5

CVE-2012-0818

RESTEasy before 2.3.1 allows remote attackers to read arbitrary files via an external entity reference in a DOM document, aka an XML external entity (XXE) injection attack.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
RedhatResteasy Version <= 2.3.0
RedhatResteasy Version1.0.0
RedhatResteasy Version1.0.1
RedhatResteasy Version1.0.2
RedhatResteasy Version1.1
RedhatResteasy Version1.2
RedhatResteasy Version2.0.0
RedhatResteasy Version2.0.1
RedhatResteasy Version2.1.0
RedhatResteasy Version2.2.0
RedhatResteasy Version2.2.1
RedhatResteasy Version2.2.2
RedhatResteasy Version2.2.3
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 3.21% 0.865
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:P/I:N/A:N
CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

http://secunia.com/advisories/50084
Vendor Advisory
http://rhn.redhat.com/errata/RHSA-2012-0441.html
Vendor Advisory
http://rhn.redhat.com/errata/RHSA-2012-0519.html
Vendor Advisory
http://secunia.com/advisories/48697
http://secunia.com/advisories/48954
http://rhn.redhat.com/errata/RHSA-2012-1125.html
Vendor Advisory
http://rhn.redhat.com/errata/RHSA-2012-1056.html
Vendor Advisory
http://rhn.redhat.com/errata/RHSA-2012-1057.html
Vendor Advisory
http://rhn.redhat.com/errata/RHSA-2012-1058.html
Vendor Advisory
http://rhn.redhat.com/errata/RHSA-2012-1059.html
Vendor Advisory
http://rhn.redhat.com/errata/RHSA-2014-0371.html
http://rhn.redhat.com/errata/RHSA-2014-0372.html
http://secunia.com/advisories/47832
Vendor Advisory
http://secunia.com/advisories/57716
http://secunia.com/advisories/57719
http://www.securityfocus.com/bid/51766
https://bugzilla.redhat.com/show_bug.cgi?id=785631
https://exchange.xforce.ibmcloud.com/vulnerabilities/72808
http://secunia.com/advisories/47818
Vendor Advisory
http://www.osvdb.org/78679
http://www.securityfocus.com/bid/51748
https://issues.jboss.org/browse/RESTEASY-637
Patch