Alerts This Week
Warning Icon 1 535
Alerts This Week
Warning Icon 1 535

Stay Secure with the Latest Linux Advisories

Fedora Large Esm H800
Fedora

Fedora 43 hplip Major Update Addressing Possible Arbitrary Code Execution

Calendar White Jun 02, 2026
Important
Oracle Large Esm H900
Oracle

Oracle Linux 8 Important Kernel Security Advisory ELSA-2026-21706

Calendar White Jun 02, 2026
Important
Oracle Large Esm H900
Oracle

Oracle Linux 8 httpd Important Denial of Service Vuln ELSA-2026-22140

Calendar White Jun 02, 2026
Important
Oracle Large Esm H800
Oracle

Oracle Linux 8 ELSA-2026-22315 compat-openssl10 Moderate DoS Fix

Calendar White Jun 02, 2026
moderate
Oracle Large Esm H900
Oracle

Oracle Linux 8 gnutls Important Buffer Overflow Auth Bypass ELSA-2026-20611

Calendar White Jun 03, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 20.04 LTS nginx Security Advisory for Critical DoS Vulnerabilities

Calendar White Jun 03, 2026
Critical
Ubuntu Large Esm H800
Ubuntu

Ubuntu 20.04 LTS MySQL Important Security Issues USN-8363-2

Calendar White Jun 03, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 20.04 LTS GStreamer Base Significant DoS Attack Vulnerability Alert

Calendar White Jun 03, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 26.04 LTS python-pip Moderate DoS Regression Fix USN-8344-3

Calendar White Jun 03, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -4 articles for you...
172
Ls Advisories Ubuntu Esm H240
Price Tag 1security advisorydenial of servicecritical

Ubuntu 25.04 USN-7630-1 critical: RESTEasy denial of service

Several security issues were fixed in resteasy, resteasy3.0.. ========================================================================== Ubuntu Security Notice USN-7630-1 July 10, 2025 resteasy, resteasy3.0 vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 25.04 - Ubuntu 24.10 - Ubuntu 24.04 LTS - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS Summary: Several security issues were fixed in resteasy, resteasy3.0. Software Description: - resteasy: A project that provides various frameworks to help you build RESTful Web Services and RESTful Java applications - resteasy3.0: A project that provides various frameworks to help you build RESTful Web Services and RESTful Java applications Details: It was discovered that RESTEasy made insufficient use of random values in asynchronous jobs. An attacker could possibly use this issue to steal user data. This issue only affected Ubuntu 14.04 LTS. (CVE-2016-6345) It was discovered that RESTEasy enabled a vulnerable GZIP decompression module by default. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 LTS. (CVE-2016-6346) It was discovered that RESTEasy improperly made use of unsanitized data while handling certain errors. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 14.04 LTS. (CVE-2016-6347) It was discovered that RESTEasy enabled a vulnerable JSON manipulation module by default. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 14.04 LTS. (CVE-2016-6348) It was discovered that RESTEasy enabled a vulnerable deserialization module by default. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 14.04 LTS.(CVE-2016-7050) Nikos Papadopoulos discovered that RESTEasy improperly handled URL encoding when certain errors occur. An attacker could possibly use this issue to modify the app's behavior for other users throughout the network. This issue did not affect resteasy3.0 in Ubuntu 24.04 LTS, Ubuntu 24.10, and Ubuntu 25.04. (CVE-2020-10688) Mirko Selber discovered that RESTEasy improperly validated user input during HTTP response construction. An attacker could possibly use this issue to to cause a denial of service or execute arbitrary code. This issue did not affect resteasy3.0 in Ubuntu 22.04 LTS, Ubuntu 24.04 LTS, Ubuntu 24.10, and Ubuntu 25.04. (CVE-2020-1695) It was discovered that RESTEasy improperly handled receiving the WebApplicationException during a client call. An attacker could possibly use this issue to obtain potentially sensitive server information. (CVE-2020-25633) It was discovered that RESTEasy improperly populated exception responses with endpoint class and method names. An attacker could possibly use this issue to obtain potentially sensitive server information. (CVE-2021-20289) It was discovered that RESTEasy used improper permissions when creating temporary files. An attacker could possibly use this issue to get access to sensitive data. (CVE-2023-0482) It was discovered that RESTEasy improperly handled certain HTTP requests containing ASCII control characters. An attacker could possibly use this issue to cause a denial of service. (CVE-2024-9622) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 25.04 libresteasy-java 3.6.2-3ubuntu0.25.04.1 libresteasy3.0-java 3.0.26-6ubuntu0.25.04.1 Ubuntu 24.10 libresteasy3.0-java 3.0.26-6ubuntu0.24.10.1 Ubuntu 24.04 LTS libresteasy3.0-java 3.0.26-6ubuntu0.24.04.1 Ubuntu 22.04 LTS libresteasy3.0-java 3.0.26-3ubuntu0.1 Ubuntu 20.04 LTS libresteasy3.0-java 3.0.26-1ubuntu0.1~esm1 Available with Ubuntu Pro Ubuntu 18.04 LTS libresteasy3.0-java 3.0.26-1~18.04.1~esm1 Available with Ubuntu Pro Ubuntu 16.04 LTS libresteasy-java 3.0.6-3ubuntu0.1~esm1 Available with Ubuntu Pro In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-7630-1 CVE-2016-6345, CVE-2016-6346, CVE-2016-6347, CVE-2016-6348, CVE-2016-7050, CVE-2020-10688, CVE-2020-1695, CVE-2020-25633, CVE-2021-20289, CVE-2023-0482, CVE-2024-9622 Package Information: https://launchpad.net/ubuntu/+source/resteasy/3.6.2-3ubuntu0.25.04.1 https://launchpad.net/ubuntu/+source/resteasy3.0/3.0.26-6ubuntu0.25.04.1 https://launchpad.net/ubuntu/+source/resteasy3.0/3.0.26-6ubuntu0.24.10.1 https://launchpad.net/ubuntu/+source/resteasy3.0/3.0.26-6ubuntu0.24.04.1 https://launchpad.net/ubuntu/+source/resteasy3.0/3.0.26-3ubuntu0.1 . Numerous vulnerabilities addressed in RESTEasy highlight severe threats to user privacy and application reliability.. RESTEasy vulnerabilities, Ubuntu security announcement, security updates, RESTful services, application security. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Jul 11, 2025 Critical Ubuntu
203
Ls Advisories Mageia Esm H240
Price Tag 1security advisorymoderateinput validation

Mageia 7: MGASA-2021-0039 Moderate: Resteasy HTTP Injection Issue

A flaw was found in Resteasy, where an improper input validation results in returning an illegal header that integrates into the server's response. This flaw may result in an injection, which leads to unexpected behavior when the HTTP response is constructed (CVE-2020-1695). . MGASA-2021-0039 - Updated resteasy packages fix a security vulnerability Publication date: 17 Jan 2021 URL: https://advisories.mageia.org/MGASA-2021-0039.html Type: security Affected Mageia releases: 7 CVE: CVE-2020-1695 A flaw was found in Resteasy, where an improper input validation results in returning an illegal header that integrates into the server's response. This flaw may result in an injection, which leads to unexpected behavior when the HTTP response is constructed (CVE-2020-1695). References: - https://bugs.mageia.org/show_bug.cgi?id=27794 - https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./thread/IJDMT443YZWCBS5NS76XZ7TL3GK7BXHL/ - https://www.cve.org/CVERecord?id=CVE-2020-1695 SRPMS: - 7/core/resteasy-3.0.26-2.mga7 . Mageia 2021-0040 addresses a critical issue in wildfly; improper handling opens pathways for code execution attacks in user sessions.. Mageia Security, Resteasy Issue, HTTP Injection, Security Update. . LinuxSecurity.com Team

Calendar 2 Jan 17, 2021 Mageia
Banner 1 1028x280 1708121660 1771599717
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryfedoracritical

Fedora 33: 2020-df970da9fc Critical Resteasy Header Issue

Security fix for CVE-2020-1695. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2020-df970da9fc 2020-12-09 01:15:13.907236 --------------------------------------------------------------------------------Name : resteasy Product : Fedora 33 Version : 3.0.26 Release : 6.fc33 URL : https://resteasy.dev/ Summary : Framework for RESTful Web services and Java applications Description : RESTEasy contains a JBoss project that provides frameworks to help build RESTful Web Services and RESTful Java applications. It is a fully certified and portable implementation of the JAX-RS specification. --------------------------------------------------------------------------------Update Information: Security fix for CVE-2020-1695 --------------------------------------------------------------------------------ChangeLog: * Mon Nov 30 2020 Alexander Scheel - 3.0.26-6 - CVE-2020-1695: Improper validation of response header in MediaTypeHeaderDelegate.java class Resolves: rh-bz#1845547 --------------------------------------------------------------------------------References: [ 1 ] Bug #1730462 - CVE-2020-1695 resteasy: Improper validation of response header in MediaTypeHeaderDelegate.java class https://bugzilla.redhat.com/show_bug.cgi?id=1730462 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2020-df970da9fc' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announcemailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ . Important security patch addressing flawed response header validation in resteasy for Fedora 33, mitigating CVE-2020-1695.. Fedora Updates, Java Security, RESTEasy Framework. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Dec 08, 2020 Critical Fedora
200
Ls Advisories Scientific Esm H240
Price Tag 1security advisorysoftware updateremote code execution

Scientific Linux SL7: 2016:2604-2 Important: Resteasy Deserialization Risk

Important: resteasy-base security and bug fix update. Date: Wed, 14 Dec 2016 17:50:37 -0000 Reply-To: scientific-linux-users@ Sender: Security Errata for Scientific Linux From: Scott Reid Subject: Security ERRATA Important: resteasy-base on SL7.x (noarch) MIME-Version: 1.0 Message-ID: Synopsis: Important: resteasy-base security and bug fix update Advisory ID: SLSA-2016:2604-2 Issue Date: 2016-11-03 CVE Numbers: CVE-2016-7050 -- Security Fix(es): * It was discovered that under certain conditions RESTEasy could be forced to parse a request with SerializableProvider, resulting in deserialization of potentially untrusted data. An attacker could possibly use this flaw to execute arbitrary code with the permissions of the application using RESTEasy. (CVE-2016-7050) Additional Changes: -- SL7 noarch resteasy-base-3.0.6-4.el7.noarch.rpm resteasy-base-atom-provider-3.0.6-4.el7.noarch.rpm resteasy-base-client-3.0.6-4.el7.noarch.rpm resteasy-base-jackson-provider-3.0.6-4.el7.noarch.rpm resteasy-base-javadoc-3.0.6-4.el7.noarch.rpm resteasy-base-jaxb-provider-3.0.6-4.el7.noarch.rpm resteasy-base-jaxrs-3.0.6-4.el7.noarch.rpm resteasy-base-jaxrs-all-3.0.6-4.el7.noarch.rpm resteasy-base-jaxrs-api-3.0.6-4.el7.noarch.rpm resteasy-base-jettison-provider-3.0.6-4.el7.noarch.rpm resteasy-base-providers-pom-3.0.6-4.el7.noarch.rpm resteasy-base-resteasy-pom-3.0.6-4.el7.noarch.rpm resteasy-base-tjws-3.0.6-4.el7.noarch.rpm - Scientific Linux Development Team . Important security notice: A vital update for resteasy-base has been released for SL7.x systems. Please read on for comprehensive information regarding this crucial advisory.. resteasy security update, Scientific Linux, critical security patch. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Dec 14, 2016 Important Scientific Linux
Banner 1 1028x280 1708121660 1771599717
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryfedorasecurity fix

Fedora: 2014-16845 Critical: RESTEasy XXE Security Update

Security fix for CVE-2014-3490. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2014-16845 2014-12-13 08:32:35 -------------------------------------------------------------------------------- Name : resteasy Product : Fedora 20 Version : 3.0.6 Release : 3.fc20 URL : https://resteasy.dev/ Summary : Framework for RESTful Web services and Java applications Description : RESTEasy contains a JBoss project that provides frameworks to help build RESTful Web Services and RESTful Java applications. It is a fully certified and portable implementation of the JAX-RS specification. -------------------------------------------------------------------------------- Update Information: Security fix for CVE-2014-3490 -------------------------------------------------------------------------------- ChangeLog: * Wed Dec 10 2014 Ade Lee - 3.0.6-3 - Add fix for CVE-2014-3490 * Tue Jan 14 2014 Marek Goldmann - 3.0.6-2 - Support for Netty 4 in Rawhide * Fri Jan 10 2014 Marek Goldmann - 3.0.6-1 - Upstream release 3.0.6.Final -------------------------------------------------------------------------------- References: [ 1 ] Bug #1107901 - CVE-2014-3490 RESTEasy: XXE via parameter entities https://bugzilla.redhat.com/show_bug.cgi?id=1107901 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update resteasy' at the command line. For more information, refer to "Managing Software with yum", available at . All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailinglist This email address is being protected from spambots. You need JavaScript enabled to view it. https://lists.fedoraproject.org/admin/lists/package-announce.lists.fedoraproject.org/ . Protection update for RESTEasy CVE-2014-3490 is released with Fedora 20 upgrade. Safeguard your system's safety today!. RESTEasy Security,Fedora Security Fix,Java Application Security,RESTful Web Services. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Apr 24, 2015 Critical Fedora
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here