CVE-2012-0818: Information Exposure

November 23, 2012 (updated August 28, 2017)

RESTEasy allows remote attackers to read arbitrary files via an external entity reference in a DOM document, aka an XML external entity (XXE) injection attack.

References

issues.jboss.org/browse/RESTEASY-637
issues.jboss.org/browse/RESTEASY-647
issues.jboss.org/browse/RESTEASY-659

Code Behaviors & Features

Detect and mitigate CVE-2012-0818 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →