CVE-2021-20289

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2021-20289
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-20289.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2021-20289
Aliases
Related
Published
2021-03-26T17:15:13Z
Modified
2024-09-02T22:12:06Z
Severity
  • 5.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N CVSS Calculator
Summary
[none]
Details

A flaw was found in RESTEasy in all versions of RESTEasy up to 4.6.0.Final. The endpoint class and method names are returned as part of the exception response when RESTEasy cannot convert one of the request URI path or query values to the matching JAX-RS resource method's parameter value. The highest threat from this vulnerability is to data confidentiality.

References

Affected packages

Git / github.com/quarkusio/quarkus

Affected ranges

Type
GIT
Repo
https://github.com/quarkusio/quarkus
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
da9c57e894057f9a973297adfe94e308912b570c