CVE-2016-6345

Published: Sep 7, 2016
Updated: May 9, 2024
CVE: <a href="https://nvd.nist.gov/vuln/detail/CVE-2016-6345" target="_blank" rel="noopener"> CVE-2016-6345
GHSA: <a href="https://github.com/advisories/GHSA-vxhj-3x7p-jxp5" target="_blank" rel="noopener"> GHSA-vxhj-3x7p-jxp5
Severity: Medium
Exploit:

RESTEasy allows remote authenticated users to obtain sensitive information by leveraging "insufficient use of random values" in async jobs.

CVSS v3:

CVSS v2:

CWEs:

Software	From	Fixed in
org.jboss.resteasy / resteasy-client	-	3.0.20.Final
org.jboss.resteasy / resteasy-client	3.1.0.Beta1	3.1.0.CR1