Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

Ubuntu 25.04 USN-7630-1 critical: RESTEasy denial of service

ubuntu
Calendar Grey July 11, 2025
Dist Ubuntu Esm H88
Numerous vulnerabilities addressed in RESTEasy highlight severe threats to user privacy and application reliability.
Several security issues were fixed in resteasy, resteasy3.0.

Summary

A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 25.04 - Ubuntu 24.10 - Ubuntu 24.04 LTS - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS Summary: Several security issues were fixed in resteasy, resteasy3.0. Software Description: - resteasy: A project that provides various frameworks to help you build RESTful Web Services and RESTful Java applications - resteasy3.0: A project that provides various frameworks to help you build RESTful Web Services and RESTful Java applications Details: It was discovered that RESTEasy made insufficient use of random values in asynchronous jobs. An attacker could possibly use this issue to steal user data. This issue only affected Ubuntu 14.04 LTS. (CVE-2016-6345) It was discovered that RESTEasy enabled a vulnerable GZIP decompression module by default. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 LTS. (CVE-2016-6346) It w...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory denial of service critical Ubuntu user data exposure resteasy

Update Instructions

The problem can be corrected by updating your system to the following package versions: Ubuntu 25.04 libresteasy-java 3.6.2-3ubuntu0.25.04.1 libresteasy3.0-java 3.0.26-6ubuntu0.25.04.1 Ubuntu 24.10 libresteasy3.0-java 3.0.26-6ubuntu0.24.10.1 Ubuntu 24.04 LTS libresteasy3.0-java 3.0.26-6ubuntu0.24.04.1 Ubuntu 22.04 LTS libresteasy3.0-java 3.0.26-3ubuntu0.1 Ubuntu 20.04 LTS libresteasy3.0-java 3.0.26-1ubuntu0.1~esm1 Available with Ubuntu Pro Ubuntu 18.04 LTS libresteasy3.0-java 3.0.26-1~18.04.1~esm1 Available with Ubuntu Pro Ubuntu 16.04 LTS libresteasy-java 3.0.6-3ubuntu0.1~esm1 Available with Ubuntu Pro In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-7630-1

CVE-2016-6345, CVE-2016-6346, CVE-2016-6347, CVE-2016-6348,

CVE-2016-7050, CVE-2020-10688, CVE-2020-1695, CVE-2020-25633,

CVE-2021-20289, CVE-2023-0482, CVE-2024-9622

Severity
critical
Lowest
Low
Medium
High
Critical

Ubuntu Security Notice USN-7630-1

Topics%20covered

Topics Covered

security advisory denial of service critical Ubuntu user data exposure resteasy

Package Information

https://launchpad.net/ubuntu/+source/resteasy/3.6.2-3ubuntu0.25.04.1 https://launchpad.net/ubuntu/+source/resteasy3.0/3.0.26-6ubuntu0.25.04.1 https://launchpad.net/ubuntu/+source/resteasy3.0/3.0.26-6ubuntu0.24.10.1 https://launchpad.net/ubuntu/+source/resteasy3.0/3.0.26-6ubuntu0.24.04.1 https://launchpad.net/ubuntu/+source/resteasy3.0/3.0.26-3ubuntu0.1

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here