CVE-2021-20289 vulnerability in Red Hat and Other Products
Published on March 26, 2021
A flaw was found in RESTEasy in all versions of RESTEasy up to 4.6.0.Final. The endpoint class and method names are returned as part of the exception response when RESTEasy cannot convert one of the request URI path or query values to the matching JAX-RS resource method's parameter value. The highest threat from this vulnerability is to data confidentiality.
Weakness Type
Generation of Error Message Containing Sensitive Information
The software generates an error message that includes sensitive information about its environment, users, or associated data.
Products Associated with CVE-2021-20289
You can be notified by email with stack.watch whenever vulnerabilities like CVE-2021-20289 are published in these products:
Exploit Probability
EPSS
0.09%
Percentile
25.23%
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.