Vulners
Lucene search
CVE-2023-6394 Quarkus: graphql operations over websockets bypass
| Reporter | Title | Published | Views | Family All 18 |
|---|---|---|---|---|
 | The vulnerability of the WebSocket technology in the Quarkus Java framework allows attackers to gain unauthorized access to protected information and enhance their privileges. | 14 Dec 202300:00 | – | bdu_fstec |
 | CVE-2023-6394 | 1 Jan 202407:56 | – | circl |
 | Quarkus Security Vulnerabilities | 8 Dec 202300:00 | – | cnnvd |
 | CVE-2023-6394 | 9 Dec 202301:26 | – | cve |
 | EUVD-2023-3250 | 3 Oct 202520:07 | – | euvd |
 | Authorization bypass in Quarkus | 9 Dec 202303:30 | – | github |
 | CVE-2023-6394 | 9 Dec 202302:15 | – | nvd |
 | CVE-2023-6394 | 9 Dec 202302:15 | – | osv |
| GHSA-MVC8-6FFP-JRX5 Authorization bypass in Quarkus | 9 Dec 202303:30 | – | osv |
 | Authentication flaw | 9 Dec 202302:15 | – | prion |
10
[
{
"vendor": "Red Hat",
"product": "Red Hat build of Quarkus 2.13.9.Final",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "io.quarkus/quarkus-smallrye-graphql",
"defaultStatus": "affected",
"versions": [
{
"version": "2.13.9.Final-redhat-00002",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:quarkus:2.13"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat build of Quarkus 3.2.9.Final",
"collectionURL": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html",
"packageName": "io.quarkus/quarkus-smallrye-graphql",
"defaultStatus": "affected",
"versions": [
{
"version": "3.2.9.Final-redhat-00002",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:quarkus:3.2::el8"
]
}
]Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
24 Mar 2026 11:28Current
9.3High risk
Vulners AI Score9.3
CVSS 3.17.4
EPSS0.00807