Lucene search
K

8 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2023-6267

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the json payload. If annotation based security is used to secure a REST resource, the JSON body that the resource may consume is being...

9.8CVSS6.8AI score0.00719EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2024/03/07 9:24 a.m.18 views

Security Bulletin: security vulnerabilities are addressed with IBM Business Automation Insights iFix for February 2023.

Summary Security vulnerabilities are addressed with IBM Business Automation Insights 23.0.2-IF002. Vulnerability Details CVEID:CVE-2023-6267 DESCRIPTION: Quarkus could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in the json payload when...

9.8CVSS7.7AI score0.00797EPSS
Exploits1Affected Software1
vulnersOsv
vulnersOsv
added 2024/01/25 9:32 p.m.6 views

ai.pipestream.module:module-chunker (=0.1.1), ai.pipestream.module:module-echo (=0.1.1) +710 more potentially affected by CVE-2023-6267 via io.quarkus.resteasy.reactive:resteasy-reactive (>=3.0.0.Final <=3.2.8.Final)

io.quarkus.resteasy.reactive:resteasy-reactive MAVEN version =3.0.0.Final, =0.0.2, =0.1.1, =0.2.0, =0.2.0, =0.1.1, =0.1.7, =1.21.0, =1.28.0 and more Source cves: CVE-2023-6267 Source advisory: OSV:GHSA-8J3X-W35R-RW4R...

9.8CVSS7.2AI score0.00719EPSS
Exploits0
Circl
Circl
added 2024/01/25 7:31 p.m.6 views

CVE-2023-6267

creationtimestamp| type| source ---|---|--- 2024-01-25 19:31:51+00:00| seen| https://t.me/ctinow/173729 2024-01-25 20:26:08+00:00| seen| https://t.me/ctinow/173773 2024-02-17 23:21:42+00:00| seen| https://t.me/ctinow/187071...

9.8CVSS8.6AI score0.00719EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/01/25 6:12 p.m.1 views

CVE-2023-6267 Quarkus: json payload getting processed prior to security checks when rest resources are used with annotations.

A flaw was found in the json payload. If annotation based security is used to secure a REST resource, the JSON body that the resource may consume is being processed deserialized prior to the security constraints being evaluated and applied. This does not happen with configuration based security...

8.6CVSS7AI score0.00719EPSS
Exploits0References4
Cvelist
Cvelist
added 2024/01/25 6:12 p.m.41 views

CVE-2023-6267 Quarkus: json payload getting processed prior to security checks when rest resources are used with annotations.

A flaw was found in the json payload. If annotation based security is used to secure a REST resource, the JSON body that the resource may consume is being processed deserialized prior to the security constraints being evaluated and applied. This does not happen with configuration based security...

8.6CVSS9.5AI score0.00719EPSS
Exploits0References4
CVE
CVE
added 2024/01/25 6:12 p.m.198 views

CVE-2023-6267

CVE-2023-6267 affects Quarkus: a deserialization flaw in the json payload when REST resources are secured with annotation-based security can allow remote code execution. Deserialization occurs before security checks, unlike configuration-based security. Affected records corroborate an unsafe-dese...

9.8CVSS9.2AI score0.00719EPSS
Exploits0References4Affected Software1
RedHat Linux
RedHat Linux
added 2024/01/25 1:52 p.m.47 views

Important: Red Hat Security Advisory: Red Hat build of Quarkus 3.2.9.SP1 release and security update

An update is now available for Red Hat build of Quarkus. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability. For more informatio...

9.8CVSS6.9AI score0.00719EPSS
Exploits0References5
Rows per page
Query Builder