CVE-2020-25633

Name	CVE-2020-25633
Description	A flaw was found in RESTEasy client in all versions of RESTEasy up to ...
Source	CVE (at NVD; CERT, ENISA, LWN, oss-sec, fulldisc, Debian ELTS, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
Debian Bugs	970585, 1014983

Vulnerable and fixed packages

The table below lists information on source packages.

Source Package	Release	Version	Status
resteasy (PTS)	sid	3.6.2-4	vulnerable
resteasy3.0 (PTS)	bullseye	3.0.26-2	vulnerable
	forky, sid, bookworm, trixie	3.0.26-6	vulnerable

The information below is based on the following data on fixed versions.

Package	Type	Release	Fixed Version	Urgency	Origin	Debian Bugs
resteasy	source	(unstable)	(unfixed)			970585
resteasy3.0	source	(unstable)	(unfixed)			1014983

Notes

[trixie] - resteasy3.0 <ignored> (Minor issue, no reverse deps in Bookworm)
[bookworm] - resteasy3.0 <ignored> (Minor issue)
[bullseye] - resteasy3.0 <ignored> (Minor issue)
[buster] - resteasy3.0 <ignored> (Minor issue)
https://bugzilla.redhat.com/show_bug.cgi?id=1879042
https://issues.redhat.com/browse/RESTEASY-2721
https://issues.redhat.com/browse/RESTEASY-2728
https://issues.redhat.com/browse/RESTEASY-2781
Fixed in 3.11.3, 4.6.0, 3.14.0, 4.4.3, 3.5.9