5 matches found
CVE-2024-12225
creationtimestamp| type| source ---|---|--- 2025-05-06 20:21:20+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/15216 2025-05-06 22:26:58+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lojwinmu3w22 2025-05-07 00:31:32+00:00| seen| https://t.me/cvedetector/24656...
CVE-2024-12225
A vulnerability was found in Quarkus in the quarkus-security-webauthn module. The Quarkus WebAuthn module publishes default REST endpoints for registering and logging users in while allowing developers to provide custom REST endpoints. When developers provide custom REST endpoints, the default...
CVE-2024-12225
CVE-2024-12225 affects Quarkus, specifically the quarkus-security-webauthn module. The vulnerability arises because default REST endpoints for user registration/login remain accessible when developers add custom endpoints, potentially allowing an attacker to obtain a login cookie with no correspo...
CVE-2024-12225 Io.quarkus:quarkus-security-webauthn: quarkus webauthn unexpected authentication bypass
A vulnerability was found in Quarkus in the quarkus-security-webauthn module. The Quarkus WebAuthn module publishes default REST endpoints for registering and logging users in while allowing developers to provide custom REST endpoints. When developers provide custom REST endpoints, the default...
CVE-2024-12225
A vulnerability was found in Quarkus in the quarkus-security-webauthn module. The Quarkus WebAuthn module publishes default REST endpoints for registering and logging users in while allowing developers to provide custom REST endpoints. When developers provide custom REST endpoints, the default...