resteasy-core is vulnerable to information disclosure. It exposes the endpoint class and method names as part of the exception response as a result of failure to convert one of the request URI path or query values to the matching JAX-RS resource method’s parameter value.