CVE-2020-25724

A flaw was found in RESTEasy, where an incorrect response to an HTTP request is provided. This flaw allows an attacker to gain access to privileged information. The highest threat from this vulnerability is to confidentiality and integrity. Versions before resteasy 2.0.0.Alpha3 are affected.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:redhat:resteasy:*:*:*:*:*:*:*:*
cpe:2.3:a:redhat:resteasy:2.0.0:alpha1:*:*:*:*:*:*
cpe:2.3:a:redhat:resteasy:2.0.0:alpha2:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:a:quarkus:quarkus:*:*:*:*:*:*:*:*

History

21 Nov 2024, 05:18

Type Values Removed Values Added
References () https://bugzilla.redhat.com/show_bug.cgi?id=1899354 - Issue Tracking, Vendor Advisory () https://bugzilla.redhat.com/show_bug.cgi?id=1899354 - Issue Tracking, Vendor Advisory
References () https://security.netapp.com/advisory/ntap-20210702-0003/ - Third Party Advisory () https://security.netapp.com/advisory/ntap-20210702-0003/ - Third Party Advisory

Information

Published : 2021-05-26 21:15

Updated : 2024-11-21 05:18


NVD link : CVE-2020-25724

Mitre link : CVE-2020-25724

CVE.ORG link : CVE-2020-25724


JSON object : View

Products Affected

quarkus

  • quarkus

redhat

  • resteasy
CWE
CWE-567

Unsynchronized Access to Shared Data in a Multithreaded Context