ubuntu · CVE-2016-6345

Quick triage

View at Official ubuntu advisory, NVD, CVE.org · CVE detail

Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.

Tracker summary

CVE-2016-6345 medium priority: Ubuntu including 2 source packages (resteasy, resteasy3.0), 28 status rows across 22 suites (artful, bionic, cosmic, disco, eoan, focal, groovy, hirsute, impish, jammy, kinetic, lunar, mantic, noble, oracular, plucky, precise, trusty, upstream, xenial, yakkety, zesty): ignored 11, not-affected 10, DNE 4, released 3.

Description:

RESTEasy allows remote authenticated users to obtain sensitive information by leveraging "insufficient use of random values" in async jobs.