Published: 06/12/2023 Updated: 12/12/2023

CVSS v3 Base Score: 5.3 | Impact Score: 3.6 | Exploitability Score: 1.6

VMScore: 0

A flaw was found in the Quarkus Cache Runtime. When request processing utilizes a Uni cached using @CacheResult and the cached Uni reuses the initial "completion" context, the processing switches to the cached Uni instead of the request context. This is a problem if the cached Uni context contains sensitive information, and could allow a malicious user to benefit from a POST request returning the response that is meant for another user, gaining access to sensitive data.

Vulnerable Product	Search on Vulmon	Subscribe to Product
redhat build of quarkus -

Synopsis Important: Red Hat build of Quarkus 2139 release and security update Type/Severity Security Advisory: Important Topic An update is now available for Red Hat build of QuarkusRed Hat Product Security has rated this update as having a security impact ofModerate A Common Vulnerability Scoring System (CVSS) base score, which gives ade ...

NVD-CWE-noinfo https://access.redhat.com/security/cve/CVE-2023-6393 https://bugzilla.redhat.com/show_bug.cgi?id=2253113 https://access.redhat.com/errata/RHSA-2023:7700 https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2023-6393

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect