RESTEasy before 2.3.1 allows remote attackers to read arbitrary files via an external entity reference in a DOM document, aka an XML external entity (XXE) injection attack.

References

rhn.redhat.com/errata/RHSA-2012-0441.html

rhn.redhat.com/errata/RHSA-2012-0519.html

rhn.redhat.com/errata/RHSA-2012-1056.html

rhn.redhat.com/errata/RHSA-2012-1057.html

rhn.redhat.com/errata/RHSA-2012-1058.html

rhn.redhat.com/errata/RHSA-2012-1059.html

rhn.redhat.com/errata/RHSA-2012-1125.html

rhn.redhat.com/errata/RHSA-2014-0371.html

rhn.redhat.com/errata/RHSA-2014-0372.html

secunia.com/advisories/47818

secunia.com/advisories/47832

secunia.com/advisories/48697

secunia.com/advisories/48954

secunia.com/advisories/50084

secunia.com/advisories/57716

secunia.com/advisories/57719

www.osvdb.org/78679

www.securityfocus.com/bid/51748

www.securityfocus.com/bid/51766

bugzilla.redhat.com/show_bug.cgi?id=785631

exchange.xforce.ibmcloud.com/vulnerabilities/72808

issues.jboss.org/browse/RESTEASY-637

nessus 8

veracode 2

prion 3

osv 3

cve 3

nvd 3

redhat 10

github 3

mageia 1

cvelist 2

openvas 3

centos 1

nessus

RHEL 6 : Storage Server (RHSA-2013:1263)

2014-11-17 00:00:00

RHEL 5 / 6 : resteasy (RHSA-2012:1059)

2013-01-24 00:00:00

RHEL 5 / 6 / 7 : JBoss EAP (RHSA-2014:1040)

2014-08-13 00:00:00

veracode

XML External Entity (XXE) To Read Files

2019-01-15 08:54:05

Arbitrary File Access With External Entities

2019-01-15 08:58:57

prion

Xxe

2012-11-23 20:55:00

Xxe

2012-11-23 20:55:00

Xxe

2014-08-19 18:55:00

osv

Exposure of Sensitive Information to an Unauthorized Actor in RESTEasy

2022-05-17 01:49:58

Incorrect Privilege Assignment in RESTEasy

2022-05-14 01:18:38

Exposure of Sensitive Information to an Unauthorized Actor in RESTEasy

2022-05-17 01:50:09

cve

CVE-2012-0818

2012-11-23 20:55:02

CVE-2011-5245

2012-11-23 20:55:02

CVE-2014-3490

2014-08-19 18:55:02

nvd

CVE-2012-0818

2012-11-23 20:55:02

CVE-2014-3490

2014-08-19 18:55:02

CVE-2011-5245

2012-11-23 20:55:02

redhat

(RHSA-2013:1263) Moderate: Red Hat Storage Console 2.1 security update

2013-09-16 00:00:00

(RHSA-2012:1058) Moderate: resteasy security update

2012-07-05 00:00:00

(RHSA-2012:1059) Moderate: resteasy security update

2012-07-05 00:00:00

github

Exposure of Sensitive Information to an Unauthorized Actor in RESTEasy

2022-05-17 01:49:58

Exposure of Sensitive Information to an Unauthorized Actor in RESTEasy

2022-05-17 01:50:09

Incorrect Privilege Assignment in RESTEasy

2022-05-14 01:18:38

mageia

Updated resteasy package fix CVE-2014-3490

2014-12-26 20:04:58

cvelist

CVE-2014-3490

2014-08-19 18:00:00

CVE-2011-5245

2012-11-23 20:00:00

openvas

Mageia: Security Advisory (MGASA-2014-0547)

2022-01-28 00:00:00

RedHat Update for resteasy-base RHSA-2014:1011-01

2014-08-06 00:00:00

CentOS Update for resteasy-base CESA-2014:1011 centos7

2014-09-10 00:00:00

centos

resteasy security update

2014-08-06 14:38:38

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

AI Score

6.6

Confidence

Low

EPSS

0.004

Percentile

72.8%

JSON

Related for CVELIST:CVE-2012-0818