PT-2020-16141 · Red Hat+4 · Resteasy+4

Published

2020-09-18

Updated

2025-08-07

CVE-2020-25633

CVSS v3.1

5.3

Medium

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Name of the Vulnerable Software and Affected Versions RESTEasy versions prior to 4.5.6.Final

Description A flaw was found in the RESTEasy client that may allow client users to obtain the server's potentially sensitive information when the server receives a WebApplicationException from the RESTEasy client call. The highest threat from this issue is to data confidentiality.

Recommendations For versions prior to 4.5.6.Final, update to version 4.5.6.Final or later to resolve the issue.

Fix

Generation of Error Message Containing Sensitive Information

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-209

Related Identifiers

BDU:2025-11755

CVE-2020-25633

GHSA-HR32-MGPM-QF2F

RHSA-2021:0246

RHSA-2021:0247

RHSA-2021:0248

RHSA-2021:1313

USN-7351-1

USN-7630-1

Affected Products

Debian

Linuxmint

Resteasy

Red Os

Ubuntu

PT-2020-16141 · Red Hat+4 · Resteasy+4

CVE-2020-25633

Weakness Enumeration

Related Identifiers

Affected Products

References · 29