Maven package
io.quarkus.resteasy.reactive/resteasy-reactive
pkg:maven/io.quarkus.resteasy.reactive/resteasy-reactive
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-1726 | Med | 5.3 | >= 3.8.0.CR1, < 3.8.0 | 3.8.0 | Apr 25, 2024 | A flaw was discovered in the RESTEasy Reactive implementation in Quarkus. Due to security checks for some JAX-RS endpoints being performed after serialization, more processing resources are consumed while the HTTP request is checked. In certain configurations, if an attacker has | |
| CVE-2023-6267 | — | < 2.13.9.Final | 2.13.9.Final | Jan 25, 2024 | A flaw was found in the json payload. If annotation based security is used to secure a REST resource, the JSON body that the resource may consume is being processed (deserialized) prior to the security constraints being evaluated and applied. This does not happen with configurati |
- affected >= 3.8.0.CR1, < 3.8.0fixed 3.8.0
A flaw was discovered in the RESTEasy Reactive implementation in Quarkus. Due to security checks for some JAX-RS endpoints being performed after serialization, more processing resources are consumed while the HTTP request is checked. In certain configurations, if an attacker has
- CVE-2023-6267Jan 25, 2024affected < 2.13.9.Finalfixed 2.13.9.Final
A flaw was found in the json payload. If annotation based security is used to secure a REST resource, the JSON body that the resource may consume is being processed (deserialized) prior to the security constraints being evaluated and applied. This does not happen with configurati