Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Red Hat Build Of Quarkus 3.2.9.Final Security Vulnerabilities

cve
cve

CVE-2023-5675

A flaw was found in Quarkus. When a Quarkus RestEasy Classic or Reactive JAX-RS endpoint has its methods declared in the abstract Java class or customized by Quarkus extensions using the annotation processor, the authorization of these methods will not be enforced if it is enabled by either...

6.5CVSS

6.3AI Score

0.0004EPSS

2024-04-25 04:15 PM
83
cve
cve

CVE-2023-6267

A flaw was found in the json payload. If annotation based security is used to secure a REST resource, the JSON body that the resource may consume is being processed (deserialized) prior to the security constraints being evaluated and applied. This does not happen with configuration based...

9.8CVSS

9.2AI Score

0.001EPSS

2024-01-25 07:15 PM
141
cve
cve

CVE-2023-6394

A flaw was found in Quarkus. This issue occurs when receiving a request over websocket with no role-based permission specified on the GraphQL operation, Quarkus processes the request without authentication despite the endpoint being secured. This can allow an attacker to access information and...

9.1CVSS

8.9AI Score

0.001EPSS

2023-12-09 02:15 AM
63