Request Parameter Leakage

io.quarkus, quarkus-rest is vulnerable to Request parameter leakage. The vulnerability is due to request parameters leaking between concurrent requests due to endpoints using field injection without a CDI scope, allows an attacker to manipulate request data, impersonate users, or access sensitive...

Quarkus REST Endpoint Request Parameter Leakage Due to Shared Instance

A flaw was found in Quarkus REST that allows request parameters to leak between concurrent requests if endpoints use field injection without a CDI scope. This vulnerability allows attackers to manipulate request data, impersonate users, or access sensitive information...

CVE-2025-1247

A flaw was found in Quarkus REST that allows request parameters to leak between concurrent requests if endpoints use field injection without a CDI scope. This vulnerability allows attackers to manipulate request data, impersonate users, or access sensitive information...

CVE-2025-1247

CVE-2025-1247 affects Quarkus REST: a flaw where request parameters leak between concurrent requests when endpoints use field injection without a CDI scope. Root cause is shared per-request data in fields; attackers could manipulate data, impersonate users, or access sensitive information. Mitiga...