Lucene search
K

12 matches found

vulnersOsv
vulnersOsv
added 2024/04/25 6:30 p.m.11 views

com.github.mcollovati:quarkus-hilla-commons-deployment (>=2.4.1 <=2.5.0-alpha2), com.github.mcollovati:quarkus-hilla-deployment (>=2.0.0 <=2.5.0-alpha2) +51 more potentially affected by CVE-2023-5675 via io.quarkus:quarkus-resteasy-reactive-common-deployment (>=3.3.0 <=3.6.8)

io.quarkus:quarkus-resteasy-reactive-common-deployment MAVEN version =3.3.0, =2.4.1, =2.0.0, =2.4.1, =0.32.0, =0.32.0, =0.0.0, =0.5.0, =0.2.0, =0.6.3, =0.1.0, =0.1.0, =0.1.0, =0.7.1 and more Source cves: CVE-2023-5675 So...

6.5CVSS6.5AI score0.00458EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2024/04/25 6:30 p.m.7 views

io.quarkiverse.cxf:quarkus-cxf-integration-test-hc5 (>=2.7.0 <=2.7.0.CR2), io.quarkiverse.renarde:quarkus-renarde (>=3.0.8 <=3.0.9) +64 more potentially affected by CVE-2023-5675 via io.quarkus:quarkus-resteasy-reactive-common (>=3.7.0 <=3.7.0.CR1)

io.quarkus:quarkus-resteasy-reactive-common MAVEN version =3.7.0, =2.7.0, =3.0.8, =3.0.8, =3.0.8, =3.0.8, =3.0.8, =3.0.8, =3.0.8, =3.0.8, =3.0.8, =3.0.8, =3.0.8, =3.0.8, =3.0.8, =3.0.8, =3.0.9 and more Source cves: CVE-2023-5675 Source advisory: OSV:GHSA-25W4-HFQG-4R52...

6.5CVSS6.5AI score0.00458EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2024/04/25 6:30 p.m.10 views

br.com.labbs:quarkus-monitor-reactive-deployment (=1.0.4), com.github.mcollovati:quarkus-hilla-deployment (>=1.0.0 <=2.0.0-alpha1) +44 more potentially affected by CVE-2023-5675 via io.quarkus:quarkus-resteasy-reactive-common-deployment (>=1.11.0.Beta1 <=3.2.0.Final)

io.quarkus:quarkus-resteasy-reactive-common-deployment MAVEN version =1.11.0.Beta1, =1.0.0, =0.8.0, =0.8.0, =1.0.0, =1.0.3, =0.0.1, =1.0.1, =1.0.0, =1.0.0, =1.30.0, =1.1.1.Final, =2.13.0.CR1, =3.2.0.Final and more Source cves: CVE-2023-5675 Source advisory: OSV:GHSA-25...

6.5CVSS6.5AI score0.00458EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2024/04/25 6:30 p.m.7 views

br.com.labbs:quarkus-monitor-reactive (=1.0.4), br.com.labbs:quarkus-monitor-reactive-deployment (=1.0.4) +237 more potentially affected by CVE-2023-5675 via io.quarkus:quarkus-resteasy-reactive-common (>=1.11.0.Beta1 <=3.2.0.Final)

io.quarkus:quarkus-resteasy-reactive-common MAVEN version =1.11.0.Beta1, =1.0.2, =1.0.2, =1.0.2, =1.3.2, =1.0.132, =1.0.132, =1.0.133, =1.0.42, =1.0.42, =1.0.42, =1.3.2, =1.0.22, =1.0.22, =1.3.3 and more Source cves: CVE-2023-5675 Source advisory: OSV:GHSA-25W4-HFQG-4R52...

6.5CVSS6.5AI score0.00458EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2024/04/25 6:30 p.m.6 views

cn.sliew:carp-ageiport-server (>=0.0.10 <=0.0.14), com.abavilla:fpi-bot-api (>=1.8.1 <=1.8.5) +190 more potentially affected by CVE-2023-5675 via io.quarkus:quarkus-resteasy-reactive-common (>=3.3.0 <=3.6.8)

io.quarkus:quarkus-resteasy-reactive-common MAVEN version =3.3.0, =0.0.10, =1.8.1, =1.8.1, =1.8.6, =1.8.6, =1.9.0, =1.9.0, =1.10.1, =1.10.1, =1.0.29, =1.0.29, =1.6.1, =1.6.1, =1.5.1, =1.5.1, =1.6.0 and more Source cves: CVE-2023-5675 Source advisory: OSV:GHSA-25W4-HFQG-4R52...

6.5CVSS6.5AI score0.00458EPSS
Exploits0
Chainguard
Chainguard
added 2024/04/25 4:15 p.m.30 views

CVE-2023-5675 vulnerabilities

Vulnerabilities for packages: keycloak, keycloak-fips...

6.4CVSS6.6AI score0.00458EPSS
Exploits0
Wolfi
Wolfi
added 2024/04/25 4:15 p.m.41 views

CVE-2023-5675 vulnerabilities

Vulnerabilities for packages: keycloak...

6.4CVSS6.8AI score0.00458EPSS
Exploits0
CVE
CVE
added 2024/04/25 3:44 p.m.130 views

CVE-2023-5675

CVE-2023-5675 affects Quarkus RestEasy Classic/Reactive JAX-RS endpoints where methods are declared in abstract classes or altered by extensions via annotation processors; authorization may not be enforced when quarkus.security.jaxrs.deny-unannotated-endpoints or quarkus.security.jaxrs.default-ro...

6.5CVSS6.3AI score0.00458EPSS
Exploits0References4
Cvelist
Cvelist
added 2024/04/25 3:44 p.m.35 views

CVE-2023-5675 Quarkus: authorization flaw in quarkus resteasy reactive and classic when "quarkus.security.jaxrs.deny-unannotated-endpoints" or "quarkus.security.jaxrs.default-roles-allowed" properties are used.

A flaw was found in Quarkus. When a Quarkus RestEasy Classic or Reactive JAX-RS endpoint has its methods declared in the abstract Java class or customized by Quarkus extensions using the annotation processor, the authorization of these methods will not be enforced if it is enabled by either...

6.5CVSS6.6AI score0.00458EPSS
Exploits0References4
IBM Security Bulletins
IBM Security Bulletins
added 2024/03/07 9:24 a.m.18 views

Security Bulletin: security vulnerabilities are addressed with IBM Business Automation Insights iFix for February 2023.

Summary Security vulnerabilities are addressed with IBM Business Automation Insights 23.0.2-IF002. Vulnerability Details CVEID:CVE-2023-6267 DESCRIPTION: Quarkus could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in the json payload when...

9.8CVSS7.7AI score0.00797EPSS
Exploits1Affected Software1
RedhatCVE
RedhatCVE
added 2024/01/25 6:12 p.m.20 views

CVE-2023-5675

A flaw was found in Quarkus. When a Quarkus RestEasy Classic or Reactive JAX-RS endpoint has its methods declared in the abstract Java class or customized by Quarkus extensions using the annotation processor, the authorization of these methods will not be enforced if it is enabled by either...

6.5CVSS6.4AI score0.00458EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2024/01/25 1:52 p.m.47 views

Important: Red Hat Security Advisory: Red Hat build of Quarkus 3.2.9.SP1 release and security update

An update is now available for Red Hat build of Quarkus. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability. For more informatio...

9.8CVSS6.9AI score0.00719EPSS
Exploits0References5
Rows per page
Query Builder