CVE-2012-0818

Exposure of Sensitive Information to an Unauthorized Actor in maven/org.jboss.resteasy/resteasy-client

Identifiers

GHSA-wrrh-g7h3-gqmx, CVE-2012-0818

Package Slug

maven/org.jboss.resteasy/resteasy-client

Vulnerability

Exposure of Sensitive Information to an Unauthorized Actor

Description

RESTEasy before 2.3.1 allows remote attackers to read arbitrary files via an external entity reference in a DOM document, aka an XML external entity (XXE) injection attack.

Affected Versions

All versions before 2.3.1

Solution

Upgrade to version 2.3.1 or above.

Last Modified

2022-07-26

source