Published: 25/01/2024 Updated: 17/02/2024

CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9

VMScore: 0

A flaw was found in the json payload. If annotation based security is used to secure a REST resource, the JSON body that the resource may consume is being processed (deserialized) prior to the security constraints being evaluated and applied. This does not happen with configuration based security.

Vulnerable Product	Search on Vulmon	Subscribe to Product
quarkus quarkus
quarkus quarkus 3.2.9
quarkus quarkus 2.13.9

Synopsis Important: Red Hat build of Quarkus 329SP1 release and security update Type/Severity Security Advisory: Important Topic An update is now available for Red Hat build of QuarkusRed Hat Product Security has rated this update as having a security impact ofImportant A Common Vulnerability Scoring System (CVSS) base score, which gives ...

Synopsis Important: Red Hat build of Quarkus 2139SP1 release and security update Type/Severity Security Advisory: Important Topic An update is now available for Red Hat build of Quarkus Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base score, which gi ...

DescriptionA flaw was found in the json payload If annotation based security is used to secure a REST resource, the JSON body that the resource may consume is being processed (deserialized) prior to the security constraints being evaluated and applied This does not happen with configuration based securityA flaw was found in the json paylo ...

CWE-755 https://access.redhat.com/security/cve/CVE-2023-6267 https://bugzilla.redhat.com/show_bug.cgi?id=2251155 https://access.redhat.com/errata/RHSA-2024:0494 https://access.redhat.com/errata/RHSA-2024:0495 https://access.redhat.com/errata/RHSA-2024:0495 https://nvd.nist.gov https://access.redhat.com/security/cve/cve-2023-6267

CVE-2023-6267

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect