logo

Database

Insecure generation of random numbers In org.jboss.resteasy:resteasy-bom

Description

Unsynchronized Access to Shared Data in a Multithreaded Context in RESTEasy A flaw was found in RESTEasy, where an incorrect response to an HTTP request is provided. This flaw allows an attacker to gain access to privileged information. The highest threat from this vulnerability is to confidentiality and integrity. Versions before resteasy 2.0.0.Alpha3 are affected.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem
Package
Affected version
Patched versions

Aliases

1. CVE-2020-257242. NVD-2020-257243. OSV-2020-257244. GCVE-2020-257245. ACCESS-cve-2020-25724

References

1. https://bugzilla.redhat.com/show_bug.cgi?id=18993542. https://security.netapp.com/advisory/ntap-20210702-0003

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.