CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2011-5245

The readFrom function in providers.jaxb.JAXBXmlTypeProvider in RESTEasy before 2.3.2 allows remote attackers to read arbitrary files via an external entity reference in a Java Architecture for XML Binding (JAXB) input, aka an XML external entity (XXE) injection attack, a similar vulnerability to CVE-2012-0818.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.009

EPSS Ranking 75.0%

CVSS Severity

CVSS v2 Score 5.0

References

Products affected by CVE-2011-5245

Redhat » Resteasy » Version: N/A

cpe:2.3:a:redhat:resteasy:-
Redhat » Resteasy » Version: 1.0.0

cpe:2.3:a:redhat:resteasy:1.0.0
Redhat » Resteasy » Version: 1.0.1

cpe:2.3:a:redhat:resteasy:1.0.1
Redhat » Resteasy » Version: 1.0.2

cpe:2.3:a:redhat:resteasy:1.0.2
Redhat » Resteasy » Version: 1.1

cpe:2.3:a:redhat:resteasy:1.1
Redhat » Resteasy » Version: 1.2

cpe:2.3:a:redhat:resteasy:1.2
Redhat » Resteasy » Version: 1.2.1

cpe:2.3:a:redhat:resteasy:1.2.1
Redhat » Resteasy » Version: 2.0.0

cpe:2.3:a:redhat:resteasy:2.0.0
Redhat » Resteasy » Version: 2.0.1

cpe:2.3:a:redhat:resteasy:2.0.1
Redhat » Resteasy » Version: 2.1.0

cpe:2.3:a:redhat:resteasy:2.1.0
Redhat » Resteasy » Version: 2.2.0

cpe:2.3:a:redhat:resteasy:2.2.0
Redhat » Resteasy » Version: 2.2.1

cpe:2.3:a:redhat:resteasy:2.2.1
Redhat » Resteasy » Version: 2.2.2

cpe:2.3:a:redhat:resteasy:2.2.2
Redhat » Resteasy » Version: 2.2.3

cpe:2.3:a:redhat:resteasy:2.2.3
Redhat » Resteasy » Version: 2.3.0

cpe:2.3:a:redhat:resteasy:2.3.0
Redhat » Resteasy » Version: 2.3.1

cpe:2.3:a:redhat:resteasy:2.3.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2011-5245

Products

Pricing

Contact Us