWE-611: Improper Restriction of XML External Entity Reference •