Maven package
io.quarkus/quarkus-keycloak-authorization
pkg:maven/io.quarkus/quarkus-keycloak-authorization
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-4853 | — | < 2.16.11.Final | 2.16.11.Final | Sep 20, 2023 | A flaw was found in Quarkus where HTTP security policies are not sanitizing certain character permutations correctly when accepting requests, resulting in incorrect evaluation of permissions. This issue could allow an attacker to bypass the security policy altogether, resulting i |
- CVE-2023-4853Sep 20, 2023affected < 2.16.11.Finalfixed 2.16.11.Final
A flaw was found in Quarkus where HTTP security policies are not sanitizing certain character permutations correctly when accepting requests, resulting in incorrect evaluation of permissions. This issue could allow an attacker to bypass the security policy altogether, resulting i