XXE due to insecure configuration of RestEasy
A remote attacker able to send XML requests to a REST endpoint could use this flaw to read files accessible to the user running the application server, and potentially perform other more advanced XXE attacks.